WordPress.org

Forums

All In One WP Security & Firewall
High server CPU with proxy login (4 posts)

  1. haleeben
    Member
    Posted 1 year ago #

    Hey guys

    I'm staying at a hotel and used their wifi to try to login to WordPress.

    After I entered my details it would just load the login page again without any error message.

    Then after a short amount of time I got notices from my server that the CPU was up to 90% ( it is usually around < 10% ).

    After alot of debugging and mucking around I realised it was caused by the option Forbid Proxy Comment Posting.

    Removing the code below from the .htaccess file solved the problem.

    #AIOWPS_FORBID_PROXY_COMMENTS_START
    RewriteCond %{REQUEST_METHOD} =POST
    RewriteCond %{HTTP:VIA}%{HTTP:FORWARDED}%{HTTP:USERAGENT_VIA}%{HTTP:X_FORWARDED_FOR}%{HTTP:PROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION}%{HTTP:HTTP_PC_REMOTE_ADDR}%{HTTP:HTTP_CLIENT_IP} !^$
    RewriteCond %{REQUEST_URI} !^/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).* [NC]
    RewriteRule .* - [F,NS,L]
    #AIOWPS_FORBID_PROXY_COMMENTS_END

    I'm presuming it has something to do with the hotel wifi internet access using a proxy.

    https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. mbrsolution
    Member
    Plugin Contributor

    Posted 1 year ago #

    Hi haleeben, yes it might have to do with the wifi proxy settings in the hotel however that should not increase your sever CPU so much. I don't receive any spike in my server and I also have that security option enabled.

    Do you have any other security plugin installed?

    Regards.

  3. Thomas O.
    Member
    Posted 1 year ago #

    I'm pretty sure that code is a bit in error. You cannot concatenate conditions like that. You could use atomic back references to do a comparison, but it still wouldn't work like that.

    Also, using the "everything pattern" at the end of a string is not needed, because it means the same thing whether it is there or not. So why use it?

    And I'm not aware of any proxy condition using HTTP headers that would be an internal request. So you shouldn't need the NS flag. Nor should you need the L flag, because L is assumed with F.
    http://httpd.apache.org/docs/2.2/rewrite/flags.html#flag_f

    RewriteCond %{REQUEST_METHOD} ^POST
    RewriteCond %{HTTP:VIA} !^$ [OR]
    RewriteCond %{HTTP:FORWARDED} !^$ [OR]
    RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_HOST} !^$ [OR]
    RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
    RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
    RewriteCond %{REQUEST_URI} !^/wp-(login.php|admin/|content/plugins/|includes/) [NC]
    RewriteRule .* - [F]

    I've included a bonus condition in there if you can find it. :)

    But that brings up another question. If you're only wanting to use this with comments, why use that request_uri condition. Why not just make it for the file itself. This code below is much smoother:

    RewriteCond %{REQUEST_METHOD} ^POST
    RewriteCond %{HTTP:VIA} !^$ [OR]
    RewriteCond %{HTTP:FORWARDED} !^$ [OR]
    RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_HOST} !^$ [OR]
    RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
    RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
    RewriteRule wp-comments-post\.php - [F]
  4. mra13
    Member
    Plugin Author

    Posted 1 year ago #

    @Thomas, Thank you for the good suggestions. We will make some changes to this feature.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic