Skip to main content

CloudLinux Knowledge Base

Wrong IP detection

Comments

3 comments

  • Nicolas

    Cause:
    Imunify360 incorrectly determines the IP and blocks the request.

    It's a 6 months concern ?

    Why does i360 incorrectly determines the IP ? (not explained yet)

    It would be appreciate to add more info about that, because actually, it looks like “we know that our system failed, don't know the real reason, but fix the issue by yourself, if it happens”

    But, when end-user report issue from the Google Search Console (after of failing crawling), it's already too late, ranking and money are lost already.

    Should i360 not supposed to work out of the box with CloudFlare ? 

    Blocking Googlebot is the first thing we want to avoid. I identify this as a critical issue.

    I encourage i360 team to complete this article and include the best fix of workaround in the heart of i360 to help that this big issue never happen again.

    Googlebot blocked by le Firewall would be a review on my Trustpilot that would seriously impact our reputation. 

    0
  • Permanently deleted user

    Greetings, Nicolas.

    Imunify360 does not block legitimate Google bots, but in case a visitor's IP address is detected incorrectly at the web server level, such access can be restricted at the ModSecurity level.

    We understand how important it is for legitimate search engine bots to access sites, and Imunify360 has separate mechanisms for that. That's how we process connections for the search bots. We use the ModSecurity rule ID 33311.

    • A user-agent of the bot from which the request comes is in the list of crawlers-ualist.data
    • A sender's address is not in the crawlers-iplist.data file (i.e. the sender is NOT a known good bot)
    • A sender's address is not in the RBL good-bots zone (another check for known bots)

    If one of these statements is true, the incoming request will be blocked. Legitimate bots pass all these checks and are not blocked by Imunify360 components.

    However, if the web server for some reason is unable to identify the visitor's IP address correctly (e.g. there is no remoteip module on the server, or the module hasn't been configured yet for Cloudflare, for example), the attacker's IP address might indeed be incorrectly detected and the request will be blocked by ModSecurity.

    In any case, you can always contact our support (and colleagues tell me that the corresponding ticket is already in progress) and we will check Imunify360 on server for you. :)

    The article would definitely need to be expanded, and I especially thank you for your feedback on it.

    1
  • Nicolas

    Infinite thanks. 

    The Imunify360 support was able to produce, for myself, a perfect tutorial in minutes that solves the Cloudflare-cPanel issue !

    CloudLinux & Imunify360, you are incredible. 

    The Web Problem Solver ! 

    Thanks thanks thanks! 

    1

Please sign in to leave a comment.