A WordPress Geo-blocking plugin
with Zero-day Exploit Prevention
It blocks any comments, pingbacks, trackbacks posted from outside your nation, and also protects against malicious accesses to the login form, admin / plugins / themes area and XML-RPC from undesired countries.
Immigration control for back-end
Access to the basic and important entrances into the back-end such as
wp-admin/*.php and so on will be validated by means of a country code based on IP address.
Guard against login attempts
In order to prevent the invasion through the login form and XML-RPC against the brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address even from the permitted countries.
Zero-day Exploit Prevention
“Zero-day Exploit Prevention for WP” (WP-ZEP) will block any malicious accesses even from the permitted countries. It will protect against certain types of attacks such as CSRF, SQLi, and so on, even if you have some vulnerable plugins on your site.
Protection of wp-config.php
A numerous malicious requests to expose
wp-config.php via vulnerable plugins or themes can be blocked.
A cache mechanism for the fetched IP addresses has been equipped to reduce the load on the server against the burst accesses with a short period of time.
Referrer suppressor for external links
When you click an external hyperlink on admin screen, http referrer will be eliminated to hide a footprint of your site.
BuddyPress and bbPress support
The membership can log in from anywhere, but a request such as new user registration, creating a new topic, and subscribing comment are blocked by the country code.
Cooperation with a full spec security plugin
This plugin is simple and lite enough to be able to cooperate with other full spec security plugins, such as Wordfence Security and so on.
Easy to customize and extend
You can have the custom error page, and also customize the basic behavior of this plugin via
add_filter() with pre-defined filter hook. See
samples.php bundled within this package.