• Resolved usermambo24

    (@usermambo24)


    Hello,

    I am getting the following a lot, either from the same ip address or different ones:

    “87.247.158.120

    /wp-admin/admin-ajax.php?action=async_litespeed&litespeed_type=crawler

    United Arab Emirates

    Backend”

    And this is being blocked by my iQ Block plugin; Should this be allowed or is it another phishing attempt?

    Thank you

Viewing 12 replies - 1 through 12 (of 12 total)
  • Plugin Support litetim

    (@litetim)

    The ajax request is legit, it is included in LSC ??
    Are you from United Arab Emirates ? or the server is there?

    Thread Starter usermambo24

    (@usermambo24)

    Hello,

    Thank you for your response.
    No I am not from the United Arab Emirates.

    My website serves North Africa, so not sure if that’s what LS is doing!

    In this case, shall I whitelist the ip address?

    Is there a reason for it to access the backend?


    Also, I am getting lots of these messages:

    09/11/24 17:10:26 – OC – Redis connect exception: Connection refused
    09/11/24 17:10:26 – OC – Failed to connect Redis server!

    Thank you

    • This reply was modified 2 months, 2 weeks ago by usermambo24.
    • This reply was modified 2 months, 2 weeks ago by usermambo24.
    Plugin Support litetim

    (@litetim)

    @usermambo24 Let’s finish 1 at a time.
    As I said beforre the AJAX link is from LSC, is legit, I am not sure if it should come from United Emirates. Please allow me few more time to gather more info and I will gfive you a final answer

    The Redis connection error message comes from: https://docs.litespeedtech.com/lscache/lscwp/cache/#object-tab You can remove them by fixing the Redis connection details(or make sure redis is working) or disable object cache.

    Thread Starter usermambo24

    (@usermambo24)

    Much appreciated.

    Here is my my report number:

    OGRHQRNS

    For information, I am using Hostinger as hosting provider.

    Thank you

    • This reply was modified 2 months, 2 weeks ago by usermambo24.
    Plugin Support litetim

    (@litetim)

    As long as the IP of request, is the same as your server, eveything is ok.
    If not, it means it is a bot accessing(not sucsessfully) the crawler ajax link

    Thread Starter usermambo24

    (@usermambo24)

    Thank you for your reply.

    Unfortunately, I’ve allowed the request on the backend, so not sure what the risks if any?

    What is the purpose of this crawler and why does it need access to the backend?

    I’ve re-setup the website using backup, I suppose there shouldn’t be any issues?

    Thank you

    Plugin Support litetim

    (@litetim)

    @usermambo24 crawler is used in this feature: https://docs.litespeedtech.com/lscache/lscwp/crawler/

    The only thing he did was to create a request on server. It will not run any code from crawler.

    • This reply was modified 2 months, 2 weeks ago by litetim.
    Plugin Support qtwrk

    (@qtwrk)

    the crawler will pre-cache the pages before human visitor does , so speed up the page loading.

    it’s more like backend to backend , like the wordpress itself is calling this request , this way it can running on its own without you to keep the browser open or something like that.

    the link itself is nothing risky, even people just access that , without proper authorization and nonce token, it will just give 0 return.

    Thread Starter usermambo24

    (@usermambo24)

    Thank you for your reply.

    Is there a risk in allowing that request?

    Thank you for your help

    Plugin Support qtwrk

    (@qtwrk)

    the link itself is nothing risky, even people just access that , without proper authorization and nonce token, it will just give 0 return.

    Thread Starter usermambo24

    (@usermambo24)

    Smashing, thank you very much

    Plugin Support litetim

    (@litetim)

    Can we mark the thread Resolved?

Viewing 12 replies - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.