AIOWPS and Cloudflare: IP Blacklist

  • Resolved nicolaottomano

    (@nicolaottomano)


    6 years, 6 months ago

    Dear,
    I’m an happy user of AIOWPS. I noticed that, even if I blacklist an IP (I mean if I go on Firewall 404 errors and click on “Blacklist IP”) the IP’s are not really blocked.
    So I looked for the source of the issue and discovered that Cloudflare only sends its own IPs.
    But Cloudflare also sends the original client IP in HTTP header using CF-Connecting-IP and X-Forwarded-For.

    So, in .htaccess file it is possible to block the malicious IPs (let’s say we want to block 1.1.1.1) via the following rule

    RewriteCond %{HTTP:CF-Connecting-IP} ^1\.1\.1\.1$
    RewriteRule ^ – [F,L]

    Would it be possible to instruct AIOWPS to automatically write blocking rules like the above instead of the standard ones “Deny from 1.1.1.1” if the IP Retrieval setting is set to HTTP_CF_CONNECTING_IP or HTTP_X_FORWARDED_FOR?

    Best

    Nicola

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi Nicola,

    Did you check Advanced Settings located under WP Security -> Settings? These options should help you with CloudFlare.

    Give this a go and let us know if it works for you.

    Kind regards

    Thread Starter nicolaottomano

    (@nicolaottomano)

    Hi,
    yes, I changed the IP Retrieval Settings option in Advanced Settings to both HTTP_CF_CONNECTING_IP and HTTP_X_FORWARDED_FOR but in the .htaccess file AIOWPS writes the same values: “deny from xx.xx.xx.xx”, so the .htaccess blacklist does not work.

    Please see the applied setting:
    Image

    Applying the method I suggested, this would also work for cloudflare users.

    I’m at your disposal if you need debug info on this.

    Best

    Nicola

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, I see what you mean.

    You can use the following feature Custom Rules located under WP Security -> Firewall -> Custom Rules. This will allow you to add what every you think is necessary for your site. Remember to disable the Advanced Settings once you are ready to add your custom rules.

    Does the above help you out for your issue/question?

    Kind regards

    Thread Starter nicolaottomano

    (@nicolaottomano)

    Hi,
    I applied the custom rules but, of course, it would be simpler to just click on “Blacklist IP” and keep the list of blacklisted IPs into the plugin interface.

    I hope you would add the feature in your plugin, it would be very useful for people behind a CDN.

    Best

    Nicola

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi Nicola, I am glad my solution worked for you. I have submitted a message to the developers to investigate further your request.

    Kind regards

    Hi Nicola and mbrsolution – can one of you please explain what I have to put into custom rules to make cloudflare work with AIO?

    Thread Starter nicolaottomano

    (@nicolaottomano)

    twteditor

    You could edit your .htaccess file adding the following rules

    <IfModule mod_rewrite.c>

    RewriteCond %{HTTP:CF-Connecting-IP} ^1\.1\.1\.1$
    RewriteRule ^ – [F,L]

    RewriteCond %{HTTP:CF-Connecting-IP} ^2\.2\.2\.2$
    RewriteRule ^ – [F,L]

    etc.

    </IfModule>

    in bold the IP you want to blacklist.

    Hope they could add that feature to the “blacklist” button if an user is under Cloudflare (I mean, they could add a flag to select the behavior of the plugin).

    Nicola

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Thank you @nicolaottomano for sharing your solution. I have also submitted a message to the developers to investigate further your request.

    Kind regards

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘AIOWPS and Cloudflare: IP Blacklist’ is closed to new replies.