This forum is for general questions about Blackhole Pro. This includes but is not limited to installation, configuration, and anything else that doesn’t fit into one of the other forums. If you have a general question, please post it publicly using the form below. Or if you prefer, send an email to share privately.
Forum : General Topics
There are 19 posts in this forum.
I’ve been monitoring the Redirection 404s in my site – I get a lot of bots scanning for bad plugins, or site back-ups – I was wondering, if I redirected obviously nasty scan URLs to site.com/?blackhole – would that work? They’re not scanning the site for content but vulnerbilities, and I thought it would be fun to send them to the blackhole. I’m guessing it would need an ID on the end of the URL though for it to work, is that the case?
Yeah the random query string (WP nonce) would be required in order for that to work. Interesting idea though!
Dang, that’s a shame. I wonder if I could send them to a page that meta – refreshes to a the URL with the nonce? Thinking out loud. Might be a bit beyond my basic knowledge.
I like the idea and will work on something for a future update. It may be possible at this point, if you can find a way to get the nonce value and pass it along with the requests.
Blocked user is shown a warning page:
“You have been banned from this domain. If you think there has been a mistake, contact the administrator via proxy server. ”
Link directs to contact page. But the contact page is also blocked!
What can be done so that the visitor can contact the administrator with a request to unblock?
Glad to help.
“What can be done so that the visitor can contact the administrator with a request to unblock?”
That is an excellent question. Even after developing Blackhole for years now, I still am not sure of an ideal way to enable a blocked user to contact the site admin easily.
One thing that helps savvy visitors is the default “you’re banned” message:
“If you think there has been a mistake, contact the administrator via proxy server.”
That explains one possible way of contacting the site admin. The idea there is to visit the contact URL via proxy service. Not all users understand that or are able, etc.
What some other users do is add a link to the contact page at an alternate site, where they are not blocked.
Some other users I’ve seen just link to a social-media profile. Like on Twitter, Facebook, etc. It’s trivial to contact someone on most social media sites.
As a last resort, you can use a free online tool to obscure your email address and then just include it with the banned message. Alternately instead of obfuscation you could display your email address as an image, which is harder (and less likely) for bots to read.
I hope this helps.
I am being blocked from a site that I could previously access. I added my I.P. address to the Whitelisted IPs but the plugin is still not giving access.
Can you please help resolve this?
Glad to help. Blackhole only prevents bad bots from accessing your site. It does not prevent your site (or you) from accessing any other sites. Unless I am misunderstanding the issue..?
Hello Jeff, to clarify, I cannot access the front end of the WordPress site that uses the Blackhole plugin. It says ‘You have been banned from this site.’ which is a Blackhole alert. I can access it after logging into WordPress admin. So it seems to be blocking me as a user not logged into WordPress as admin. Other members of the team can access the front end without being logged into WordPress as admin. That’s why I thought it may be my I.P. address, but when adding it to the Whitelist, there is no difference.
I hope that clarifies what’s happening.
Oh okay, so Blackhole is preventing access to the front end of your site. Normally the only way for that to happen is if you click on the blackhole link and fall into the trap. Assuming that you didn’t do that, I am guessing the site is running some sort of page cache plugin?
I’m not sure what you mean by ‘click on the blackhole link’. However the only pages I access are usual front end and back pages of WordPress.
I just removed all Whitelisted Bots and Whitelisted IPs and the plugin is still blocking me from the site.
The only caching type plugin we use is this Cloudfalre plugin: https://en-gb.wordpress.org/plugins/cloudflare/ but it’s been over a week, perhaps more, so I can’t see how caching would be causing this issue.
Your advice is appreciated.
Thanks for the link to your cache plugin, it helps to explain what is happening. Based on the description, it looks like that plugin is caching your site’s pages (and everything else), which means PHP-driven scripts like Blackhole will not work (because PHP effectively is disabled). Here is a post with more information. Let me know if any questions.
Thanks for the update re: incompatible plugins. However we’ve been using the Cloudflare plugin for at least 1 year if not longer and I’ve previously been able to access the site without the block. Why is it happening now?
Not sure. It could be that some other factors are involved. I do know that page caching prevents PHP from working correctly. So another thing to look at would be check if your cache plugin provides a “Late Init” option or way to disable page caching.
Hey! Hope you are well!?
What about WP Rocket? I’m using you plugin with wp rocket full service activated (caching page), and i dont see anybug. But, maybe you plugin just dont work? How can i test it?
Hi Louis, here is what we know about cache plugin compatibility. And here is a guide that explains how to check if the plugin is working. Let me know if I can provide any further information.
I get this error message when trying to update Blackhole Pro on http://www.tibesar.family. What am I doing wrong please?
Enabling Maintenance mode…
Updating Plugin Blackhole Pro (1/1)
Downloading update from https://plugin-planet.com/ An error occurred while updating Blackhole Pro: Download failed. Unauthorized
Glad to help. That error happens due to incorrect SSL/TLS configuration. It’s a pretty well known WP bug that still hasn’t been fixed. There is a possible workaround, check out this post.
Thanks Jeff. Done deal.