6G Firewall (Deprecated)

Note: The 6G Firewall has been replaced by the 7G Firewall. New servers and sites will not see the 6G Firewall option.

The “6-G” firewall is actually just a set of web-server rules (originally published by Perishable Press) to filter out some well-known bad traffic before the requests hits the WordPress site. The idea with this type of “firewall” is that traffic requesting PHP/WordPress resources is expensive. It’s much cheaper and faster to weed them out at the webserver level before it gets that far.

One of the draw-backs of this type of firewall is that certain activities that are legitimate will get blocked. So we’ve provided a way to enable or disable portions of the rules.

To enable the entire rule set:

Go to DevelopVIDeploy → Applications
Click on the site for which this action will apply
Click on the 6GWAF tab
Toggle the Enable or Disable ALL 6G Rules switch
Click the OK option on the confirmation popup

After a while the screen will refresh – if the operation is successful. If the operation fails, you’ll get a popup message.

You can see a full log of the operation under the SSH LOG screen.

After the full rule set is enabled, you can disable portions of the rules using the rest of the toggle buttons on the screen.

Notes & Issues #

Easy Digital Downloads #

Some “add-to-cart” URLS in Easy Digital Downloads will fail with the 6G Firewall enabled. In particular, direct urls with square brackets embedded in them. These URLs are usual constructed when you have products with multiple price options and you want to give the user a direct link to one of the price options. They look something like this:

https://simple-press.com/checkout?edd_action=add_to_cart&download_id=81486&edd_options[price_id]=1

You can see the square brackets at the end of the URL.

There are two ways to work around this:

Turn off the REQUEST STRING rules portion of the 6G firewall. You can do this under the 6G WAF tab.
If you would like to keep most of the REQUEST STRING rules you can edit the /etc/nginx/common/6g.conf file to make the following changes:

Search for this in the Request Strings section of the file.

"~*(~|`|<|>|:|;|\\|\s|\{|\}|\[|\]|\|)" 7;

Replace it with this:

"~*(~|`|<|>|:|;|\\|\s|\{|\}|\|)" 7;

Then, restart the nginx engine:

service nginx restart

Colons In The Request Strings #

Sometimes, request strings might have colons in them. This will be blocked by default since it is an uncommon scenario. Here’s an example legitimate request string that will be blocked:

https://simple-press.com/?edd_action=get_version&license=4xasebadfasreasdfljerr&version=2.1.0&item_id=3916&author=Simple:Press

Notice at the end of the string the author is “simple:press” with a colon? This means that the entire request will be blocked, even though, in this case, it is a legitimate request.

There are two ways to work around this:

Turn off the REQUEST STRING rules portion of the 6G firewall. You can do this under the 6G WAF tab.
If you would like to keep most of the REQUEST STRING rules you can edit the /etc/nginx/common/6g.conf file to make the following changes:

Search for this in the Request Strings section of the file.

"~*(~|`|<|>|:|;|\\|\s|\{|\}|\[|\]|\|)" 7;

Replace it with this:

"~*(~|`|<|>|;|\\|\s|\{|\}|\[|\]|\|)" 7;

Then, restart the nginx engine:

service nginx restart

You will notice that the new specification string removes the “:” from the invalid characters list.

PHPMyAdmin #

PHPMyAdmin will be blocked by the 6G Firewall. If the it is turned on you should turn off the “QUERY STRING” rules section before launching it. After you are finished you can turn that section of the rules back on.

6G Firewall (Deprecated)

On this page

Notes & Issues #

Easy Digital Downloads #

Colons In The Request Strings #

PHPMyAdmin #

More Topics In Admin #