Hi,
WP Cerber detecte request identified as spam from my provider.
exemple :
/wp-admin/admin-ajax.php
POST HTTP 403 Forbidden515 ms Détails
Soumission du formulaire anti-spam refusée Robot détecté
So I have multiple alerts.
how can I analyse deeper and check what request is exaclty done?
Thanks for help
Lanthalas
What you’re seeing is not spam from your provider.
It’s simply that the request comes from your own public IP, which belongs to your ISP.
So Cerber detects a malformed or suspicious AJAX request coming from your browser, through your ISP, and flags it as spam.
Your provider is not sending requests to your site it’s your own device, browser, or a plugin generating the request.
Cerber just reports the IP you are using on the internet, which is normal.
Start by isolating the issue.
First, check your real IP address using any website that shows your current public IP.
Then interact with your site normally until WP Cerber blocks you and complains.
When that happens, add your real IP to Cerber’s whitelist and try again.
If Cerber stops blocking you, then you’ve just discovered who your biggest spammer is: yourself.
I’m explaining the simplest way to diagnose this.
To go further, you would need access to all log files, not just Cerber’s logs,
and you would need to understand who, what, when, and how the anti-spam gets triggered,
so you can adjust Cerber to be more compliant with your actual site activity.
Important clarification:
If you are affected by this issue, other users may be affected as well.
You need to determine which plugin on your site has a form that is generating a false positive.
It is always a plugin or a form submission that produces this kind of block.
In many cases you will need to:
remove the plugin,
modify the plugin,
or whitelist its requests (which is not always the best security practice without proper technical advice). To be used only as a temporary workaround
hi,
Thanks for your answer.
I reach the same analyse and discovered that the requests are generated by mailpoet plugins.
I have no other choice then white list the provider IP as i can’t modify the mailpoet plugin.
I’d like to get ride of it because it doen’t works fine but I must find an other email plugin to replace it.
thanks again.