Custom URL – Blocked IP

  • Resolved nataliaeaparicio

    (@nataliaeaparicio)


    7 years, 1 month ago

    When I am logging in my wp site, it blocks my ip and shows this message:

    We’re sorry, you are not allowed to proceed
    Our server stopped processing your request. Your request looks suspicious or similar to automated requests from spam posting software.

    If you believe you should be able to perform this request, please let us know.

    In wp-cerber dashboard that list events, my IP show with this message: Probing for vulnerable PHP code – Locked out

    I have searched in code and find this:
    (wp-cerber.php)

    start line 4765
    if ( false === strrpos( $script_filename, $uri ) ) {
    $wp_cerber = get_wp_cerber();
    $cerber_status = 13;
    cerber_log( 55 );
    cerber_soft_block_add( $wp_cerber->getRemoteIp(), 8);
    //cerber_404_page( true );
    cerber_forbidden_page();
    }

    $script_filename is a path index.php, and $uri is my custom url login.

    How do I solve this?
    Thanks.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author gioni

    (@gioni)

    Do you use the Custom login URL field in the plugin setting to specify your custom login URL? If so what value did you enter there?

    Thread Starter nataliaeaparicio

    (@nataliaeaparicio)

    Yes. I use Custom login URL field.

    Alphanumeric characters and hyphens mediums.

    Plugin Author gioni

    (@gioni)

    Show me exact value that you have/see in that field please.

    same problem here for me. This is happening on two sites and started after the next-to-last update of the Cerber PlugIn.
    I happens with the current version of WP (4.9.4) and the one before.
    I whitelisted my IP, but it still gets blocked (I have to remove the plugin folder via FTP to enter my sites).
    I use the Custom login URL field. The value is “my_login.php”.

    P.S.: seems to occur only with Firefox (Mac), but not with Safari or Chrome.

    Plugin Author gioni

    (@gioni)

    To solve the issue use a value without “.php”

    Thread Starter nataliaeaparicio

    (@nataliaeaparicio)

    Why solve using the url without “.php”?

    And yes, solve the issue. Thanks.

    Plugin Author gioni

    (@gioni)

    Because a request for non-existing PHP script is not good. It looks suspicious, like scanning for vulnerable code (a plugin) which you can see on the traffic log page.

    atuldabhi

    (@atuldabhi)

    I am facing same issue but this solution didn’t resolve my issue.

    I’m using custom login field “sky”.

    I’m redirecting URL of my old website (.aspx pages) to new website (WordPress) and getting this error only for such .aspx pages.

    Any clue?

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Custom URL – Blocked IP’ is closed to new replies.

Tags