Ban Hosts

According to the 7.8.0 Changelog:

Enhancement: Remove quick bans. Persist banned hosts to .htaccess or nginx.conf on an hourly schedule.
Tweak: Cap banned hosts persisted to .htaccess or nginx.conf to the most recent 100. This number can be adjusted with the “itsec_ban_users_max_hosts_for_server_config” filter. Older banned hosts will be locked out after WordPress loads.

To prevent any confusion, I’m not iThemes.

Where in the settings is this hourly schedule? Why do need the Ban Hosts option if nothing works… I don’t understand

I restored the previous version of the plugin where everything worked fine

It’s a WP Cron task scheduled to run every hour.

To see it add the line below to your wp-config.php file:

define('ITSEC_DEBUG', true);

This will add an extra Debug option to the Security menu. On the Debug page in the Scheduler section the hourly flush-files task is the one you are looking for. The define works for the 7.7.1 plugin release as well…
However the flush-files task will only show up after updating to the iTSec plugin 7.8.0 release …

• This reply was modified 4 years, 7 months ago by nlpro.
• This reply was modified 4 years, 7 months ago by nlpro.
• This reply was modified 4 years, 7 months ago by nlpro.

Hi @hthsrtdtuk,

When a user is banned, previously “Quick Bans” would add that IP address to your .htaccess file immediately. What we found is that if sites were under high levels of attack and multiple IP addresses were banned at the same time, this could result in the .htaccess file being corrupted. This would end up crashing the entire site.

Because of that, as @nlpro mentioned, in 7.8.0 we moved to a new system. Banned users are still locked out, but not until after iThemes Security loads. Additionally, the new flush-files scheduled task will add the most recent 100 bans to your .htaccess every hour.

One reason why you might be seeing some banned IPs show up in Live Traffic would be if they were not in the list of the most recent 100. The reason we limited it to 100 IP addresses by default is to prevent issues with hosts that cap the size of the .htaccess file. If you’d like, you can increase the amount of IPs using a filter.

add_filter( 'itsec_ban_users_max_hosts_for_server_config', function () {
	return 200;
} );

Where can I add this filter? In htaccess?
In my ban list there are 665 IP and 464 User Agents, and now I see how they try to hack my site again… do I have to look for a new protection plugin?

> Where can I add this filter?

You can add the code snippet in your child theme’s functions.php file. Or alternatively use the Code Snippets plugin.

> In my ban list there are 665 IP and 464 User Agents, and now I see how they try to hack my site again…

The users are still being locked out by iThemes Security. But since Wordfence and iThemes Security are different plugins, they don’t know about each other. So the activity is still recorded by Wordfence, but they’ll be blocked before they can attempt to login.

I found out that my host has no .htaccess file size limit. What value should I set in the new setting “Limit Banned IPs in Server Configuration Files”? I have set 1000 or, in my case, do I need to set it to 0?

Yes, I would set it to a large number like 1000.