Security Log Event Codes

[AITpro Admin]

@ Samx – BPS is a WordPress security plugin for website security.

[XavierX]

Hi, I was recently blocked from my own site when editing my homepage – I was doing multiple image changes and then checking my frontend to see the updates. I was editing the same page for at least 1 hour and just swapping out images to try in the page content. I was blocked on my normal IP address (I then used a VPN to get access to my site again, which was eventually blocked after further edits to my homepage).

Also, while looking through the logs, I noticed an alert for Wordfence, so I’ve added that log too. There are multiple logs for both issues, but I’ve just included one example of each.

Many thanks!

[403 POST Request: 11 July 2024 - 04:38]
BPS: 6.9
WP: 6.5.5
Event Code: WPADMIN-SBR
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: GDPR Compliance On
Host Name: 45.133.172.61
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP: GDPR Compliance On
HTTP_FORWARDED: GDPR Compliance On
HTTP_X_FORWARDED_FOR: GDPR Compliance On
HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On
REQUEST_METHOD: POST
HTTP_REFERER: https://www.casinosetc.co.uk/wp-admin/post.php?post=490&action=edit
REQUEST_URI: /wp-admin/admin-ajax.php
QUERY_STRING: 
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 OPR/111.0.0.0
REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data

[403 GET Request: 11 July 2024 - 12:53]
BPS: 6.9
WP: 6.5.5
Event Code: WPADMIN-SBR
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: GDPR Compliance On
Host Name: uk8.wpx.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP: GDPR Compliance On
HTTP_FORWARDED: GDPR Compliance On
HTTP_X_FORWARDED_FOR: GDPR Compliance On
HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On
REQUEST_METHOD: GET
HTTP_REFERER: 
REQUEST_URI: /wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=quick&cronKey=e55fbca9df22a8a00b98fb953154be23&signature=3cc1f32ec9dd175593e7470d6457c83a4bebcea93226b7635fff1b8c50ba1f3f
QUERY_STRING: action=wordfence_doScan&isFork=0&scanMode=quick&cronKey=e55fbca9df22a8a00b98fb953154be23&signature=3cc1f32ec9dd175593e7470d6457c83a4bebcea93226b7635fff1b8c50ba1f3f
HTTP_USER_AGENT: WordPress/6.5.5; https://www.casinosetc.co.uk

[AITpro Admin]

BPS does not block by IP address, but Wordfence does.

[XavierX]

OK, so BPS is just logging the issue, it hasn’t done anything to cause it?

And to confirm the 2 issue above are nothing to do with BPS.

Also, what does the Wordfence alert underneath mean?

A little explanation is appreciated.

[Author]

Posts