wordfence_syncAttackData

Home Forums BulletProof Security Pro wordfence_syncAttackData

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • October 19, 2017 at 7:44 am #34342
    Qtwix
    Participant

    Hi ,

    Apart from BPS Pro, I’m running Wordfence on my sites. Today I repeatedly got the following entry in my security log:

    [403 GET Request: 19. Oktober 2017 - 13:49]
BPS Pro: 13.3.3
WP: 4.8.2
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 78.46.49.113
Host Name: tux127.hoststar.ch
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://www.c-beatmusig.ch/?wordfence_syncAttackData=1508417377.5941
REQUEST_URI: /?wordfence_syncAttackData=1508417377.5941
QUERY_STRING: wordfence_syncAttackData=1508417377.5941
HTTP_USER_AGENT: WordPress/4.8.2; https://www.c-beatmusig.ch

    Are there any known issues between the two plugins? What does this log entry means?

    Thanks!

    October 19, 2017 at 8:54 am #34345
    AITpro Admin
    Keymaster

    I did a google search and found these 2 search results:
    https://wordpress.org/support/topic/wordfence_syncattackdata-showing-in-live-traffic/
    https://wordpress.org/support/topic/what-is-itwordfence_syncattackdata/

    I do not see anything in the Security Log entry that BPS would block so most likely something on your host server or another plugin is blocking whatever wordfence_syncAttackData is.  BPS Security Logging logs all 403 errors whether or not BPS is blocking something.  If your host server has a firewall or is using Mod Security and is blocking whatever wordfence_syncAttackData is then BPS will log that 403 error in the BPS Security Log. Check with your web host and see if they are blocking whatever wordfence_syncAttackData is.  As far as we know Wordfence is compatible with BPS and BPS Pro.

    October 22, 2017 at 9:55 pm #34413
    Qtwix
    Participant

    Thanks for the reply. I already read it but was not aware of it anymore that ALL errors are logged. So, just for my personal learning curve: You write that you don’t see anything which BPS Pro would block. How can I see in the log entry, whether the access was blocked by BPS Pro or by something else? Can you say that because you know all the firewall rules or because there is something specific in the log entry you can base your statement on?

    October 23, 2017 at 10:23 am #34418
    AITpro Admin
    Keymaster

    To be more specific what I meant I do not see anything in the Security Log entry that shows anything obvious that BPS would block, but it is possible that the Security Log entry is not showing anything obvious.  If the Security Log entries are still occurring do BPS Pro troubleshooting steps to confirm or eliminate that BPS Pro is causing the block > https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.