In this section you can set up rules to block access to the public facing pages (aka front-end) from undesired countries. For spammers, this plugin can reduce both the load on the server and the amount of comment spams by preventing comment form acquisition on the front-end. Against attacks targeted at vulnerabilities in themes and […]
WordPress has many important backend entrances (i.e. endpoint) that will affect on the website. In this section, you can set up rules to validate requests for particularly important endpoints among them.
In addition to blocking based on IP address geolocation information, this plugin blocks malicious requests by validating based on some additional rules. In this section, such validation rules and behavior at blocking are described.
You may want to test the blocking behavior of this plugin. This document shows you how to use WordPress Post Simulator which simulate various attacks to the WordPress site through the comment spam, trackback, pingback, ajax and so on.
Here, I will introduce some of free services that preview how your webpage looks in multiple locations.
You may want to test the blocking behavior of this plugin. This document shows you how to do it especially arround the admin, plugins and themes area based on version 0.2.2.2 and later.
Conditions Server: Apache on a shared hosting server. WordPress 4.6.1-ja / Theme: Twenty Twelve PHP: PHP-5.2.14 (it’s too old!!) / MySQL-5.5.21 Plugins: Here’s the list of activated plugins. IP Location Block: Version: 0.3.0.0 and later. Settings: ip-location-block-settings.json The Validation timing shoule be set as "init" action hook. If you set it as "mu-plugins" (ip-location-block-mu.php), P3 […]
Conditions IP Location Block: 3.0.0 and later Server settings: According to this article, .htaccess is applied to wp-content/plugins/ and wp-content/themes/. Abbreviation: Attack Vector = Type x Path Abbreviation of Type Description AB Authentication Bypass AFU Arbitrary File Upload CSRF Cross-Site Request Forgery DT Directory Traversal LFI Local File Inclusion PE Privilege Escalation RCE Remote Code […]
Definitely we need not only hardening security but also speeding up the site. So you may want to use IP Location Block with a caching plugin. This is a big challenge to make this plugin compatible with cache plugins, because they would respond the requested content without executing any PHP codes at the very beginning […]
