whitlist by username – is that possible?

  • some users are telling us that they are blocked by wordefence in specific urls (/wp-admin/admin-ajax.php and few more). i wanted to whitelist their IPs but it is being changed. what can i do? can i whitelist by username? or any other way to help us pls?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @taliabarlev, thanks for reaching out.

    We don’t recommend allowlisting IP addresses unless absolutely unavoidable as this allows them to bypass all Wordfence protection. We don’t support usernames as a valid method of allowlisting at present.

    It sounds like false-positives may be causing blocks to normal plugin functions in these cases. You can identify any blocks made on these users’ activity by observing the records in your Live Traffic page. When clicking any block line (or “eye” icon) to expand it, it will state the reason in red text.

    Sometimes an “ADD PARAM TO FIREWALL ALLOWLIST” button appears in this section which you can click to allow these types of request in future.

    Also, Learning Mode can help allow normal operations if they’re being blocked. From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Try following the links or updating data that your users were experiencing problems with to teach Wordfence these are normal operations and should be allowed in future. After you are satisfied you’ve done that, switch the WAF from Learning Mode back to Enabled and Protecting.

    Let me know what you find out!
    Peter.

    Thread Starter taliabarlev

    (@taliabarlev)

    tnx.

    1. if i choose the ““ADD PARAM TO FIREWALL ALLOWLIST” will it allow the request for a specific IP (the one that was blocked) or to any IP address?
    2. allowing “/wp-admin/admin-ajax.php” to any IP is safe?
    3. learning mode will allow actions/behaviours rules for a specific IP or any IP ?
    Plugin Support wfpeter

    (@wfpeter)

    Hi @taliabarlev,

    It will allow the specific request, but for any IP address that can complete the request, so if it’s limited to admin-level functions, that should still be the case. Allowlisting actions, especially when filtered by specific header or body parameters with admin-ajax.php should be safe due to the same limitations on user level access.

    Learning Mode allows behaviors for all IPs, again with the same limitation on which user level can complete the request. I mainly see it required for admin functions on other plugins that are hitting false-positives but can be useful for any false-positive blocks at the front end of your site too in some circumstances.

    You can always remove filters that you’ve previously approved in Wordfence > All Options > Allowlisted URLs.

    Thanks again,
    Peter.

    Thread Starter taliabarlev

    (@taliabarlev)

    tnx sir for great support. to complete this issue, sorry if its a begginer question –

    if i will authorize I “/wp-admin/admin-ajax.php”, if attackers calls thousand of times that url, will i be in trouble?

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘whitlist by username – is that possible?’ is closed to new replies.