• Hello.

    From my logs:

    54.236.1.13 POST /wp-admin/admin-ajax.php – Blocked access to admin-ajax.php – [bot detection is enabled]

    but 54.236.1.13 is “crawl-54-236-1-13.pinterest.com”.

    So am i blocking Pinterest and probably other needed crawlers?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Yes, you are.
    This policy allows only your server and yourself (while your are logged-in) to connect back to the admin-ajax.php script, and will block bots. If you need the pinterest.com bot to connect to it, disable the policy.

    barneyzbln

    (@barneyzbln)

    Hi!
    Are the attacks blocked even if it is not explicitly stated in the log file?
    For example, I found the entries below in my log file. Were these blocked by the firewall?

    #1949438  CRITICAL  1540  172.104.183.220  GET /wp-admin/admin-ajax.php - Unauthenticated action - [REQUEST:action = duplicator_download]
    #5664348  HIGH       310  172.104.183.220  GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:file = ../wp-config.php]
    
    #6520312  HIGH       310  91.121.82.163    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:file = ../wp-config.php]
    #7243699  HIGH       310  91.121.82.163    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:img = ../wp-config.php]
    #3742363  CRITICAL     1  91.121.82.163    GET /index.php - Directory traversal - [GET:mla_download_file = ../../../../wp-config.php]
    Plugin Author nintechnet

    (@nintechnet)

    There were blocked. As indicated below the log, it shows all threats that were blocked by the firewall, unless stated otherwise.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.