Posted By Gregory

Some legitimate HTTP requests are being blocked

If you encounter a problem with legitimate HTTP requests that are being blocked by the plugin and this behavior affects some website functionality, please follow these manuals.

What settings can cause those blocks

There are two security subsystems in the plugin that screen and filter all inbound requests: Traffic Inspector and the Antispam engine. To find out the root cause of the issue, disable Traffic Inspector and check the behavior of the plugin with those requests. If requests are still being blocked, disable “Protect registration form with bot detection engine” and “Protect all forms on the website with bot detection engine” on the Antispam settings page.

If you identify Traffic Inspector as the cause: How to exclude requests from inspection by Traffic Inspector.

If you identify the Antispam engine as the cause: Configuring HTTP request exceptions for the antispam engine.

If disabling/enabling settings above doesn’t help or isn’t suitable for you

First of all enable traffic logging on the Traffic Inspector settings page. Then check the Activity tab. You need to find those legitimate requests that were blocked. You can get one of the following statuses:

If you’re getting Probing for vulnerable PHP code

How to exclude requests from inspection by Traffic Inspector

If you’re getting Spam form submission denied

Configuring HTTP request exceptions for the antispam engine





Last posts from WordPress security blog

I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments
There are currently no comments.