solid security scan blocked by ninjafirewall

  • Resolved nathalie75

    (@nathalie75)


    1 year, 5 months ago

    Hi,

    I use the SolidSecurity plugin (former iThemes security) on a few websites. This plugin has a function to scan the site for security issues on a daily basis but the scan is blocked by ninja firewall. I received a mail from SolidSecurity with the message: ”?Unable to determine if the scan target is allowed: Target site returned invalid response. It looks like the site scanner was blocked by NinjaFirewall. Incident ID: 1444733″.

    In the ninjafirewall log there is the entry “23/Oct/23 14:31:33 #6460490 MEDIUM 531 67.227.19xxx POST /index.php – Suspicious bots/scanners – [SERVER:HTTP_USER_AGENT = iThemes Security Site Scanner/1.0]”.

    Is there a way to configure NinjaFirewall so that the security scans are not blocked? (I don’t want to disable the security rule 531 though).

    Thank you very much for your help.

    Nathalie

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author nintechnet

    (@nintechnet)

    You would need to disable rule 531. It’s not a big issue, that rule blocks some names like “scanner” etc, but most hackers are using common browser signatures. The firewall has another bot protection that is much more efficient than that rule and it relies on HTTP headers, not on signatures. Disabling the rule will not disable that protection.

    Thread Starter nathalie75

    (@nathalie75)

    Thank you very much for your quick reply.

    I couldn’t finde rule 531 in the list… is it the same as 1531?

    Thanks

    Nathalie

    Plugin Author nintechnet

    (@nintechnet)

    It’s “NinjaFirewall > Firewall Policies > Intermediate Policies > Block suspicious bots/scanners”.

    Thread Starter nathalie75

    (@nathalie75)

    Great, thank you!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘solid security scan blocked by ninjafirewall’ is closed to new replies.