Light

mikasjp / wp-abuseshield Goto Github PK

View Code? Open in Web Editor NEW

14.0 2.0 1.0 75 KB

A simple and lightweight plugin that protects your WordPress against abuse.

License: MIT License

PHP 95.46% CSS 1.70% Python 2.85%

wordpress wordpress-plugin abuseipdb abuse-detection security hardening

wp-abuseshield's Introduction

WP AbuseShield

WP AbuseShield is a WordPress plugin that helps protect your valuable website against many types of abuse on the Internet.

How does it work?

The idea is very simple. The plugin checks the IP address of the new user in the AbuseIPDB via the API and checks if it has been reported in the last seven days. If IP is reported to AbuseIPDB, access is denied, otherwise access is granted.

Features

Protects against malicious bots
Ability to verify the domain to increase the queries limits for AbuseIPDB

Extra features

Works well with CloudFlare
Plugin has a cache to save limited queries to AbuseIPDB and improve performance
Works without JavaScript

Getting started

Install th plugin
Register an account on AbuseIPDB as a webmaster
Copy your API key to the plugin configuration panel
(Optional) Copy your Domain Verification Code (from meta tag) to the plugin configuration panel
That's all!

Bug reporting

Feel free to open issues. Remember to describe your problem accurately!

wp-abuseshield's People

Contributors

Stargazers

Watchers

Forkers

wp-abuseshield's Issues

Add email notifications about blocked attacks

Move config to database

Admin panel: implement CSRF prevention

$_SERVER variables should be filtered

Add a log to the administration panel

Change HTTPS request method

https://developer.wordpress.org/plugins/http-api/

Admin panel: Allow to change the ticket lifetime

Add a widget displaying blocked attacks attempts in the past N days

Admin panel: Allow to change the cache lifetime

Cache doesn't work

Reports

Hello,
First let me say thanks for your plugin and the work ur putting into it :)
Recently we installed your plugin (1 week ago) and we noticed few things and have some questions regarding your plugin:

1 - We have over 200 IP´s in cache now (by the time i posted this), and when we check the AbuseIPDB site we have over 900 Checks (by the time i posted this) by the plugin but none is or have been reported by the plugin, how does this actually work to report/check IP/s the plugin to AbuseIPDB site automatically?
Because alot of these IP´s are malicious, Spam, Brute Force etc.

2 - How or when does the plugin report IP actually works or when does it make auto reports?

3 - What is "Your secret token" for (WP AbuseShield Configuration)?

4 - Is possible in future updates your plugin have a Log of the IP´s Checked and Blocked?

Thanks
Regards
Kass

Update for new API?

Are you planning on updating for AbuseIPDB's new APIv2? Thanks.

Admin panel - make the domain verification possible

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.