Webinoly is just the perfect tool for NGINX experts. Give it a try!
0 votes

I have test webinoly in linode & digitalocean & my server.

Overall is very good. I can get daily 100k visitors without problem. I love it.

But every server that I use Webinoly have 403 Forbidden in Wordpress admin & login page.

Only when I click on wordpress menu very fast or refresh it 4-5 time

Check this video --> https://streamable.com/4edm3

More testing video --> https://streamable.com/d6m2z

I setup Webinoly just few command. I have follower this page. https://webinoly.com/en/install/

Thank you.

1 Answer

0 votes
by Expert

Yes, that's a security feature!

We limit the number of request your wp-admin pages can receive from the same IP.

You know, it's like we are detecting an attack and then we close that connection to protect your server.

by Expert

Hi Jeff,

Did you report this issue to the plugin author?

I've been doing some research about it and seems like everybody agree with the idea that an intensive use of admin-ajax file have a very important negative effect over the WP admin area.

As I said before, I will keep an eye on this issue.

I'm not really sure about change these settings in Webinoly, if you are using Webinoly is because you care about performance.


by Rookie
I'll definitely ask the developer about this. Question, when I make the changes to the wpcommon.conf file, it seems that I can then never run webinoly -server-reset, since that'll overwrite the change, correct? So if I need to restart ngnix, I should just do it manually?

by Expert
Ok. Just to clarify:

Server-reset command is intended to be used to "reset" the configuration to the original state, it will remove any custom change you made. If you want to reload (restart) a service like nginx, you should do it manually.

by Expert

Following up this issue with UpdraftPlus and MigrateDB Pro plugins, seems like they (both) have a lot of tickets open about the same issue, a lot of people complaining for errors and slow admin areas due to an intensive use of admin-ajax.php caused by these plugins.

Seriously, read this answer: https://deliciousbrains.com/wp-migrate-db-pro/doc/modsecurity/

That not seems like a very "professional" answer, security features should never being disabled.

Just for the record:

Definitely, Webinoly will keep this security feature and you should be careful about how the plugins you are using are affecting your sites perfomance and security.

Just to add my two cents: Updraftplus seems to work just fine for backing up wp sites in a webinoly setup. 

It fails when restoring for the reasons discussed above. However, it will restore perfectly if you restore one part at a time -- eg , plugins, then themes, then uploads, etc. Just select one of the parts of the backup at a time and it works fine -- at least for mesmiley.

Hope this helps someone.


Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.
Webinoly Support Paypal Donations

PayPal · GitHub Sponsors · Bitcoin

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.