Replies: 0
I found a lot of 404 errors on URLs that don’t exist which clearly just look like someone trying to find a way into the backend.
One example of a URL I found was /tinyfilemanager/tinyfilemanager.php So in Wordfence > All Options – I added this to “Immediately block IPs that access these URLs”. Under “Rate Limiting” I have the setting “How long is an IP address blocked when it breaks a rule” set to “1 month”
Today, I have gone back in to monitor the 404 errors and I have found a user with IP 103.78.0.60 has accessed the URL /tinyfilemanager/tinyfilemanager.php without being blocked.
NOTE: This is not the only URL I have found that has been accessed that is in the list without being blocked
Am I misunderstanding how this setting works?