How can I restrict access to a site’s IP address?

Hi @bobsapp, thanks for reaching out.

May I ask why you wish to do this? I believe there is an .htaccess rewrite rule you may be able to implement, if the {HTTP_HOST} doesn’t match a string of your choosing but might require some testing to ensure you don’t block legitimate visitors, plugins or scripts by mistake.

Wordfence is mainly concerned with the behavior of a human or bot once they access how your site rather than necessarily how they access it, so there is no inbuilt feature to block IP rather than domain requests.

Thanks,

Peter.

Hello. Thanks for the quick response. In the site log, I found a lot of requests like these:

https://1.1.1.1/phpmyadmin4
https://1.1.1.1/phpMyAdmin-5.1.2
https://1.1.1.1/sqlmanager
https://1.1.1.1/HNAP1

Probably some bots send automated requests to my site. I don’t know what to do with this.

Hi @bobsapp,

It’s a totally normal occurrence to see requests like this, as frustrating as that can be, as many would-be attackers will simply probe a site in an automated fashion. Usually, there’s a hit-and-hope approach to this rather than prior inside knowledge of your plugins or the platform you’re running the site on.

If your site is either not hosting these pages/paths because they don’t exist, or Wordfence is blocking based on its firewall rules, Brute Force, or Rate Limiting settings then you do not need to take further manual action.

Thanks again,

Peter.