search

Highfivery / zero-spam-for-wordpress

The WordPress Zero Spam plugin makes blocking spam a cinch without all the bloated options. Just install, activate, and say goodbye to spam.
https://wordpress.org/plugins/zero-spam/
73 stars 32 forks source link

[BUG] IPs being wrongly blocked #321

Closed inspiredearth closed 2 years ago

inspiredearth commented 2 years ago

Describe the bug Today I updated Zero Spam to v 5.3.9

Less than 2 hours later, I get notified by UptimeRobot that the site is down.

I check the site (via a browser that's logged into it) and it loads fine. So I check the site using a private browser instance, and I get "Your IP address has been blocked by WordPress Zero Spam due to detected spam/malicious activity."

I have since checked the site here: https://www.isitdownrightnow.com/best-mac-tips.com.html It can't access the site.

image

Same story here: https://downforeveryoneorjustme.com/best-mac-tips.com image

To Reproduce Above description covers the steps.

Expected behavior It seems all IPs are being blocked. This should not be happening.

bmarshall511 commented 2 years ago

@inspiredearth Zero Spam doesn't block users itself without configuration from the admin. If you're getting blocked, you'll need to enable logging in admin to find information about the block and the reason why it's occurring.

inspiredearth commented 2 years ago

@bmarshall511 Thanks Ben. Understood. The thing is, I've not "configured" this installation of ZeroSpam. It was installed, and left as-is. Yet, seemingly on its own accord, the site was inaccessible due to IP (seemingly all IPs) being blocked. Hence my reason for posting it as a potential bug report.

Also, it wasn't just me getting blocked, as a result of me doing something that may have triggered ZeroSpam to determine I am a spam bot. The site was inaccessible entirely, and it was a Zero Spam message displaying on the screen. Hence, my reason for thinking Zero Spam is blocking access to the site.

Your thougths?

Thanks... J

inspiredearth commented 2 years ago

Hi Ben, I would appreciate some elaboration on your response to this ticket.

Did you read my reply on June 14th?

I have returned to this ticket because today, after not accessing the site in question for at least a month (probably not since mid June), I have tried to access it and I am getting the message, "Your IP address has been blocked by WordPress Zero Spam due to detected spam/malicious activity."

That seems very odd to me. If you disagree, would you please explain why it's not odd behaviour?

What suspicious activity could I have been doing on the site, when I've not visited it in over a month? What's more, as before (reported above) it's not just my IP address that's being blocked. You say it's configuration settings that are causing the block, yet it has an off-the-shelf configuration, and it's been working fine for a long time with that configuration. Yet now, as it did in early to mid June, out of the blue, it's blocking (presumably) all IP addresses from accessing the site.

I've done another test via https://www.isitdownrightnow.com/best-mac-tips.com.html, and I can see they are reporting it's been down for at least the last 6 days.

image

I would would appreciate further input from you, as these to me seems like erratic and erroneous behaviour from Zero Spam.