Some question to SpamFireWall

Payments, packages, business questions please ask here.
dragon013
Posts: 6
Joined: 07 Oct 2016, 09:26
Has thanked: 1 time
Been thanked: 2 times

Some question to SpamFireWall

Unread post by dragon013 » 07 Oct 2016, 09:36

Hello,

I setup my Wordpress with your plugin and enable the SpamFireWall to keep spammers away and to be able to cut down all these entries in htacess, or other tools, etc.

So far, some entires were caught in the firewall, but still I am wondering.

The count for the "hits" is equal to the count of "passed". That means: every possible spammer who hit the firewall got pass the check and to my site, right ? But if so, why I do not have any logs about this in my accesslog on my server ? There I only do have an entry with HTTP status 403 (that is good) and no entries with code 200. I tested it with <myserver>?sfw_test...., got the message about being a spammer and was redirected to the site then. This was also count as a "pass". If I do same test on a console with wget, I get the blocking message and this hit is not counted as a "pass". So it seems to me that really all spammers get pass the firewall, which is not what a firewall is for.

So I am still confused about the technique behind it. I would like to keep away these spammers, but according to the counters they were passed to my site.

Or do I misunderstand something ?

BTW: I wanted to check the firewall logs here today but I do not get any data, though I should have some entries (regarding to the counters on dashboard). Also the entries from yesterday do not show up.

Thanks for any enlightenment!

Dragon013

User avatar
SergeM
Posts: 125
Joined: 27 May 2016, 08:05
Has thanked: 11 times
Been thanked: 8 times
Contact:

Re: Some question to SpamFireWall

Unread post by SergeM » 08 Oct 2016, 06:31

Hello.

Thank you for your request.

The logic of SpamFireWall is as simple as it seems to be. You have three types of entries: Visitor, Allowed and Blocked. Everyone who sees the blocking page counts as Black IP Visitor, if it is a human he can click the link and go to your website and become an Allowed entry, or it could be a spambot who didn't click the link and became Blocked.

These checks are being performed in our Cloud Service before any Visitor can get access to your website, so it unloads your server and it doesn't make any records in your logs. Your webserver logs will contain only those Black IP Visitors who were converted to Allowed. As practice shows not every Black IP Visitor is a spammer, someone can get a black IP being in a spam-active subnetwork.

We are working on the SpamFireWall log scripts and logics right now and the values may vary sometimes. Sorry about that.

Was it helpful? Write back if you have questions.

Best regards.
———————
Technical Support
https://CleanTalk.org — Anti-Spam Modules for all CMS

dragon013
Posts: 6
Joined: 07 Oct 2016, 09:26
Has thanked: 1 time
Been thanked: 2 times

Re: Some question to SpamFireWall

Unread post by dragon013 » 09 Oct 2016, 08:22

Hello,

thanks for your explanations. I am aware about the way your firewall is working (which I really like since real visitors still have a chance).

But I still wonder about the column "passed". About 95% of all hits also passed, but I got no further entries in my accesslog, so they obviously did not pass. Why are they counted then ? Beside that, the passed IPs are IPs from server hosters not from internet providers, so obviously bots. They shouldn't pass, should they ?

Thanks!

Dragon
These users thanked the author dragon013 for the post:
SergeM (09 Oct 2016, 08:44)
Rating: 50%

User avatar
SergeM
Posts: 125
Joined: 27 May 2016, 08:05
Has thanked: 11 times
Been thanked: 8 times
Contact:

Re: Some question to SpamFireWall

Unread post by SergeM » 09 Oct 2016, 08:44

Hello.

That's a good question, indeed.

I will ask my colleagues about that on Monday when their working shift starts. I'm not sure yet but it could be a bug in number displaying.

Thanks again for giving us the direction to improve our service.

We will contact you when we found out why it happens like this.

Best wishes.
———————
Technical Support
https://CleanTalk.org — Anti-Spam Modules for all CMS

User avatar
Roman
Posts: 103
Joined: 13 Jan 2016, 08:31
Has thanked: 0
Been thanked: 6 times

Re: Some question to SpamFireWall

Unread post by Roman » 12 Oct 2016, 09:19

Hello,

We need to look closely at this situation. Could you send us your CleanTalk account and give the access to your website dashboard (optional but much recommended), we need to see the statistics in dynamic in your dashboard.

Please, send the information via private message. Or you could create a support ticket here: https://cleantalk.org/my/support
Roman Safronov
Technical Support

dragon013
Posts: 6
Joined: 07 Oct 2016, 09:26
Has thanked: 1 time
Been thanked: 2 times

Re: Some question to SpamFireWall

Unread post by dragon013 » 12 Oct 2016, 10:46

Hello,

is there an option to grant you support access or do you need the password ?

Thanks for looking into this issue.

Dragon013

User avatar
SergeM
Posts: 125
Joined: 27 May 2016, 08:05
Has thanked: 11 times
Been thanked: 8 times
Contact:

Re: Some question to SpamFireWall

Unread post by SergeM » 12 Oct 2016, 17:18

Hello.

We need a temporary user with administrator rights.
We will not touch anything else except our plugin, we guarantee the integrity of your website.

Thank you in advance.
———————
Technical Support
https://CleanTalk.org — Anti-Spam Modules for all CMS

dragon013
Posts: 6
Joined: 07 Oct 2016, 09:26
Has thanked: 1 time
Been thanked: 2 times

Re: Some question to SpamFireWall

Unread post by dragon013 » 13 Oct 2016, 04:59

Hello,

I sent a support ticket with further details.

Dragon013

User avatar
RazoR
Posts: 152
Joined: 26 Dec 2012, 06:00
Has thanked: 0
Been thanked: 3 times

Re: Some question to SpamFireWall

Unread post by RazoR » 13 Oct 2016, 06:45

Thank you!

We will answer in the ticket.
Alex Bezborodov
CleanTalk team.

Post Reply