Add blocking of URLs with wildcards

  • Hi,

    Can you please add the ability to block specific URLs and even better include the ability to use wildcards too?

    I have some attackers that are using URLs that are invalid or that they shouldn’t be trying to access, so I would like to be able to block them (they are all bots and coming from many different IPs).

    I can’t use referrer or user agent to block them.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @ttoaster, thanks for your suggestions.

    Just to clarify, do you have a use-case that’s outside of the scope of Wordfence > All Options > Firewall Options > Advanced Firewall Options > Immediately block IPs that access these URLs?

    You can use wildcards there to specify paths with wildcards or specific file/page names. Note that any real paths in regular use by legitimate visitors, admins, or WordPress itself will still result in blocks if you add them here.

    You can read more here: https://www.wordfence.com/help/firewall/options/#immediately-block-urls

    Many thanks,
    Peter.

    Thread Starter ttoaster

    (@ttoaster)

    Hi Peter,

    Yes I am aware of that option, but it doesn’t do what I need, it only blocks matching URLs without the domain name that the hacker tries to access, e.g.

    You would currently block /test.php or */test.* but not
    https://fake.siteurl.com/test.php (such as a staging or development full URL which should not be used to access the real site). The full URL is being captured in Wordfence live traffic logs, so it should be easy to add this functionality to the existing UI?

    Hope this makes sense?

    Regards,
    Martin

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.