• dimal

    (@dimalifragis)


    Hello.

    From my logs:

    54.236.1.13 POST /wp-admin/admin-ajax.php – Blocked access to admin-ajax.php – [bot detection is enabled]

    but 54.236.1.13 is “crawl-54-236-1-13.pinterest.com”.

    So am i blocking Pinterest and probably other needed crawlers?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Yes, you are.
    This policy allows only your server and yourself (while your are logged-in) to connect back to the admin-ajax.php script, and will block bots. If you need the pinterest.com bot to connect to it, disable the policy.

    Hi!
    Are the attacks blocked even if it is not explicitly stated in the log file?
    For example, I found the entries below in my log file. Were these blocked by the firewall?

    #1949438  CRITICAL  1540  172.104.183.220  GET /wp-admin/admin-ajax.php - Unauthenticated action - [REQUEST:action = duplicator_download]
    #5664348  HIGH       310  172.104.183.220  GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:file = ../wp-config.php]
    
    #6520312  HIGH       310  91.121.82.163    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:file = ../wp-config.php]
    #7243699  HIGH       310  91.121.82.163    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:img = ../wp-config.php]
    #3742363  CRITICAL     1  91.121.82.163    GET /index.php - Directory traversal - [GET:mla_download_file = ../../../../wp-config.php]
    Plugin Author nintechnet

    (@nintechnet)

    There were blocked. As indicated below the log, it shows all threats that were blocked by the firewall, unless stated otherwise.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Blocked access to admin-ajax.php’ is closed to new replies.