Exclude IP from Traffic Inspector

  • Resolved Michael

    (@michaelurbain)


    6 years, 2 months ago

    Hi,
    i’m user of Gravityscan service and i saw that some of their requests are blocked by Trafic Inspector when they scan for specific php files like /searchreplacedb2.php or similar vulnerable ones.
    I could add these specific URL to the new white list of Trafic Inspector but this list could be extended to test new vulnerabilities at any time.
    I already added their IPs range to white IP access list 68.64.48.0 – 68.64.48.31 but it does not have impact on Traffic Inspector (not sure if these 2 tools are linked).
    Is there a way to let their servers do the job as expected without being blocked by Traffic Inspector? Does the block made by Traffic Inspector also blocks the all scan process?
    Regards and thanks for this great tool 😉

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author gioni

    (@gioni)

    6 years, 2 months ago

    Hi! What version do you use? Please install the latest development version, a bug with ranges has been fixed: https://wpcerber.com/development-version-6-1-3/

    Thread Starter Michael

    (@michaelurbain)

    6 years, 2 months ago

    I’m on latest stable. Gonna try the dev one tonight and will report back. Thanks Gioni

    Thread Starter Michael

    (@michaelurbain)

    6 years, 2 months ago

    Hi, i installed latest dev version 6.1.4 and it seems ok. No records at all in traffic inspector from Gravictyscan IPs.

    I setted up traffic inspector to log all traffic, unchecked ignore crawlers, checked save request fields and nothing appears in live traffic logs except my own login and logout (my IP is also in whitelist like Gravityscan ones). Nothing seems to be blocked because IPs are on whitelist (Cerber lets them do their job) but is it a normal behaviour that nothing is logged at all?

    Regards

    Plugin Author gioni

    (@gioni)

    6 years, 2 months ago

    If you’ve set Traffic Inspector to log all traffic, it logs all incoming requests. No exceptions any kind even if an IP is whitelisted. If you don’t see a particular activity, no requests have been made. Probably, after getting a set of request prohibited responses they decided make a pause in scanning.

    Thread Starter Michael

    (@michaelurbain)

    6 years, 2 months ago

    Thanks for reply. Don’t think so, i launched 2 scans manually this morning and they ended normally. When error occurs, it’s mentioned that scan has been terminated.

    I’ve just removed Gravityscan IPs from whitelist and now traffic inspector logs access, got logs in activity, lockouts… But it does not seem to block access to Gravityscanner (based on a PHP script on my server called accelerator)…

    Plugin Author gioni

    (@gioni)

    6 years, 2 months ago

    I don’t see traffic on your site, so I can’t comment on that. It seems everything is fine now. Anyway, of something goes wrong, use these instructions: https://wpcerber.com/wordpress-traffic-inspector-how-to/

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Exclude IP from Traffic Inspector’ is closed to new replies.