Download Logs + Whitelisting Query

  • Hello,

    1. I have an action called ‘log_user_activity’ which is triggered by wp-ajax, i’d like to permanently whitelist this, need guidance on how to do so under Allowlisted URLs
    2. Where we have live traffic, i see information like blocked by firewall for XSS: Cross Site Scripting in POST body: payload=%7B%22cookie%22%3A%22a3799d27-ac4b-4027-aa59-6bc3a9f7d2d7%22%2C%22marketing_information%22%3A%7, where can i find the full POST request for this? Unable to find in the DB.

    Thanks

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter Ali Hussain

    (@b4db0y)

    Also is there a way to have daily notifications of Wordfence Live Traffic?

    Plugin Support wfpeter

    (@wfpeter)

    Hi @b4db0y, thanks for getting in touch.

    So it seems from the points above like our XSS firewall rule is catching your function as a false-positive. It is possible to manually allowlist from Wordfence > All Options > Allowlisted URLs but requires the precise GET/POST parameters to be provided as you mention, so I would always try Learning Mode or Live Traffic first.

    You can read more about Learning Mode and the method of allowlisting from the Live Traffic page here:?https://www.wordfence.com/help/firewall/learning-mode/

    Live Traffic should present you with an “ADD PARAM TO FIREWALL ALLOWLIST” button if this function triggers a block that you wish to allow permanently in the future.

    Let us know how you get on,
    Peter.

    Thread Starter Ali Hussain

    (@b4db0y)

    Thanks @wfpeter

    I had a couple of other queries.

    1. Is it possible to get detailed logs of the blocked requests? I would like to reverse engineer the post entries and add them to the database.
    2. Also is there a way to have daily notifications of Wordfence Live Traffic?

    Thanks, much appreciated

    Thread Starter Ali Hussain

    (@b4db0y)

    Any updates?

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.