You can configure this plugin so that a registered user can login as a membership from anywhere, while a request such as a new user registration, lost password, creating a new topic and subscribing comment can be blocked by country. It can massively reduce the load on server.Ī malicious request such as exposing wp-config.php or uploading malwares via vulnerable plugins/themes can be blocked.Ī simple logic may help to reduce the number of rogue bots and crawlers scraping your site. You can configure this plugin as a Must Use Plugins so that this plugin can be loaded prior to regular plugins. Minimize server load against brute-force attacks: In order to prevent hacking through the login form and XML-RPC by brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address even from the permitted countries. It will protect your site against certain types of attack such as CSRF, LFI, SQLi, XSS and so on, even if you have some vulnerable plugins and themes in your site. It is simple but still smart and strong enough to block any malicious accesses to wp-admin/*.php, plugins/*.php and themes/*.php even from the permitted countries. Unlike other security firewalls based on attack patterns (vectors), the original feature “ Word Press Zero-day Exploit Prevention” (WP-ZEP) is focused on patterns of vulnerability. It allows you to configure either whitelist or blacklist to specify the countires, CIDR notation for a range of IP addresses and AS number for a group of IP networks.
#IP2LOCATION FREE TRIAL CODE#
Moreover, it can be anonymized and restricted on sending to the 3rd parties such as geolocation APIs or whois service.Īccess to the basic and important entrances into back-end such as wp-comments-post.php, xmlrpc.php, wp-login.php, wp-signup.php, wp-admin/admin.php, wp-admin/admin-ajax.php, wp-admin/admin-post.php will be validated by means of a country code based on IP address. IP address is always encrypted on recording in logs/cache. I fixed various issues and improved the overall codebase. Note: This plugin is based on the now abandoned “IP Geo Block” plugin by tokkonopapa. The plugin brings a smart and powerful protection methods named as “ WP Zero-day Exploit Prevention” and “ WP Metadata Exploit Protection“.Ĭombined with those methods and IP address geolocation, you’ll be surprised to find a bunch of malicious or undesirable access blocked in the logs of this plugin after several days of installation. IP Location Block plugin that allows you to block access to your site based on the visitor location while also keeping your site safe from malicious attacks.
0 kommentar(er)
