@stanlight We may consider changing the wording in the plugin at some point but I can’t make any promises about that. It would be great if we could focus on solving your technical issue instead of discussing what has been said before. Can you please try adding a * before the banned URL and see if it gets blocked when visited via your servers IP then? Thanks!
@yet-another-wp-user */*/wp-admin/* will work for that (just tested real quick to make sure) but please note that this will be at your own risk. 😉 I would not recommend blocking anything that has wp-admin in it due to the risk of making a typo and locking yourself out. I’m writing that for the benefit of other people who may be reading this thread in the future. You are welcome to use any patterns you like on your own site of course.
Anonymous User 9948090
(@anonymized-9948090)
@wfasa
I understand and I’m using same but I still have one doubt.
According to Wordfence documentation, the banned URL must start with /, then why you recommend using * at the beginning?
What is the difference between using following:
*/*/wp-admin/*
and
/*/wp-admin/*
I’m using second one and many other similar banned URLs. Should I replace all those banned URLs with * at the beginning?
@yet-another-wp-user Adding * to the beginning is for making it match regardless of domain which is what the original poster was asking about. Since you were in the same thread, I assumed you were in the same situation. If you are not then /*/wp-admin/* will work.
As I have mentioned, * is not part of the URL. It’s an expression that is evaluated. I would not recommend adding * to the beginning of all banned URLs unless you are having the issue that the original poster had.
@stanlight…It would be great if we could focus on solving your technical issue instead of discussing what has been said before
That’s very kind, but the horse has left the stables.
At much time, expense (and arguments with my hosting company) I have found a solution elsewhere and blocked visitors from accessing any of my folders or pages via the site’s IP. I had to do that because @wfyann’s original reply gave this as the solution to my problem:
What I can suggest here is that you configure your web server to not respond to IP-based requests.
So you can understand why I keep returning to this original advice!
Separately, I must admit I was planning to go for your paid option to cover my numerous WordPress sites. However, despite having sent a pricing related enquiry to your pre-sales@ email address several days ago, I do not have a reply. Is this the kind of delays paying customers experience with their support queries? My email was sent on the 9th and had this as the subject: “Question about pricing” (if you care to chase it).
@stanlight I agree with yann that unless your site needs to be accessible via the IP-address for some reason, it should not be accessible via the IP address. So that sounds good.
We did not receive a ticket on the 9th titled “Question about pricing”. It looks like perhaps you sent it to a non existing email? It should be presales@wordfence.com and not pre-sales@wordfence.com. If you try presales@wordfence.com you’ll get a reply within 24 hours on business days.
Best of luck for now!
Hi @wfasa I did send it to presales, not pre-sales. My last post had a typo.
https://image.ibb.co/dRbqsS/wordfence.png
you’ll get a reply within 24 hours on business days
Your presales people haven’t replied within 24 or 48 or 72 hours. Am happy to forward my email / provide the headers if you care to give me an alternate email to send it to. And you can investigate what went wrong. (My IP and domain are clean and not on any spam blacklists. I have SPIF, DKIM, reverse PTR, everything!)
May I repeat my previous question: Is this the kind of delays paying customers experience with their support queries?
@stanlight We haven’t replied because we haven’t received your message. I’m afraid as per WordPress.org forum rules we are not allowed to discuss Wordfence Premium here. Please try another email to presales@wordfence.com and cc: asa@wordfence.com.
Going to set this thread as resolved now. If you have any other questions or concerns, please just start a new thread. Thanks!
I’ve given up on Wordfence Premium – they still haven’t responded to my emails enquiries with respect pricing. So, don’t discuss it if you want, but be aware that I have decided against paying for Wordfence because of the non-response.
To everybody else, if you are planning on upgrading to Premium mainly for the ability to block by country, you don’t need to do that any more. Country blocking facility is now available for cPanel and WHM via cPHulk (free). Go research it.
There’s another advantage to using cPHulk for this – it’s different to Wordfence in one respect. When someone hits your site and is blocked cPHulk doesn’t use it as an opportunity to advertise itself and – yikes! – tell the attacker what software it is that’s blocking him … and why. (See this discussion: https://wordpress.org/support/topic/how-to-change-the-default-wf-text-served-on-the-503/)
I was happy to pay for Premium for a while, then the negatives overcame the positives and I upgraded to the free version. Indeed, the inability to easily use custom blocking messages was one of the deal breakers. Thanks for the suggestion on server level country blocking, that might be perfect! Also IQ Block Country plugin has been working well for us on a number of WordPress sites. I sent some money his way a while ago, probably will do so again, now that I’m not paying Wordfence, which was a bit pricey in my opinion even before they began ruining it. MTN
