Hi.
We are experiencing more complicated problem, than we though it will be. We want to block administrative pages from the internet on our proxy and allow only VPN IP’s to it. It can be done in config.ini.php by adding serveral
login_allowlist_ip[] = ip.ip.ip.*
lines. It still triggers a little of PHP code and we would prefer to have this blocked by a dedicated proxy, which can deal with most of basic attacks, including DDoS.
We would want to block all incoming traffic matching “matomo.php” on proxy, but it turns out we can not. Klaro cookie agreement form is hitting
matomo.php?action_name=[name of the site]&idsite=2&rec=1&r=668716&h=8&m=22&s=45&url=https://url.of.the.site/&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1472x828&pv_id=odT54D&pf_net=56&pf_srv=0&pf_tfr=21&pf_dm1=224&consent=1&uadata={}
to accept cookies and it has to be exposed to the internet. Is still could be used for attacks, simply by spamming those requests over and over. We can deal with that. Our concern is, that it passes trough “matomo.php” code.
Is there any way to block any URL’s matching “matomo.php” (and access to the admin panel) from the internet without breaking cookie consent forms? Something like blocking “/wp-admin”
on a proxy. We could limit access to it to 10000 per minute or something like that, or set alerts when it increases above some high threshold. Those are still valid choices and we are working on that. I wonder if any of You got better solution.
Thank You.
Łukasz