Data Portal Security

The Data Portal plugin and server has various security features to prevent bad actors and robots.

Limiting bad WordPress Login Attempts
If a user attempts to login too many times unsuccessfully their IP will be blocked for a period of time. This will block them from the entire server (every site on the server). Better to reset your password then try to login too many times as you may be locked out.

We have a robots.txt file deployed on all sites to block the most common scrapers and foreign bots. Unfortunately many bad robots to not adhere to this and additional server settings are used to block them as we find them.

Blocked IP Addresses
We regularly block bad actors and robots by reviewing the activity within higher traffic sites. When we see there is a bot scraping content we add them to the block list (they can still access the site but any attempts on any Data Portal pages will result in a 404 error). This prevents any performance issues by avoiding database queries to abusive robots. Generally the IP addresses of good bots (Bing, Google, etc) are ignored so they do not show up in your sites history. You can import the latest lists in the History panel of the Data Portal plugin. Unfortunately given the nature of the Internet today and the ease in which to setup a bot we see significant traffic from AWS, Azure and other related services with unknown intentions. These are typically only blocked if they cause excessive traffic and they will continue to appear in your site history.