automatically block too many 404s IP

Hi ccjeagle have you check the following..

WP Security >> User Login

and also

WP Security >> WHOIS Lookup

Let me know if you need more help.

Regards

Hi @mbrsolutions,

Thanks but it’s not what I want.

When a person tries to browse some non-existing files, WP will generate a 404. If this kind of requests come in 800+ per second, how can WP Security block it “automatically” before I find it in “404 detection” table.

I know in Firewall -> 404 Detection, it will record all the 404 requests. But I need to manually block one IP. And that could be too late. I’m looking for the functionality/option that WP Security can block that IP “automaticaaly”, say if one IP requests over 100 non-existing url per second, block it.

Hope that helps to clarify my question. Thanks.

Hi ccjeagle under the following……

WP Security >> Firewall >> 404 Detection how long have you set the lock out period?

The two options I mentioned above provide you ways of locking IP address.

Did you check them?

Regards

Hi,

That could be some wording I did not understand…

In Firewall -> 404 Detection, I enabled “Enable IP Lockout For 404 Events” so it should start to log in the “404 event logs”. This is not for “automatically recognize and lockout” per the wording in “more info”, only record down the events.

Then, in the same location I put “60” for “Time Length of 404 Lockout (min)”. Based on the “more info” I suppose this is for the “temporary lockout”. Meaning if I “temp block” an IP, it won’t be able to access my site for 60 min. Again this is not what I need because I still need to interact to “temp” block it.

Thanks anyway.

Hi, if you increase the time to lets say 480 min, that would lock them out for 8 hours. You can increase the time to a higher value if you want. You can also add the IP address to the black list manager found under

WP Security >> Blacklist Manager This will block them indefinitely.

Does that help you with your question?