binance.com

  • Resolved edivantrev

    (@edivantrev)


    1 year, 3 months ago

    Managing my 404 hits, I keep seeing every day the following registers:

    uri: admin/controller/extension/extension
    uri: .well-known

    referer: binance.com

    Is it an attack? how can I use Wordfence to prevent that?

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @edivantrev, thanks for your message.

    If requests are hitting 404s they may be coming from a bot with malicious intent but these are likely done in a hit-and-hope manner without knowing the platform, plugins and other details in advance. The fact they’re hitting a 404 means whatever they’re trying to do isn’t succeeding, so Wordfence might consider blocking these based on your Rate Limiting settings if they try an excessive amount of times in a short period.

    Ultimately, referers can be spoofed so it’s unlikely in my opinion that binance.com is actually the source of the requests unless you have a plugin like Binance Pay for WooCommerce that’d explain why their site might be trying to contact yours. We don’t necessarily recommend a manual blocking regime as URLs and IPs can be hard to keep up with, so Wordfence should protect you if any of these requests ever warrant any action. Having said this, you could try a Custom Pattern based on the referer on the Wordfence > Blocking page if you wish.

    Thanks,
    Peter.

    Thread Starter edivantrev

    (@edivantrev)

    Hi Peter,

    I don’t use any plugins related to Binance or cryptocurrencies, so they are probably trying to impersonate this company.

    I’ll consider your suggestion to limit access attempts.

    Thanks
    Ed

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘binance.com’ is closed to new replies.