search

mitchellkrogza / nginx-ultimate-bad-bot-blocker

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
Other
3.97k stars 477 forks source link

[Blacklist-IP] Ithemes Security #375

Closed gutitti closed 4 years ago

gutitti commented 4 years ago

Hello sir, i found ithemes security plugin using ip for scan website

35.175.205.111 34.229.141.32 52.203.142.240 -> blocked 52.87.213.12 -> blocked 184.73.140.53 18.206.213.51

Is this for Addition / Removal?

Additional information

https://help.ithemes.com/hc/en-us/articles/360007145634-What-Do-The-Malware-Scan-Errors-Mean-

i can't add it to custom whitelist.conf because nginx: [warn] duplicate network "52.87.213.12", value: "0", old value: "1"

so i manually edit globalblacklist.conf, but every update i must re edited again

mitchellkrogza commented 4 years ago

Hi @gutitti you should still be able to whitelist, the duplicate entry is a [warn] and not an [emerg] error. Please try whitelist, reload nginx and confirm. Nginx will take the latest value of 0 as per the warning message you posted. Meaning the IP is blacklisted, then you whitelist it so Nginx will use your value of 0 = not blocked.