Why do I see an IP address I have blocked in the server access logs?
This article shall help you understand why an IP address blocked by you in the Astra Website Protection plugin is still visible in the server's raw access longs. This holds true for any plugin based security solution.
Endpoint or plugin based security solutions run on your application server and run before, or alongside your web-application. They analyze the visitor's requests as they come and block malicious visitors from accessing your website. An error page is shown, and along with a 403 HTTP Status Code for the browser.
When a visitor comes to your website, this is the flow of the HTTP request:
Visitor's Browser
Your Server
Astra Website Protection
Your Website
Since the plugin code is running on your server, the request from the blocked IP is also logged by your server although it is blocked before it reaches your website.
You can quickly test this out by blocking your own IP temporarily from the dashboard.
Find your IP address by visiting: https://icanhazip.com/
Visit the Threats page, and block your IP address as shown in this guide.
Open your website where the Astra Website Protection plugin is installed
You should see a page similar to the one below
If you do not see the block page, please troubleshoot the connection & try again.
Remove your IP address from the Block list, to continue accessing your website
Endpoint or plugin based security solutions run on your application server and run before, or alongside your web-application. They analyze the visitor's requests as they come and block malicious visitors from accessing your website. An error page is shown, and along with a 403 HTTP Status Code for the browser.
When a visitor comes to your website, this is the flow of the HTTP request:
Visitor's Browser
Your Server
Astra Website Protection
Your Website
Since the plugin code is running on your server, the request from the blocked IP is also logged by your server although it is blocked before it reaches your website.
How to test if a blocked IP can visit your website
You can quickly test this out by blocking your own IP temporarily from the dashboard.
Find your IP address by visiting: https://icanhazip.com/
Visit the Threats page, and block your IP address as shown in this guide.
Open your website where the Astra Website Protection plugin is installed
You should see a page similar to the one below
If you do not see the block page, please troubleshoot the connection & try again.
Remove your IP address from the Block list, to continue accessing your website
Updated on: 06/07/2022
Thank you!