All custom block patterns deleted

  • Resolved Treebeard

    (@malawimama)


    5 years, 6 months ago

    I have been adding IP block patterns for a few years now, and I went to add a IP range to block and all of my old ones were just gone.

    I have noticed that massive SQL injection attacks really rack up, well over 100 attacks show up in the admin at a time, so I manually go add the IP range to block since Wordfence seems to just block them temporarily instead of permanently for some strange reason. But this last attack must have wiped out all my blocks I guess, or maybe it was a recent upgrade, I don’t know. I never got any notices about changes made to my settings, or anything else that stood out.

    May I make a suggestion to Wordfence developers? It would be nice if Wordfence automatically blocked the IP range or at least the IP address permanently if it’s an attacker, especially if it’s SQL injection attacks. Also would be great if Wordfence blocked attackers from being able to change or delete settings in Wordfence.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Treebeard

    (@malawimama)

    Yikes and I just found about 100 Whitelisted URLs in here too.

    Hi @malawimama,

    It’s possible that the wp_wfblocks7 table was cleared during the recent update. You can check if the table has been cleared by running this query:

    SELECT * FROM wp_wfblocks7 LIMIT 10;

    If it’s indeed been cleared, you can restore a backup of this table (if you have one).

    Wordfence does not permanently block IP addresses caught by the firewall because:

    1. It could have been a false positive (another plugin that triggered the firewall)
    2. Users often change IP addresses from time to time

    You can change How long is an IP address blocked when it breaks a rule to extend the duration of the block.

    For example: https://i.imgur.com/7VVGSYM.png

    Dave

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘All custom block patterns deleted’ is closed to new replies.