Redirect to 127.0.0.1 when most related settings are NOT enabled.

  • Resolved mlipenk

    (@mlipenk)


    10 months, 1 week ago

    What can I expect for the default behavior of AIOS firewall?

    My settings:

    • Do not have Brute Force Cookie prevention active (redirect URL 127.0.0.1)
    • Do not have 404 Detection lockout enabled. (redirect URL 127.0.0.1)
    • Do not have User Security login lockout enabled. (redirect URL 127.0.0.1)
    • Do not have Blacklist Manager IP blacklisting enabled.

    However the site was recently redirected to 127.0.0.1 (AIOS Reason: Blocked IP: firewall_post_black_user_agent_and_referer)

    I don’t understand why this would be the case if none of the settings that redirect to 127.0.0.1 are enabled and active. What other settings redirect to 127.0.0.1 if triggered? Also to note, there is a load balancer in place.

Viewing 8 replies - 1 through 8 (of 8 total)

  • Same issue and the same questions.

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @mlipenk, @sunriserunco

    Please try disable below settings if any cronjob running locally and do have blank http headers with post request might be blocking your load balancer.

    WP Security > Firewall > Internet bots ban – Blank HTTP headers Ban POST requests that have a blank user-agent and referer

    Regards

    Thread Starter mlipenk

    (@mlipenk)

    I’ll deactivate the setting. Although it seems odd that this same issue suddenly popped up in multiple, recent support requests.

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @mlipenk,

    OK, please deactivate that setting and let me know if it solved the issue.

    Yes, it seems odd that the same issue suddenly appeared but this feature was released in the last AIOS 5.2.5 version release. So it should be the issue probably.

    Regards

    Thread Starter mlipenk

    (@mlipenk)

    To test… we will need to find and utilize a tool that can replicate that type of site scan (POST request from internet bot that has a blank user-agent and referer), and then get back to you. For now, the site is functional, and the “Blank HTTP headers” is deactivated.

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @mlipenk,

    Glad to know the site is functional if you see any issues let us know.

    Regards

    Thread Starter mlipenk

    (@mlipenk)

    We have deactivated the setting for:

    “Internet Bots” > “Blank HTTP Headers” > “Ban POST requests that have a blank user-agent and referrer”

    …and ran a site scan with utility that posts as a blank user-agent and referrer. The site stays up now. The issue is the combination of the AIOS setting (which works as expected) and our load balancer which makes all traffic appear to come from ourself. Some research on our load balancer settings is in order.

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @mlipenk,

    Ok, Glad to know disabling the settings Ban POST requests that have a blank user-agent and referrer the site stayed up now.

    Regards

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Redirect to 127.0.0.1 when most related settings are NOT enabled.’ is closed to new replies.