Customer IP blocked after adding to cart

I’m having an issue where WP Cerber blocks legitimate customers from adding items to their cart and checking out. This has been ongoing for about a month, and after researching other threads and making adjustments, it still happens.

Right now it seems to be triggered by the traffic inspector, although for good measure I followed the recommendations in this thread to whitelist “/?wc-ajax=get_refreshed_fragments”. I have safe mode enabled (all AJAX). I’ve also turned off anti-spam engine for registration, comment and other forms. I only have recaptcha enabled (around the same time as this issue started happening as I was receiving a lot of of bot registrations).

Still, it seems to be an issue in traffic inspector. Here are the logs from one legitimate customer who was locked out:

xx.x.xx.xxx
	June 27, 2022, 1:52 am	
Form submission denied IP address is locked out
/shop/product-category/product-name

xx.x.xx.xxx
June 27, 2022, 1:39 am
Malicious request denied IP address is locked out
/wp-content/plugins/woocommerce-cart-add-ons/assets/css/frontend.css

xx.x.xx.xxx
	June 27, 2022, 1:39 am	
Form submission denied IP address is locked out
/

xx.x.xx.xxx
June 27, 2022, 1:39 am
IP blocked Multiple erroneous requests`

At this point I’m at a loss as to what else I can do. I’ve been whitelisting IPs as I go, but this is still costing me a lot of money to have customers who can’t checkout. I suspect if I disable traffic inspector, then the issue will be resolved, but then it just seems pointless to have the plugin at all if I’m not using the main features.

Is there anything else I can do to stop these false positives?

• This topic was modified 1 year, 9 months ago by jpsnyder.