Support » Plugin: All In One WP Security & Firewall » Blacklist & logs still not working

  • I’ve been using this plugin now for a couple of weeks. During this time, I’ve identified and added numerous IP’s and subnets to the blacklist. As noted in previous comments here, however, many IP’s are bypassing the blacklist and continue to access the sites, as evidenced by repeat 403 access events.

    Also as noted in previous comments, the logs are not working at all. These issues have been previously noted as far back as a year ago and acknowledged here, yet NOTHING HAS BEEN DONE and each postr has been closed for additional comments.

    THIS IS UNACCEPTABLE.

    I’ve reviewed my settings and they are correct. I’ve confirmed that multiple (dozens) of correctly blocked IP’s are being allowed to access the site. I’ve reviewed settings in light of suggestions by the devs.

    I’ve also confirmed that none of the “fixes” (basically disable/re-enable or uninstall/reinstall) have any affect on the problems. These are CORE FUNCTIONS of a security program and THEY ARE NOT WORKING.

    How can you expect me to pay you for additional features when the current ones are not working?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, thank you for getting back to us in regards to your questions/issues.

    In regards to the IP’s bypassing your settings, have you enabled one of the following options mentioned below? These settings can be found under WP Security -> Firewall -> Basic Firewall Rules.


    Completely Block Access To XMLRPC:
    Disable Pingback Functionality From XMLRPC:

    Also are you using any type of CDN in your site in regards to the IP address issue?

    In regards to the log files, did you enable Debug settings? This is located under WP Security -> Settings -> General Settings tab.

    Thank you

    These are almost exactly the same responses you offered this question last year, yet they did not provide any solution. Yes, I have used the plugin with both of the XMLRPC options enabled and alternatively disabled as well. I did not enable debugging. Is debugging required to be enabled in order for any logs to be written?

    Either way, I’m not sure why this is an issue. If I block an IP or subnet in .htaccess it is supposed to be blocked… yes? XML-RPC functions should be irrelevant to a blocked IP address.

    I also note that theplugin is doing double-entry in the .htaccess files, one entry is using the soon to be deprecated format, the other is the new apache 2.4 (I think) format using “Required”. This seems like a potential problem. Either way, you’ve lost my confidence on this one. No way I can trust this plugin moving forward. UNistalled is the best solution.

    Plugin Author wpsolutions

    (@wpsolutions)

    I also note that theplugin is doing double-entry in the .htaccess files, one entry is using the soon to be deprecated format, the other is the new apache 2.4 (I think) format using “Required”. This seems like a potential problem

    No it’s not a problem because only the relevant code which is applicable to your Apache version will run.

    Did you also have 6G rules active? If so there is currently a bug whereby one of the lines in the 6G rules is allowing the IP addresses. I am in the process of addressing this.

    No way I can trust this plugin moving forward. UNistalled is the best solution.

    Thanks for your feedback and for at least trying this plugin.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Blacklist & logs still not working’ is closed to new replies.