• Resolved eddyferns

    (@eddyferns)


    How is Nginx rate limiting different from Ninjafirewall for wp-login and xml-rpc protection?

    • This topic was modified 1 month, 3 weeks ago by eddyferns.
Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author nintechnet

    (@nintechnet)

    NinjaFirewall doesn’t limit the number of HTTP requests a visitor can make. Instead, it monitors all HTTP requests, regardless of the IP. That means that it will trigger the protection even if it is a distributed attack coming from hundreds/thousands of different IP addresses.

    Thread Starter eddyferns

    (@eddyferns)

    What kind of protection is available in NinjaFirewall Rate Limiting?

    What happens if Nginx Rate Limiting and NinjaFirewall Rate Limiting is implemented?

    Is Rate Limiting available only in the NinjaFirewall WP+ Edition?

    Plugin Author nintechnet

    (@nintechnet)

    The Rate Limiting option available in the WP+ Edition is similar to Nginx: it monitors every IP address and will block the one that reaches the threshold. Using both protections together would be redundant, unless they have a different configuration.

    Thread Starter eddyferns

    (@eddyferns)

    In the WP+ Edition, is it possible to implementing Rate Limiting specifically to wp-login.php and xmlrpc.php?

    And once the IP address is blocked is it possible to unblock it manually and automatically?

    Does the Rate Limiting work on Apache servers?

    Plugin Author nintechnet

    (@nintechnet)

    The login protection (WP and WP+) is the only rate limiting feature that can be used specifically for the wp-login.php and xmlrpc.php scripts.

    In the WP+ Rate Limiting feature, IP addresses are temporarily banned, and they can be unblocked by clicking either the “Save Access Control Directives” or “Restore Default Values” buttons in the “Access Control” page. That will flush the cache used to store those IP addresses.
    It does work on Apache too.

    Thread Starter eddyferns

    (@eddyferns)

    What other rate limiting feature is in the WP+ besides wp-login.php and xmlrpc.php scripts?

    Plugin Author nintechnet

    (@nintechnet)

    Rate limiting the wp-login.php and xmlrpc.php scripts is part of the Login Protection in the WP and WP+.
    The WP+ rate limiting will monitor all HTTP requests sent to any PHP script.

Viewing 7 replies - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.