Hello,
I'm not sure how to fix this, A few users have reported being blocked by the CSF firewall after attempting to use wordpress's admin interface.
Log's below, IP's blocked out for security and URL's removed for same.
Time: Sun Aug 10 14:44:00 2014 -0400
IP: xxx.xxx.xxx.xxx
Failures: 60
Interval: 300 seconds
Blocked: Temporary Block
Log entries:
[Sun Aug 10 14:42:23 2014] [error] [client xxx.xxx.xxx.xxx] File does not exist: /home/shaned/deviousangel/wp-admin/dashicons-dashboard, referer: [Sun Aug 10 14:42:23 2014] [error] [client XXX>XXX>XXX>XXX] File does not exist: /home/shaned/deviousangel/404.shtml, referer:
Thoughts?
I got similar issues when I ran updates on the wordpress systems myself and locked myself out of my own server.
Thoughts?
wordpress is causing issues with CSF.
Re: wordpress is causing issues with CSF.
It seems that you have enabled in CSF the option LF_APACHE_404 to 60 errors and csf blocks the IPs that reach that amount of errors.
"This option will keep track of the number of "File does not exist" errors in
HTACCESS_LOG. If the number of hits is more than LF_APACHE_404 in LF_INTERVAL
seconds then the IP address will be blocked
Care should be used with this option as it could generate many
false-positives, especially Search Bots (use csf.rignore to ignore such bots)
so only use this option if you know you are under this type of attack
A sensible setting for this would be quite high, perhaps 200
To disable set to "0" "
"This option will keep track of the number of "File does not exist" errors in
HTACCESS_LOG. If the number of hits is more than LF_APACHE_404 in LF_INTERVAL
seconds then the IP address will be blocked
Care should be used with this option as it could generate many
false-positives, especially Search Bots (use csf.rignore to ignore such bots)
so only use this option if you know you are under this type of attack
A sensible setting for this would be quite high, perhaps 200
To disable set to "0" "