Comments are blocked by default on WordPress installations when the Sucuri Firewall is activated. This is done by blocking access to the xmlrpc.php file. This can cause issues with allowing users to comment on your posts and also with other plugins...
If you are getting the Sucuri error page, such as the one below when visiting some pages on your site, you can simply whitelist these pages in the Sucuri Firewall settings and the errors will go away. It is recommended to whitelist the page only if...
Blocking the top three attack countries The majority of website attacks come from specific countries: China, Russia and Turkey. Although we have nothing against those countries, the Sucuri Firewall gives you the option of blocking them from...
When an application malfunctions, crashes, or delays, you may see the following message: As the image describes, Sucuri WAF cannot get a response from the site’s hosting server. To resolve this issue, carefully read each of the following...
When trying to whitelist an IP address you might get the following error message: This means the IP address you are trying to whitelist is either a local IP address (10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16) OR was typed incorrectly. You can only...
If you use vBulletin and you are unable to login to your forum even with the correct credentials and you end up getting: You have used up your failed login quota! Please wait 15 minutes before trying again. The solution is simple. This happens...
The WAF will be in the middle of the communication between the visitors and the hosting server to be able to filter the malicious requests. Because of that, the connection is modified and the source IP at the network level will be shown as the...
The Sucuri Firewall functions as a reverse proxy, filtering all incoming traffic through the Sucuri network, parsing good requests from bad requests. To accomplish this, a change is made to your DNS settings. Specifically, one or more A records are...
The message "You are being redirected" means that your page or website has a bot protection enabled. On login/admin pages, such as wp-login.php, this message will always be displayed, unless the IP address of the visitor is whitelisted. In...
Every request that comes through the Firewall will use a Firewall IP when reaching the destination server, unless you configured your application to get the Visitor Real IP. VaultPress usually conflicts with the IP change, resulting in a connection...