Immediately block IPs that access these URLs – how to access on cPanel

  • Resolved oriver

    (@oriver)


    1 year, 10 months ago

    Hi,

    Want to play with: “Immediately block IPs that access these URLs” but worried we could set one that blocks us. Can’t use “Ignored IP addresses for Wordfence Web Application Firewall alerting” due to dynamic IPs.

    If we block a URL we shouldn’t have, where would we go in cPanel to remove the URL we’ve entered?

    Thanks

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @oriver, thanks for reaching out to us.

    Even as an administrator, you will be blocked if you visit a URL specified in that section. For that reason, you should only pick URLs here that are not administrative or related to the normal content visitors see on your site. It’s often used to prevent visible readme files or paths that don’t exist but are targeted by attackers in your Live Traffic feed.

    As a quick example though, you can unblock yourself by logging in from a mobile device (on mobile data rather than using the same wifi as the device that was blocked) and removing your IP from the Wordfence > Blocking page. We don’t make cPanel changes for this and blocks/settings are all controlled through the Wordfence plugin.

    You shouldn’t necessarily worry as Wordfence handles blocks by looking at the clear intent of an IP’s visit rather than just the page they tried to visit. The plugin does all of the important blocking for you so it’s our general recommendation to not implement manual blocking regime – which can be time consuming to keep up with current URLs and IP ranges etc.

    Thanks,
    Peter.

    Thread Starter oriver

    (@oriver)

    Hi @wfpeter

    Thank you for explaining and clarifying this. I looked at URLs that attack attempts were being tried with, and blocked one we never use, but is frequently tried.

    Just wondering about website IP address attacks. Wordfence shows attempts made at:

    https://IP-ADDRESS/

    Would love to immediately block any attempts to this. Not sure if this could end up blocking everyone including admins, so couldn’t get to the dashboard to remove, which would only leave cPanel to access by.

    I understand Wordfence looks at intent, rather than the URL. The URLs I’m concerned at have tens of attacks a week.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @oriver, thanks for the extra information.

    There should be no need to block attempts to the IP of your site in the browser address bar. I believe there is an .htaccess rewrite rule you may be able to implement, if the {HTTP_HOST} doesn’t match a string of your choosing, but might require some testing to ensure you don’t block legitimate visitors, plugins or scripts that call your site’s IP by mistake. I also can’t assist with this as it’s outside of the plugin itself. There is no inbuilt feature in the Wordfence plugin to block IP rather than domain requests.

    Thanks again,
    Peter.

    Thread Starter oriver

    (@oriver)

    Hi @wfpeter

    Thank you for kindly helping, will use your guidance to look at a .htaccess rewrite rule.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Immediately block IPs that access these URLs – how to access on cPanel’ is closed to new replies.