Custom APIs calls blocked

Hello @mtachaudhary770 and thanks for reaching out to us!

The easiest way to remedy this will be to navigate to your Wordfence > Tools > Live Traffic page, find the block for these API requests, click on it to expand it, then click “Add Param to Allowlist”. If that doesn’t seem to be working, you can also try Learning Mode to resolve it.

From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.

https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

Let me know if this helps!

Thanks again!

Hi @wfadam
Thanks for a quick response. I will follow your instructions and let you know if it works.

Thanks again!

Thanks again!

Let me know how it goes!

Hi @wfadam,

Wordfense is in Learning Mode for almost 1 month but still getting, “404 Forbbiden, Your access to this site was blocked by wordfense”.

Also, it’s not adding the specific custom APIs endpoints to the Allowlist. I have tried your suggested method and waited for 1 month.

Can you find these blocks in your Wordfence > Tools > Live Traffic for me with the firewall in “Enabled and Protected” mode. Screenshot them and post them here, with private data removed or email the screenshots to wftest @ wordfence . com with subject “mtachaudhary770 for WFADAM” so I can review what the block reason is.

You mentioned it is getting a 404 response, which makes me think the Rate Limiting is causing the block. Could you also screenshot your Wordfence > All Options > Rate Limiting section for me?

Thanks again!

Hi @wfadam,

I have sent you an email with screenshots.

Thanks

Thanks for sending those!

It looks like this wouldn’t be caused by Rate limiting as everything is set to throttle instead of block.

I attempted to visit the URL in your Live Traffic screenshot and was dealt a 404 as well. Are you sure this is the correct URL that should be called?

Thanks again!

Hi @wfadam,

Thanks for your response.

The URL in Live Trafic is not correct. Actually, the main issue is with custom APIs. We are sending multiple API calls (after a few minutes) from a desktop application. Wordfense is blocking those API calls from some IP addresses, not for all IPs.

Our QA team is testing the system, for this purpose they need to send multiple API calls and everyone is using a different IP address. Some QA team members reporting this IP block issue.

Hopefully, you understand the scenario and actual issue as well.

Thanks again

Do you know the list of IPs that make these calls? If so, you should be able to add these IPs to the Allowlist, which will bypass any WAF rules that might be blocking it.

Add all of your IPs that need access to Wordfence > All Options > Advanced Firewall Options > Allowlisted IP addresses that bypass all rules.

Let me know if this helps!

Thanks again!

IPs are not static, that’s why we can add all IPs. Also, it will not be a permanent solution, because API calls will send by the different user’s applications, so we can not add so many IPs.

BTW, for testing purposes, I am already adding static IPs to prevent blockage.

Sorry for the late reply, I was out most of last week.

If you could find a common request these IPs are doing, you could add the param to the allowlist. You can find the blocks in the Live Traffic and see exactly what the request they are making is, and how it’s being blocked.

That would be the only way other than adding the IPs to the allowlist.

https://www.wordfence.com/help/firewall/options/#whitelist

Thanks again!

Hi,

I have already added the params to the allowlist, still facing the blocking issue. I am using the licensed version of this plugin.

The plugin is also still in learning mode, so it should add these params to the allowlist automatically.

• This reply was modified 3 years, 10 months ago by Tayyab Chaudhary.