Suman M.

[Suman M.]

Hi, the update should not be an issue. Did you get any error message during the update?

The renaming of wp-admin should actually work, but it’s conflicting with some other plugin/code. Can you please remove/deactivate other plugins/code that has option to change wp-admin path? Let us know so that I can try renaming wp-admin path name. (Also I’ll need site’s backend login details and FTP details)

[Suman M.]

Hi, I logged in to your site and tried to update HMWP plugin but it asks for FTP details. So I couldn’t check. Are you getting any error while updating?

[Suman M.]

This reply has been marked as private.

[Suman M.]

Hi, okay! Do let us know if any further issue.

[Suman M.]

This reply has been marked as private.

[Suman M.]

First, you’ll need to update Block Threshold value as mentioned above. After this, if the bing requests are still being listed in Intrusions list, then let us know.

[Suman M.]

This reply has been marked as private.

[Suman M.]

This reply has been marked as private.

[Suman M.]

Hi, did you change wp-admin path name in adu.edu.az? Please let us know your site’s wp-admin login details and FTP details as private reply so that we can set it up for you. Thanks!

[Suman M.]

Hi, first of all, can you please generate debug report from HMWP start tab and post it here as private reply? Also send us the Nginx config file (you may attach it as a text file).

[Suman M.]

Hi, can you please update the plugin to latest version 5.5.7?

[Suman M.]

Hi, we understand your concern, but unfortunately there’s no option to whitelist IPs in the plugin. We might think of having this option in the upcoming versions.

[Suman M.]

This reply has been marked as private.

[Suman M.]

I could see that you have set “Block Threshold” value to 2. We recommend to set it to minimum 20, as 2 is too small and most of the valid requests might reach that value. And that’s why the bing visitors are also banned.
The aim of HMWP IDS is to block malicious requests It detects Cross-site scripting (XSS), SQL injection, header injection, Directory traversal, Remote File Execution, Local File Inclusion, Denial of Service (DoS).

These requests are malicious as impact level is high – https://www.screencast.com/t/ojKZ4zXDR9C7

Besides IDS, HMWP hides wordpress so that’ll prevent from malicious scripts intended for wordpress sites.

[Suman M.]

Hi, thanks and no need to renew for the support.

HMWP riles are not being auto added to htaccess file. So, I manually added it by clicking on “manual configuration” button in HMWP General Settings tab, and copying/pasting HMWP rules from there (https://btrend.kr/wp-admin/admin.php?page=wpseo_tools&tool=file-editor)

Can you please check and let us know.

[Author]

Posts