Why ban 127.0.0.1?

  • wgroenewold

    (@wgroenewold)


    8 years, 8 months ago

    Hi,

    We just discovered (the hard way :/) that if you have caching and SSL termination on your server all traffic looks like it’s coming from 127.0.0.1 according to iThemes Security. With the default config it then terminates all traffic from that IP for 15 minutes after a few wrong logins from WP users.

    It would be nice to make a notification for this when you detect this kind of configuration or even add it by default to the whitelist.

Viewing 3 replies - 1 through 3 (of 3 total)
  • pronl

    (@pronl)

    8 years, 8 months ago

    @wgroenewold

    You are saying:

    With the default config …

    So you changed the default config by permanently whitelisting the 127.0.0.1 ip address ?
    If so, did you make any other specific changes to the iTSec plugin settings to solve this issue ?

    Thread Starter wgroenewold

    (@wgroenewold)

    8 years, 8 months ago

    Nope, didn’t change anything further. Just whitelisted 127.0.0.1 since that’s the source of all traffic with this config.

    pronl

    (@pronl)

    8 years, 8 months ago

    @wgroenewold

    There may be a better solution than whitelisting 127.0.0.1

    Please provide me with the URL of the site and I’ll have a short look at it.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Why ban 127.0.0.1?’ is closed to new replies.