Firewall Rules doesn't work correctly

Note: I’m from Spain, sorry if this post is poorly phrased. The forum for Spain has no much activity.

I have a WordPress site where every time I try to do a lot of queries in a row, like editing five articles at once, I get a 1015 error with temporary access denied.

In Firewall> Tools, I have my IP perfectly set to “Allow”:

And, in Firewall> Firewall Rules, I have the following rule (XXXXX is my IP):
(ip.src eq XXXXXX and ip.geoip.country eq “ES” and http.request.uri.path contains “/wp-admin/”) or (http.request.uri.path contains “/wp-content/”)
I tried also with this:
(ip.src eq XXXXXX and ip.geoip.country eq “ES”)

Both cases with “Allow” action, of course.

But Cloudflare keeps denying me access to the minimum that I open five WP editors at the same time.

And even worse, later I see this in the Firefwall events: it blocks my IP and other IPs that do not meet the criteria allow access.

How I can solve this? Thanks.

That says Rate Limiting. Do you have that enabled in Firewall Tools?

And for the Permitted access, do you have any other firewall rules?

The rate limiting is disabled. I understand that this option is a payment option after a certain number of requests, and I am not interested in that, because my site works perfectly. But if it is necessary to activate this option, I can try.

I don’t have another access rules IPs, only one, for my IP. In firewall rules I have another two basic rules, to block to acces to /wp-login (wp-login is not used, I have another secret login path) and /xmlrpc.

Then I’m not sure what is happening.

Your Firewall Event says “Limitación de velocidad”, which sounds like Rate Limiting. And because all your requests are within two seconds of each other, that makes sense. You would get charged for good requests if you enabled Rate Limiting. If your site is ok, then make sure Rate Limiting is turned Off.

An event that says Permitir would mean that you have a Firewall Rule set to “Allow.” Maybe that is because of a mistake in one of your other firewall rules. Can you post a picture of your Firewall Rules list?

Yes, “Limitación de velocidad” means Rate Limiting and “Permitir” means Allow.

These are my another two rules:


And the rule that doesn’t work (actually is disabled, and the XXXX is an example):

In access rules:

I recently disable the dynamic cache of my server, SiteGround (Header set Cache-Control “max-age=0,no-store” in htaccess), could it have something to do with that? Maybe server caching would save me requests?

Your first rule looks like it will block anybody from using wp-login (but you probably have an Allow for your IP address in Firewall → Tools)
Your second rule blocks xmlrpc from anything that’s not IFTTT
And the third rule is just an Allow for your IP address.

If you click on the Allow from Chile event, it should show you which rule allowed it.

None of this should be affected by settings on your server.

Back to your original problem. Are you still getting 1015 errors?

If I see what rule allows the event from Chile, says a Firewall Rule, precisely, the rule to allow my IP, but is no the same IP:

I try again now, and continues to happen

It also says the rule changed since the event, so I’m not entirely sure which version of the rule triggered.

1 Like

Sorry, this is because I tried different settings of the rule since it happened, but what it shows is what it really was like.

Anyway I have tried to reactivate the dynamic cache and the Memcached and this problem it no longer occurs to me (either shows an “allow” rule in the activity log, but either blocks me more).

I suspect that because this way the number of requests to the server is reduced with the memcached. I have another problems related with the cache of my server, but I will solve them in another way.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.