Protect admin-ajax against bots does not exclude localhost ipv6

  • Resolved sysstem

    (@sysstem)


    1 week, 4 days ago

    The wp-cron requests to the localhost using IPV6 are blocked, unlike IPv4. They show in the log as blocked access to admin-ajax – bots detection is enabled.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author nintechnet

    (@nintechnet)

    What IP is displayed in NinjaFirewall’s log? ::1 ?
    Any locale and private IP is whitelisted, regardless it is an IPv4 or IPv6.

    Thread Starter sysstem

    (@sysstem)

    Yes in the log the log I see the IPv6 is trying to send, and gets blocked, and in the policies page I see that the IPv4 is whitelisted.

    Plugin Author nintechnet

    (@nintechnet)

    I cannot reproduce the issue, it always work as expected.
    Can you go to Firewall Policies > WordPress AJAX and check what IP is displayed in the “Your server IP (xxxxx), localhost and private IP addresses will not be affected by this policy” label ?

    Thread Starter sysstem

    (@sysstem)

    That’s under policies:
    Your server IP (209.42.x.x), localhost and private IP addresses will not be affected by this policy.

    And that’s in the log:
    21/Feb/25 22:14:11 #3453061 MEDIUM – 2a07:ab00:ff:fffe::4 POST /wp-admin/admin-ajax.php – Blocked access to admin-ajax.php – [bot detection is enabled] –

    And in the dns zone: I have an A record for the IPv4, and and AAAA record for the v6

    Plugin Author nintechnet

    (@nintechnet)

    I tried with your two IP addresses but it worked as expected.
    Try to create a info.php script with the following content:

    <?php
    phpinfo(33);

    Upload it to your WordPress root folder and go to https://your-site/info.php
    Then, search and paste here the values for:
    HTTP_ACCEPT_ENCODING
    HTTP_ACCEPT
    HTTP_ACCEPT_LANGUAGE
    HTTP_USER_AGENT

    Thread Starter sysstem

    (@sysstem)

    I think I should have mentioned that my domain is proxied on cloudflare, however, I’m using the .htninja file in order to detect the correct originating IP using the cloudflare header:

    if (! empty($_SERVER[“HTTP_CF_CONNECTING_IP”]) &&
    filter_var($_SERVER[“HTTP_CF_CONNECTING_IP”],FILTER_VALIDATE_IP)) {
    $_SERVER[“REMOTE_ADDR”] = $_SERVER[“HTTP_CF_CONNECTING_IP”];
    }

    Below are the requested values:

    $_SERVER[‘HTTP_ACCEPT_ENCODING’] gzip, br
    $_SERVER[‘HTTP_ACCEPT’] text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
    $_SERVER[‘HTTP_ACCEPT_LANGUAGE’] en-US,en;q=0.9,ar;q=0.8
    $_SERVER[‘HTTP_USER_AGENT’] Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0

    Plugin Contributor bruandet

    (@bruandet)

    It looks all good to me.
    Do you still have that problem?

    Thread Starter sysstem

    (@sysstem)

    The error shows in the log but not often, the cron makes a request every minute, but the log entries are not more than 4 or 5 per day, so I think it’s fine.

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.