plugin detects host server each time cron runs

  • Resolved ptarver

    (@ptarver)


    7 years, 8 months ago

    So far, I like what I’ve seen from the plugin. But I’m getting some weird results that I wanted to see if you could help clear up.

    I run a shared server with several WordPress websites. I’ve installed your plugin on all of those sites. With one site, I’m seeing some cron job run on average about every 1 to 2 minutes and each time it does, I get an email notification from your plugin detecting my server as a bot.

    Any ideas or suggestions of what is going on? I’ve got Wordfence installed, anti-spam and other tools that are not detecting anything. I’ve updated all passwords, salt keys, etc. I’ve virus scanned the folder and found nothing.

    Any hints would be appreciated.
    Thanks!
    Paul

    https://wordpress.org/plugins/stopbadbots/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter ptarver

    (@ptarver)

    7 years, 8 months ago

    Update: Ok, I found the pattern. If the domain name contains any portion of the search string, then you get a false positive.

    Example 1: any domain that contains the word “pioneer” will trigger the “pioneer” string in the bad bots table.

    Example 2: any domain that contains the word ‘yes’ will trigger the “yes/1.1” string in the bad bots table.

    Example 3: any domain that end in “es.net” will trigger the “ES.NET” string in the bad bots table.

    The short term work around seems to be to disable those bad bot checks that create a false positive. I’m not even sure this could be addressed in the code since it appears that the match method is “contains”.

    Any other suggestions?
    Thanks!
    paul

    Plugin Author Bill Minozzi

    (@sminozzi)

    7 years, 8 months ago

    Hi Paul,

    This plugin don’t have any cron job.

    If you take a look at your email inbox, you will find emails with the String Found.

    Then, you can disable that bot if they match with your domain name bot created by wordpress.

    Regards,

    Bill

    Thread Starter ptarver

    (@ptarver)

    7 years, 8 months ago

    I didn’t say that your program had a cron job. What I was said was that when the regular cron runs or when the cron routine is executed (ie whenever someone hits any page), it creates activity that your plugin detects as a false positive because the header contains a match with the bad bots table.

    My suggested fix was to disable the bot that matches, but my question was whether if there was a better solution.

    Now that you’ve confirmed that as being the best solution, I’ll go with that as my resolution.

    Thanks!
    Paul

    Plugin Author Bill Minozzi

    (@sminozzi)

    7 years, 7 months ago

    Hi Paul,

    Yes, the best solution is disable that bot at table.

    Regards,

    Bill

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘plugin detects host server each time cron runs’ is closed to new replies.