Whitelist not working

  • I have whitelisted this: US,CA,AU

    But I am still getting traffic from China. Why?

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @czeller,

    But I am still getting traffic from China. Why?

    How do you confirm it? When I accessed to your /wp-admin/ from Japan, I saw the message “Sorry, your request cannot be accepted”. Please let me the way as much information as possible. In your server’s log, or in other plugins?

    Also please refer to the followings:

      Thread Starter czeller

      (@czeller)

      So sorry it took me so long to get back to you. My whitelist reads US,CA,AU… but WordFence shows China and others in live traffic… and they are not showing as red/blocked. I saw your explanation in that post, but in your image, the offending countries show up as being blocked (red) in WordFence. Mine are not.

      Plugin Author tokkonopapa

      (@tokkonopapa)

      Hi good see you again @czeller,

      OK, I assume that you’re mentioning about the front-end.

      One possibility is that the issue you’re facing might be caused due to “UA string and qualification” in “Front-end target settings” section.

      For example, you can find the default value bot:HOST which means:

      • When the user agent string includes “bot”,
      • and also the host name can be fetched by the DNS reverse lookup,
      • then the request is not blocked,
      • even it comes from black listed countries.

      And furthermore, if you uncheck “DNS reverse lookup“, this rule is considered as bot:* which means if the user agent string includes “bot”, then the request is passed.

      Please find some details in “UA string and Qualification“.

      So I propose you to try one of the followings or both:

      1. Select “Unauthenticated user” at “Record validation logs” in “Record settings” section. You can find not only blocked but also passed in the logs. Then you can refine the rules in “UA string and qualification“.
      2. Make “UA string and qualification” empty. All the good bots such as google, yahoo, bing, facebook, twitter and etc come from US. So I think you don’t need the current rules.

      I’d appreciate you if you give me some feed back.

      Thanks.

      P.S. I’ll add the new mode “Blocked / UA qualified” at “Record validation logs” in the next release to find those situations easily ??

    Viewing 3 replies - 1 through 3 (of 3 total)
    • The topic ‘Whitelist not working’ is closed to new replies.