Setting up IP Banning

Banning IPs is at the core of the coreSecurity Pro plugin, and essential method for preventing malicious IPs access to the website. Feature Banned IPs works to ban IPs based on various other factors, and once the IP is banned, it needs to track if the banned IP tries to access website again, and prevent it in doing so.

Once the IP is in the ban database, there are two methods to prevent that IP to access the website while the ban in effect: Ban IPs feature checks IP on website load, or .HTACCESS deny/allow list stopping access before it reaches WordPress, so quite similar to how Firewall is set up – Setting up Firewall.

Banning with Ban IPs feature

This method will work with any web server, there are no special requirements.

When the request is made, Ban IPs feature checks the IP for that request. If the IP is on the ban list, the request is stopped and 403 message is returned.

Pros

  • Each time banned IP attempts to access the website, that will log the offence in the database log.
  • Works with every server type.

Cons

  • The banning works as a part of WordPress code execution, and each request is processed by server, sent to the WordPress to reach the Ban IPs feature to check if IP is banned.
  • If your cache plugin serves cached HTML file without WordPress processing, cached responses will bypass the Ban IPs and it can’t check if the visiting IP is banned or not. Check out more information about Cache Plugins.

Banning with .HTACCESS

Requirements

Banning IP in .HTACCESS requires use of .HTACCESS file, and it is limited to Apache and Litespeed web servers. When .HTACCESS is updated by the plugin, all the banned IPs will be put in the Deny directive in .HTACCESS. There is no limit on how many IPs are added, or if they are IP4 or IP6.

Pros

  • It runs before the WordPress is even reached, on the server level.
  • It works with any WordPress cache plugin.

Cons

  • When the banned IP tries to access the website, it will be stopped, but the request and offending IPs can’t be logged for future auto banning.

Which Firewall to use?

When it comes to stopping banned IPs, the answer is simple: if you use Apache or LiteSpeed, with .HTACCESS support enabled, go for the .HTACCESS to stop banned IPs.

Rate this article
0
0
31

You are not allowed to rate this post.

Leave a Comment