Does this plugin work properly?
However, there are some reasons why users have such an impression.
1. Wordfence Live Traffic
Sometimes, a Wordfence Security user who found some accesses in its Live Traffic view would claim that:
Hey, this plugin seems to block nothing!
But please do not get ahead of yourself, there’s a proper order for everything!
Before WordPress runs, Wordfence ingeniously filters out malicious requests to your site by enabling auto_prepend_file directive to include PHP based Web Application Firewall. Then this plugin validates the rest of the requests that pass over Wordfence because those were not in WAF rules, especially you enables “Prevent Zero-day Exploit”.
2. Confused Country Code
Unfortunately, accuracy of country code depends on the geolocation databases. Actually, there is a case that a same IP address has different country code.
Here are other examples:
In such a case, please consider to select more reliable databases.
Considering the execution order
Please consider to set
"mu-plugins" (ip-location-block-mu.php) as Validation timing in Validation rule settings. It enables to capture the requests prior to other plugins.
Find more details at Validation timing.