May 11, 2021
Darko G.

The list of query strings in the admin request which WP-ZEP should bypass.


The filter hook “ip-location-block-bypass-admins” assigns the array of query strings in the request to the /wp-admin/…/*.php which WP-ZEP should bypass.

In some cases, WP-ZEP (Zero-day Exploit Prevention for WordPress) blocks the valid request to the /wp-admin/…/*.php. This filter hook is used to prevent such an unexpected blocking.


  • $queries
    (array) An array of allowed action/page.

Use case

The following code snippet in your theme’s functions.php can bypass WP-ZEP validation against some admin requests with query strings action=do-my-action and page=my-plugin-page.

function my_bypass_admins( $queries ) {
    $whitelist = array(
    return array_merge( $queries, $whitelist );
add_filter( 'ip-location-block-bypass-admins', 'my_bypass_admins' );
NOTE: When you select "mu-plugins" (ip-location-block-mu.php) as Validation timing , you should put your code snippet into drop-in.php in Geolocation API folder instead of functions.php. See My custom functions in “functions.php” doesn’t work. in FAQ for detail.


Leave a Reply

Your email address will not be published. Required fields are marked *

© 2024 - IP Location Block by IDEOLOGIX Media