autodiscover.xml from client ip

  • Resolved sagency

    (@sdagency)


    5 years, 10 months ago

    Our client’s IP address is hitting theirdomain.com/autodiscover/autodiscover.xml thousands of times. They are being blocked by Wordfence from seeing their own pages. I think this has to do with Outlook Exchange or something.

    How do I stop this?

    Do I add /autodiscover/autodiscover.xml to the whitelist URLs? If so what do I put in for the parameter type and param name?

    Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter sagency

    (@sdagency)

    5 years, 10 months ago

    Seems this might be related to Outlook Exchange. Help? What can I do in the settings to get around this? It’s coming from the client IP so I can’t block them.

    WFSupport

    (@wfsupport)

    5 years, 10 months ago

    It is related to Outlook and it is very annoying. There isn’t anything you can do to stop Outlook from sending those requests.

    Since this is the client’s IP address is the one sending them to the site adding autodiscover.xml to the Whitelisted 404 URLs option on the Firewall > All Firewall Rules page in the Rate Limiting Section. That would keep the business from getting blocked but you still have to deal with the visits. This search may help the client turn it off or on.

    I hope this helps.

    Tim

    Thread Starter sagency

    (@sdagency)

    5 years, 10 months ago

    Thanks. I tried adding, but in my original question…

    If so what do I put in for the parameter type and param name?

    Thread Starter sagency

    (@sdagency)

    5 years, 9 months ago

    Problem seems to be related to how Outlook offsite servers are configured. We tried working with Microsoft Support and they could never resolve the problem. ALl of the DNS and MX records were set correctly to Microsoft specs yet something consistentely requests the autodiscover.xml file (or the fallback files like AutoDiscover.xml) 5-10 times a minute.

    The best we could do was install this in .htaccess to treat the 404 as a 403. We also created a dummy folder autodiscover with an autodiscover.xml blank file inside. If anyone has the answer or improvements on the workaround it would be MUCH appreciated.

    # BLOCK NUISANCE REQUESTS
    # perishablepress.com/block-nuisance-requests
    <IfModule mod_alias.c>
    RedirectMatch 403 (?i)/autodiscover/autodiscover.xml
    RedirectMatch 403 (?i)autodiscover.clientdomain.com/autodiscover/autodiscover.xml
    RedirectMatch 403 (?i)mail.clientdomain.com/Microsoft-Server-ActiveSync
    </IfModule>
    <Files 403.shtml>
    order allow,deny
    allow from all
    </Files>

    • This reply was modified 5 years, 9 months ago by sagency.
Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘autodiscover.xml from client ip’ is closed to new replies.

Tags