Skip to content
Vulnity Vulnity Docs

Blocked IPs

What is it for?

Section titled “What is it for?”

The Blocked IPs section is the control center for viewing and managing all IP addresses currently blocked on your WordPress sites. It lets you monitor both automatic blocks generated by mitigation rules and manual blocks, with detailed information for each one.

Main features

Section titled “Main features”

1. Overview

Section titled “1. Overview”
  • Real-time counter: shows the total number of active blocked IPs.
  • Complete list: all blocked IPs with detailed information.
  • Automatic filtering: shows only active, non-expired blocks.

2. Information for each blocked IP

Section titled “2. Information for each blocked IP”

For each blocked IP, the interface shows:

  • IP address: blocked IP address, in IPv4 format.
  • Affected site: name and domain of the site where it is blocked.
  • Block reason: detailed reason why the IP was blocked.
  • Block date: when the IP was blocked, shown as relative time such as “2 hours ago”.
  • Expiration date: when the block expires, or whether it is permanent.
  • Block type:
    • 🔵 Automatic: blocked by mitigation rules.
    • Manual: manually blocked by an administrator.

3. Available actions

Section titled “3. Available actions”

A) Block IP manually

  • Main button: “Block IP”.
  • Opens a dialog with:
    • IP address: required field with IPv4 validation.
    • Site selection: apply to all active sites or select individual sites.
    • Block duration: options from 15 minutes to permanent.
    • Reason: required field, minimum 3 characters, to document why.
  • Real-time validations prevent errors.

B) Unblock IP

  • “Unblock” button on each row.
  • Immediately unblocks the IP.
  • Automatically refreshes the list.

C) Refresh list

  • “Refresh” button with reload icon.
  • Refreshes the blocked-IP list.

4. Vulnity Blacklist

Section titled “4. Vulnity Blacklist”

!!! info “Coming soon” Additional protection against known malicious IPs. Global list maintained by Vulnity with identification of IPs reported across multiple sites. Currently in development.

5. Smart management

Section titled “5. Smart management”
  • Automatic cleanup: expired or inactive IPs are removed from the view automatically.
  • WordPress synchronization: blocks are synchronized with the WordPress plugin.
  • Multiple sites: the same IP can be blocked across several sites at once.
Section titled “Recommended use cases”
  1. Preventive blocking: when you identify a suspicious IP in logs or alerts.
  2. Incident response: immediate block during an active attack.
  3. Post-attack management: review IPs blocked automatically.
  4. Maintenance: unblock IPs that were blocked by mistake.
  5. Security analysis: identify attack patterns by IP.

Best practices

Section titled “Best practices”
  • Always document the block reason clearly.
  • Review blocked IPs periodically to identify false positives.
  • Use temporary durations instead of permanent ones unless strictly necessary.
  • Consider adding legitimate IPs to the whitelist instead of repeatedly unblocking them.
  • Be careful when blocking IP ranges across multiple sites at once.