wordpress is causing issues with CSF.

Post Reply
stickbear
Junior Member
Posts: 2
Joined: 10 Aug 2014, 19:50

wordpress is causing issues with CSF.

Post by stickbear »

Hello,
I'm not sure how to fix this, A few users have reported being blocked by the CSF firewall after attempting to use wordpress's admin interface.
Log's below, IP's blocked out for security and URL's removed for same.
Time: Sun Aug 10 14:44:00 2014 -0400
IP: xxx.xxx.xxx.xxx
Failures: 60
Interval: 300 seconds
Blocked: Temporary Block

Log entries:

[Sun Aug 10 14:42:23 2014] [error] [client xxx.xxx.xxx.xxx] File does not exist: /home/shaned/deviousangel/wp-admin/dashicons-dashboard, referer: [Sun Aug 10 14:42:23 2014] [error] [client XXX>XXX>XXX>XXX] File does not exist: /home/shaned/deviousangel/404.shtml, referer:
Thoughts?
I got similar issues when I ran updates on the wordpress systems myself and locked myself out of my own server.
Thoughts?
Sergio
Junior Member
Posts: 1714
Joined: 12 Dec 2006, 14:56

Re: wordpress is causing issues with CSF.

Post by Sergio »

It seems that you have enabled in CSF the option LF_APACHE_404 to 60 errors and csf blocks the IPs that reach that amount of errors.

"This option will keep track of the number of "File does not exist" errors in
HTACCESS_LOG. If the number of hits is more than LF_APACHE_404 in LF_INTERVAL
seconds then the IP address will be blocked

Care should be used with this option as it could generate many
false-positives, especially Search Bots (use csf.rignore to ignore such bots)
so only use this option if you know you are under this type of attack

A sensible setting for this would be quite high, perhaps 200

To disable set to "0" "
Post Reply