Differences

This shows you the differences between two versions of the page.

--- litespeed_wiki:config:wordpress-protection [2018/12/18 15:44]
Jackson Zhang
+++ litespeed_wiki:config:wordpress-protection [2019/04/30 18:03]
Jackson Zhang [WordPress Protection Block Never Seems to Expire]
@@ Line 188: / Line 188: @@
 ===== Set "Trusted <ip>" in .htaccess to bypass the block====
-Since LSWS 5.4RC1, LSWS added virtual host trusted IP support, where you use "Trusted 1.2.3.4, 5.6.7.8" in Virtual Host document root .htaccess to unblock blocked IP and make that IP trusted for that vhost.
+Since LSWS 5.4RC1, LSWS added virtual host trusted IP support, where you use ''Trusted 1.2.3.4, 5.6.7.8'' for IPv4 or ''Trusted [2001:db8:85a3:8d3:1319:8a2e:370:7348]'' for IPv6 in Virtual Host document root .htaccess to unblock blocked IP and make that IP trusted for that vhost.
@@ Line 208: / Line 208: @@
 The explanation: WP protection blocking is only removed if the IP stops access attempts for a full 10 minutes. If the visitor constantly hits the server, the blocking won't be lifted. Restarting the web server will remove all IP blocks immediately.
+The bot-detection ''bot detected'' or ''WordPressBruteForce'' only log when ''drop'' action is set, but there won't be such log entries for ''deny'' and ''throttle'' action. It is as designed since ''drop'' is a more serious action, which block further requests from that IP (treated as unwanted botnet) and the log is for robot detection.
+-11-06 15:41:30.862784 [NOTICE] [24.96.xxx.xxx] bot detected for vhost [APVH_kevinandamanda.com], reason: WordPressBruteForce, close connection!
+Bot detection is one time logging, while, ''deny'' and ''throttle'' are per request, and it could become annoying with many repeated log messages.