Support

Admin Tools

#32862 Autoblock IP if phrase occurs

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Friday, 15 May 2020 17:17 CDT

sonictec
How can I configure WAF to autoblock every IP trying phrase 'wp-login'?

nicholas
Akeeba Staff
Manager
If you are really talking about phrases in submitted content you can use the Bad Words Filter.

If you are talking about URLs, use the 404Shield feature. wp-admin.php is already being filtered by default but you could possibly add wp-admin/* to the list as well.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

sonictec
Thank you for your reply,

in Configura WAF, I can see that Cloaking tab in Enable 404 Shield is set to Yes and 404 Shield filled with phrases:
wp-admin.php
wp-login.php
wp-content/*
wp-admin/*

But still, I notice in Security Exceptions Log IP's not blocked witn 404 Shield

nicholas
Akeeba Staff
Manager
If they are trying to access wp-login instead of wp-login.php then, yes, they will NOT raise an exception. You need to add wp-login and wp-login/* to that list as well. Same for wp-admin and wp-admin/* which need to be added for the same reason.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!