Custom rules for “Smart Block” mode issue
-
Custom rules for “Smart Block” mode does not work properly. I blocked several plugins by this feature, but it still shows me in the Query Monitor plugin HTTP API Calls that they have HTTP Request and unfortunately they are not completely blocked and their Status is 200 OK.
-
Hmm, this can happen if plugins are loaded and performed remote requests before “HTTP Requests Manager” loaded.
To prevent such behavior I should force loading of this plugin before all other plugins. Probably with mu-plugin (must use plugin) functionality.
I will think about it for next release.
Thank you for reporting.
Added priority loading to plugin via MU plugin functionality. When enabled, plugin should load before other plugins and detect/manage/block as much requests as possible.
Priority loading released with version 1.3.1.
Regards.
This is a great enhancement but it’s not enough. Because the 3s rule still works in smart mode even if there is a bypass rule. For example requests to my own domain, being excluded with a “exclude all” rule, are timing out however because the smart blocking.
You should add at least another checkbox to the create rule form to allow the call always avoinding this way the timeouts. There are some task that takes more than three seconds and that are being blocked right now by the plugin.
The message displayed into the HTTP requests manager log is this:
“Error: cURL error 28: Operation timed out after 2003 milliseconds with 0 bytes received”
and there is also a
“allow: domain: https://www.whatever.com – allow in: everywhere”
into the same entry. So this is a wrong behavior from the HTTP requests manager plugin.
I selected the Block external requests (allow www.remarpro.com only) option and also checked the Enable priority loading with Must-Use plugin feature option. I turned it on, but except for the www.remarpro.com site, other paths still have a status of 200 OK !!!
That may work if there is a fast response before the plugin filter timeout but doesn’t work in other case. There is no way right now to make a hole into the plugin filter to let pass the local domain or any other being specified.
That’s why I’ve suggested to add a new check box or whatever to allow bypassing the filter and to avoid the timeouts like it happened to me.
In my case I’m using a cache warmer plugin and it stops working as soon as I enable the smart block in HTTP requests plugin.
What do you think @veppa ?
I’ve noticed something weird. When I change from “smart block” to “only log http requests” then the error changed:
Error:?cURL error 28: Operation timed out after 5002 milliseconds with 0 bytes received
So the timeout is not the same. There is clearly something that this plugin is interfering with the requests when they shouldn’t be blocked
When this plugin is active with a “smart block” or the “block any” modes, then there is troubles with the loopback and other necessary services that shouldn’t be blocked. It’s supposed than creating a rule to exclude calls to the own domain this shouldn’t happen, but it doesn’t. The plugin is interferring in some way because there is no troubles as soon as I deactivate it.
- This reply was modified 6 months, 3 weeks ago by fidoboy.
@fidoboy your case is different than original thread starter.
You have 2 part question.
First part
Request timeout in 2 seconds even if it is has “always” “allow” rule.
I released version 1.3.3 that removes “smart block” limitation from requests that have custom rule “allow”. In your case 2 second timeout will not be applied to requests to your own domain because you added it as “allow” rule.
I experinced similar problem with “allow” rule limitation here https://veppa.com/debug-wp_http/#backup-error then fixed bug in plugin version 1.3.3.
Then second part
When you switched to “only log” mode request to your domain timed out in 5 seconds.
This 5 second timeout is default for all requests in WordPress. Which is defined by WordPress. It is not altered by “HTTP Requests Manager” plugin whfn using “only log” mode.
In this case request timed out because it didn’t get any response from you server in 5 seconds. This happens when responding server is busy. It is normal. And plugin does not alter or limit any communication in “only log” mode. It just logs requests.
Hope this clarification helps.
Please start separate thread if you have other issues.
Regards.
Very interesting case. From screenshot I can see that 2 secont timeout applied. So plugin works partially.
Then other part that blocks requests is not executed.
My guess is first plugin “nfwplus” firewall removes related hook added by “HTTP Requests Manager”. Then all other requests pass without being blocked as well.
Once hook removed nothing will be blocked.
Which is sad. Because you cannot control other requests (by other plugins or core ) as well on your own WordPress website.
I have not seen their code.
Also I do not want to force add that blocking hook back. We both use default WordPress features. I add they remove.
Only thing I can do probably add some message showing that hook was removed by other plugin. And blocking or logging will not work. So other users will know why my plugin is not working as expected.
Thank you for reporting and screenshot. It helped a lot.
Regards.
Recently in version 1.3.4 I added force blocking to “Block external requests” and “Block external requests (allow www.remarpro.com only)” modes using wordpress constants. Now other plugins cannot remove that block.
For “Smart block” I have another idea that can force blocking rules. Will check it soon and keep you updates.
- You must be logged in to reply to this topic.