Know more about intruder’s IP
Getting extra information about particular IP address from registry to find out country, abuse email and other details about intruder
To enable retrieving, check option: Drill down IP.
To view the information click on a particular IP address on the Activity tab.
To get extra information like country, company, network info and abuse contact WP Cerber uses requests to a limited set of external WHOIS servers which are maintained by appropriate Registry. All Registry are accredited by ICANN, so there are no reasons for security concerns. The retrieved information is not storing in the database but is caching for 24 hours to avoid excessive requests and get a faster response. While parsing of the response of the WHOIS server WP Cerber is trying to find out the country and abuse email and make it clickable. That allows you to send abuse report quickly if you want.
List of all Registries and WHOIS servers for IPv4
Note: On slow hosting, especially shared hosting, requests may take a while.
On the Activity tab you see the message: WHOIS: User has blocked requests through HTTP.
That means that outgoing HTTP requests are blocked by using WP_HTTP_BLOCK_EXTERNAL directive in the wp-config.php file. To get things work you need to add next line to the wp-config.php file:
define('WP_ACCESSIBLE_HOSTS', 'rest.db.ripe.net' );
On the Activity tab you see the message: WHOIS: Connection timed out (whois.iana.org).
That means that outgoing WHOIS requests was blocked by your hosting provider or some security module on your server (e.g. firewall). The WHOIS protocol is a TCP-based protocol designed to work on the port 43. So, make sure that port 43 is reachable from your web server using TCP protocol and Apache process is allowed to establish outgoing connection to the TCP 43 port.
Last posts from WordPress security blog
- Brute-force, DoS, and DDoS attacks – what’s the difference? 04/10/2017
- WP Cerber 4.5 03/22/2017
- Instant mobile and browser notifications with Pushbullet 03/20/2017
- Best WordPress Plugins for Two-Factor Authentication 03/15/2017
- WordPress 4.7.3 – six security issues has been fixed 03/06/2017
Let's make things clear with these intruder activities that happens every day with any website. How are they dangerous? What tools or plugin can mitigate them? What are chances that we can do that successfully?
WP Cerber allows you to easily enable desktop and mobile notifications and get all those notifications from your WordPress instantly and for free. In a desktop browser, you will get popup messages even if you logged out of your WordPress. Last posts from WordPress security blog Brute-force, DoS, and DDoS attacks – [...]