WP JSON oEmbed – 403 error, wp-json/oembed

Home Forums BulletProof Security Pro WP JSON oEmbed – 403 error, wp-json/oembed

This topic contains 0 replies, has 1 voice, and was last updated by  AITpro Admin 2 years, 2 months ago.

Viewing 1 post (of 1 total)
  • Author
  • #29342

    AITpro Admin

    WP Forum Post:  https://wordpress.org/support/topic/too-many-wp-json-records-in-sevurity-log?replies=2#post-8346801

    The LTX71 Bot, which is located on this server: http://whois.domaintools.com/ltx71.com and uses Amazon AWS DNS is crawling/scanning the site and is requesting/accessing the WordPress wp-json oembed API URI’s directly in a way that they are not intended to be requested/accessed. The WP JSON oEmbed URI’s are intended to be requested/accessed by REST API enpoints: https://developer.wordpress.com/docs/oembed-provider-api/ and not just randomly crawled by bots. You can either ignore the Security Log entries or you can allow the LTX71 bot or any other bots to do something that they should not be doing on your website.  If you want to allow this bot and other bots to do something they should not be doing on your website then post a reply in this forum topic requesting the steps to allow/not block this bot and other bots from doing this on your website.

    When you check the ltx71.com website directly you will see this message below displayed:

    We continuously scan the internet for security research purposes. Our crawling is not malicious and only notes summary information for a page.
    If you have further questions please contact [removed for privacy and per WP Forum posting rules].

    [403 GET Request: April 22, 2016 8:10 pm]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    Host Name: ec2-54-87-199-12.compute-1.amazonaws.com
    REQUEST_URI: /wp-json/oembed/1.0/embed?url=http://example.com/
    HTTP_USER_AGENT: ltx71 - (http://ltx71.com/)
Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.