Custom Rule Recipe: Prevent IP Blocks For Logged-In Users

It can be very inconvenient for high-priviledged users, such as Administrators to be inadvertently blocked by your security plugin.

The reason this happens is due to the settings of the plugin itself, and the best way to determine why exactly the user is getting blocked is to investigate the Activity Log and learn which Shield settings need to be adjusted to prevent it from happening.

If while you do this you want to prevent admins from getting blocked, you can use a rule similar to that demonstrated in the video to prevent the automatic IP block from being applied to the user.

Prevent IP Blocking for Admins Rule Summary

Firstly, we would generally recommend that you don't use things like IP whitelisting for normal users.

But, if you want to prevent IP blocking for logged-in admins, we provide some rules to help you out with that.

Note: We recommend to put this rule temporarily and then monitor your Activity Log to see what Admins are triggering. Then, reconfigure and tweak your Shield Security rules to ensure that the logged-in Admins aren't triggering the plugin offenses.

Setting Up Admin User Role Rule Steps

To begin, we navigate to "Create New Rule" page and then

1. Select conditions

   IF

   1. Is Valid Public IP Address; AND
   2. Is Logged In Normal; AND
   3. Is User Admin Normal: AND
   4. Is IP Blocked Auto

2. Select response

   THEN

   1. Prevent Shield IP Auto Block

The summarized rule is as follows

• IF a request is coming from a valid public IP address; and
• the user is logged-in; and
• the user is an admin; and
• the IP address is automatically blocked; THEN
• prevent Shield from performing the automatic block.

3. Give a rule name: Prevent Admin IP Blocks
4. Give a rule description: Prevent administrators from being automatically blocked by Shield
5. Check both confirmation checkboxes
6. Click to create the new rule

The Manage page displays the automatically activated rule in place.

Setting Up Admin And Editor User Roles Rule Steps

So, the previous rule will prevent admins from being automatically blocked by Shield. If we want to add the same rule for Editors, we can use the same rule as for Admins (above) and make these changes:

1. Conditions
   1. Remove: Is User Admin Normal

   2. Add: User Has WP Capability

      b1. Capability Key: edit_posts

      WordPress assign the editors automatically and if they have this capability then the admins will have it too.

Important: In case you lock yourself out of your own site because of your rules, please use a forceoff method outlined here and then disable that rule.

We also recommend you to read:

• What Is The Custom Rules Builder And How To Use it? (+Video)
• A collection of examples for building your own custom security rules (+Videos)
• A Complete Guide To The Shield's Custom Rules Builder