Category: Firewall
404 Not Found errors detected on your homepage
The 404 Blocking rule in Really Simple Security’s Firewall helps protect your site against malicious scanning attempts by blocking IP addresses that generate too many 404 Not Found errors while scanning your site for vulnerabilities (a detailed explanation is available here). If you see the following notice appear on the Really Simple Security Dashboard, this means that the plugin has detected 404 Not Found errors on the homepage of your site. In such cases, the plugin automatically deactivates the 404 Blocking
About the Firewall
The Firewall module in Really Simple Security is a powerful feature that allows you to monitor and filter requests to your WordPress site. You can activate the firewall by enabling the “Enable Firewall” slider under SSL & Security -> Settings -> Firewall. This article explains how to configure the firewall rules in Really Simple Security to identify and lock out unwanted, malicious traffic from your WordPress site. Table of Contents 404 Blocking Region Blocking User Agents IP Allowlist & Blocklist Event
Enable an efficient and performant firewall
A firewall is a filter. Specifically, the Really Simple Security firewall looks at requests coming into your site and blocks the ones that look like attacks — things like SQL injection attempts, cross-site scripting, and requests from known malicious IP addresses — before they ever reach WordPress. It runs cleanly in the background. You do not need to configure rules manually. Once it is active, it logs blocked requests so you can see exactly what it has caught. 404 Blocking
Suspected bots causing 404 errors
You might have received the following notice in your Really Simple Security Dashboard about suspected bots triggering large numbers of “404 Not Found” errors on your site: If your error logs are filling up with 404 errors and you cannot trace them to real users, you are almost certainly dealing with automated bot traffic. Bots scan WordPress sites constantly, looking for accessible configuration files, outdated plugins, or login pages to attack. Most of this traffic is harmless to your site’s
About Region Restrictions
In some cases, you might want to restrict access to your site from certain regions. There are several reasons for doing so; such as complying with (privacy) regulations, or to ensure that content can only be viewed by a desired audience. And then there’s the security aspect to consider, as malicious actors often launch attacks from specific geographic regions. Blocking access from these regions helps to protect against targeted attacks originating from specific geographic areas. Really Simple SSL Pro (8.2)