New to the community? Start here

[Defender] Why / how would Defender block traffic coming from Twitter bio link?

The other day we had a report that Defender was blocking anyone who was clicking on the Twitter bio link of one of the sites using it. I tested it and sure enough that was happening even with me, and I have my IP address whitelisted in Defender! I combed through the settings and couldn't think of any reason this would be happening! To be on the safe side, I dumped our entire list of blocked IP addresses. Before too long it started working again and allowing traffic past the blank screen with the Defender logo. However, I don't want this to happen again. Any idea what the cause of this was and how we could make sure it doesn't happen in the future? Thanks!

Mon, 7 Jan 2019 1:59:15
More Defender Pro discussions
Defender Pro
  • Ash
    • Code Norris

    Hello Riley with SOZO.DO

    I am sorry to know you are having issues. I have just checked my site from my twitter account and I can’t replicate the issue. Neither we got the issue before.

    Would you please let me share your twitter bio page? So that I can check the issue. Also, do you have any caching plugin? If so, would you please reset cache and check if you can still replicate the issue?

    Please let us know. Have a nice day!

    Cheers,

    Ash

  • Riley with SOZO.DO
    • Webprenuer

    Like I mentioned, ever since I dumped the entire log of blocked IP addresses on the site, we haven’t had this issue. But, we definitely did have this issue before. Multiple people from multiple IP addresses all said they couldn’t access the site from the Twitter bio link and it was because a Defender icon was over the top saying they were locked out. So definitely you can share the bio, but you’re right, it’s not happening now. My only thing is I don’t want it to happen again. Just can’t figure out why it did.

  • Kasia Swiderska
    • Support nomad

    Hello Riley with SOZO.DO,

    Is it okay for us to do some tests on your site? It would help us more if we can see that issue live and replicate. Would you mind allowing support access so we can have a closer look at this? To enable support access you can follow this guide here:

    https://wpmudev.com/docs/getting-started/getting-support/#chapter-5

    Please respond in this ticket once access is granted.

    We should be quick with our tests (around 10-15 minutes)

    In the message for support can you leave your twitter account URL?

    kind regards,

    Kasia

  • Riley with SOZO.DO
    • Webprenuer

    Hello. Support access has been opened up and granted, but again, I don’t have a clue how you’ll test for this since it isn’t happening any longer. My best guess is that maybe Twitter bio links all send traffic through a VPN or something (not even sure that’s theoretically possible), and that address had made it onto the block list of IP addresses somehow from previous stuff. I have no idea. But, go ahead and take a look at things if you want. We haven’t had the problem since we opened this ticket a month and a half ago (and I “fixed” it by dumping the Defender blocked IP addresses), and hope we never do again.

  • Ash
    • Code Norris

    Hello Riley with SOZO.DO

    I checked the defender logs and there is nothing significant about referrer from twitter. As you said, it’s not happening anymore, let’s keep it like that and keep an eye on it. If it happens again, please let us know as soon as possible before dumping the IP addresses, and we will look at it.

    Have a nice day!

    Cheers,

    Ash