Support » Plugin: IP Geo Block » https problem IP Geo Block

  • Resolved cybergirl

    (@cybergirl)



    As my page is not secured by https, I’m having some false blocks, when useres are coming from Google.
    HTTP_REFERER=https://www.google.de/,HTTP_UPGRADE_INSECURE_REQUESTS=1,
    How to disable the HTTP_UPGRADE_INSECURE_REQUESTS in geop IP block plugin ?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @cybergirl,

    As my page is not secured by https, I’m having some false blocks, when useres are coming from Google.

    Well, I’m not sure about your country, but do you mean you want to block the users coming from the search results in google.de? If the users coming from the blacklisted country (or the country not in the whitelist), this plugin works as you expected.

    How to disable the HTTP_UPGRADE_INSECURE_REQUESTS in geop IP block plugin ?

    Do you mean you want to block it? If so, I don’t understand the reason. It helps to avoid mixed-content warnings. Please refer to Upgrade Insecure Requests Sample.

    Hi tokkonopapa,

    no. I want just the opposite. IP Geo Block is blocking users like this:

    Request GET[80]:/prestashop-1-5-x-eigene-php-ini/
    User agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
    HTTP headers HTTP_REFERER=https://www.google.de/,HTTP_UPGRADE_INSECURE_REQUESTS=1,HTTP_X_ACCEL_INTERNAL=/internal-nginx-static-location,HTTP_X_REAL_IP=62.91.64.158
    $_POST data

    For my understanding, please confirm: If I make changes on settings and don’t clear cache, than the country will be blocked. Is this the reason for that false blockings ?

    And what’s about this reason: HTTP_X_IMFORWARDS=20 It was also a German IP. Do you have any info material what this HTTP_X_IMFORWARDS means ? It is a server error, or what ? On server error logs I didn’t find anything.

    • This reply was modified 8 months, 1 week ago by  .
    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @cybergirl,

    Sorry my misunderstanding about “false blocking”, but yet I’d confirm something about your situation.

    The access

    GET[80]:/prestashop-1-5-x-eigene-php-ini/

    seems that someone in German visited to your site from the search engine results by https://google.de/. However, IPGB blocked it against your settings.

    ==> Am I true?

    If your settings can accept the country GE, one possibility may be in “UA string and qualification“.

    To confirm the reason, I have some questions:

    1. Can you still find the above access in Logs? What does the “Result” column says, “blocked” or others?
    2. The country code of the above IP address was GE?
    3. Does your server always set the variable HTTP_X_REAL_IP? I’d like to know the value of HTTP_X_REAL_IP can always be trusted or not.
    4. Could you check your rules in “UA string and qualification“? Or let me know them.

    Regarding to your question, I never know HTTP_X_IMFORWARDS. Nor does the google. Can you always find it in Logs?

    Basically, user agent (e.g. browser, bot, …) can send an arbitrary named HTTP header. So I think it was set by the user agent, and I think you can ignore it.

    Thanks for your information.

    • This reply was modified 8 months, 1 week ago by  tokkonopapa.
    • This reply was modified 8 months, 1 week ago by  tokkonopapa. Reason: Add question No.4
    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi,

    I forgot to answer your question:

    For my understanding, please confirm: If I make changes on settings and don’t clear cache, than the country will be blocked. Is this the reason for that false blockings ?

    The IP address cache of IPGB holds the country code and the number of fails to login. So I can’t find any cause of your issue.

    By the way, I found the information about the HTTP header named “X-IMForwards” in here. It may be set by some kind of firewall on IIS server.

    Please refer to https://www.aqtronix.com/ and ask to your server admin.

    • This reply was modified 8 months, 1 week ago by  tokkonopapa.

    Hi,

    seems that the false blocking was due to some cache. DE is now working.
    I’m on VPS network. I’m not using any kind of firewall. The network is secured against DDOS. Before users can access to my page they must pass a kind of honeypot. Perhaps this script is forcing Real IP. I don’t know in 100%.

    I’m not on IIS server. I’m on Apache latest version and ngnix proxied. Strange this one lock I had… I also never seen this type of HTTP Header X-Imforwards. Perhaps really some kind of browser specialty…
    I’m myself the server admin… As stated before, error logs also checked and no entry. Quite strange thing. But it was only one block with this kind of protocol. So I will only keep an eye on it for now.

    Thank you for your help. Problem of false blocking was solved after all caches emptied.

    Conny

    • This reply was modified 8 months, 1 week ago by  .
    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi Conny,

    Thank you for your feedback. If you find something strange, please let me know.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘https problem IP Geo Block’ is closed to new replies.