Home › Forums › BulletProof Security Free › SiteLockSpider – xmlrpc 403 error
Tagged: 403 error, SiteLockSpider, xmlrpc
- This topic has 5 replies, 3 voices, and was last updated 8 years, 6 months ago by Deb.
-
AuthorPosts
-
addictedParticipant
I have an premium security account with sitelock. Now I find these in my security log. How can I give access to sitelock to scan my site every day?
[403 GET / HEAD Request: 25 december 2014 - 10:30] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 184.154.36.163 Host Name: scan21.sitelock.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: SiteLockSpider [en] (WinNT; I ;Nav)
AITpro AdminKeymasterLooks like the SiteLockSpider bot is trying to make a GET Request to your WordPress xmlrpc.php file. Are you using the BPS XML-RPC DDoS Protection Bonus Custom Code? http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/
addictedParticipantYes, should I allow on ip adress?
I changed it to allow from ip address, requested a remote scan, and all is green 🙂 sorry to bother you, I am a new user. thx, for your quick answer.
regards,
J.AITpro AdminKeymasterYou may need to add the Singlehop CIDR IP address block if the SiteLockSpider bot uses other Singlehop Host IP addresses randomly.
# XML-RPC DDoS & TRACKBACK/PINGBACK PROTECTION # Using this code blocks Pingbacks and Trackbacks on your website. # You can whitelist your IP address if you use A Weblog Client # or want to whitelist your IP address for any other reasons. # Example: uncomment #Allow from x.x.x. by deleting the # sign and # replace the x's with your actual IP address. Allow from 99.88.77. # Note: It is recommended that you use 3 octets x.x.x. of your IP address # instead of 4 octets x.x.x.x of your IP address. <FilesMatch "^(xmlrpc\.php|wp-trackback\.php)"> Order Deny,Allow # Whitelist Jetpack/ Automattic CIDR IP Address Blocks Allow from 192.0.64.0/18 Allow from 209.15.0.0/16 Allow from 66.155.0.0/17 # Whitelist Singlehop SiteLock CIDR IP Address Block Allow from 184.154.0.0/16 Deny from all </FilesMatch>
addictedParticipantYou were right, today new information are stored in my security log.
I tried the sniplet you gave. I will keep you informed. -
AuthorPosts
- You must be logged in to reply to this topic.