Some legitimate HTTP requests are being blocked
If you encounter a problem with legitimate HTTP requests that are being blocked by the plugin and this behavior affects some website functionality, please follow manuals below.
What settings can cause those blocks
There are two security subsystems in the plugin that screen and filter all inbound traffic: Traffic Inspector and the Antispam engine. To isolate the cause of the issue, disable Traffic Inspector and check the behavior of the plugin with those requests. If requests are still being blocked, disable “Protect registration form with bot detection engine” and “Protect all forms on the website with bot detection engine” on the Antispam settings page.
If you identify Traffic Inspector as the cause: How to exclude requests from inspection by Traffic Inspector.
If you identify the Antispam engine as the cause: Configuring HTTP request exceptions for the antispam engine.
If disabling/enabling settings above doesn’t help or isn’t suitable for you
First of all enable traffic logging on the Traffic Inspector settings page. Then check the Activity tab. You need to find those legitimate requests that were blocked. You can get one of the following statuses:
If you’re getting Probing for vulnerable PHP code
How to exclude requests from inspection by Traffic Inspector
If you’re getting Spam form submission denied
Configuring HTTP request exceptions for the antispam engine
Last posts from WordPress security blog
- Development version 7.6.1 September 4, 2018
- WP Cerber Security 7.6 August 31, 2018
- Get WordPress protected: rename the plugins folder August 27, 2018
- Development version 7.5.2 August 24, 2018
- WP Cerber Security 7.5 August 20, 2018