dont block bad robot, fake traffic - [Solid Security – Password, Two Factor Authentication, and Brute Force Protection] Review | WordPress.org

rodolpheb98
(@rodolpheb98)

7 years, 4 months ago
I have a lot of 404 errors, the plugin does not block bad bot, fake traffic, …

Here are some examples :

/wp-content/upgrade/theme-compat/popup-pomo.php
/wp-login.php
/xmlrpc.php
/?author=1
/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php

I can’t block the Ip 0.0.0.0
- This topic was modified 7 years, 4 months ago by rodolpheb98.

Viewing 3 replies - 1 through 3 (of 3 total)

Thread Starter rodolpheb98
(@rodolpheb98)

7 years, 4 months ago

/.well-known/apple-app-site-association
/apple-app-site-association
/wp-content/plugins/revslider/temp/update_extract/revslider/db.php
/wp-content/plugins/formcraft/file-upload/server/php/upload.php
/wp-content/plugins/simple-ads-manager/js/slider/tmpl.js
/.well-known/assetlinks.json
/up.php
/xGSx.php
/wp-content/cache/wpfc-minified/52b84048a9bd9578ed3e0be16a74c36e/1477371751index…
/upload.php
/hetlerx.php
/what-is/
/wp-config.php.save
/administrator/?option=com_login
/fr/hxrbsyireigr.html
/fr/bvosvztpvuafapsg.html
/fr/fonts.googleapis.com

tobivreal
(@tobivreal)

7 years, 3 months ago

Obviously the plugin can’t prevent 404 errors. But you can set a host lockout after a certain number of 404s. If you want to avoid to avert 404 from probes altogether, you’ll have to use an external service.

pronl
(@pronl)

7 years, 3 months ago

@rodolpheb98

I can’t block the Ip 0.0.0.0

Why not ?

Like @tobivreal says, if 404 Detection is enabled the host IP can be permanently banned by the iTSec plugin.
You can also try and block the requests in the Banned Users module if the requests have the same distinct HTTP_USER_AGENT all the time …

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘dont block bad robot, fake traffic’ is closed to new replies.

In: Reviews
3 replies
3 participants
Last reply from: pronl
Last activity: 7 years, 3 months ago