[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJBF13jgQRiAHLlnXZoEpuqKySqy5m9-tXHWLsHmLW4g":3},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":36,"analysis":142,"fingerprints":248},"country-redirect","1.3.3","Andrii","https:\u002F\u002Fprofiles.wordpress.org\u002Fweb8moon\u002F","\u003Cp>The plugin very useful for companies (such as Alfa Romeo, Bosch, Biir, Siemens) and blogs who have different web-sites for not logged in visitors from different countries.\u003Cbr \u002F>\nIt creates Settings page named Country Redirect in the WordPress’s admin section where it is possible to point redirect for any country in the world. And when unauthorized visitor visits the frontend site, this visit will be redirected to URL matched the country he visits from with the WordPress default \u003Ccode>302\u003C\u002Fcode> status.\u003Cbr \u002F>\nThe aim of plugin is reliable country recognition of both desktop and mobile visitors using three independent determining engines based on visitor’s IP.\u003Cbr \u002F>\nThe using of plugin is pretty simple and does not require of any special or programming skills.\u003C\u002Fp>\n\u003Cp>If you have any suggestions or need some special function, please let me know.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default\u003C\u002Fli>\n\u003Cli>Ukrainian: Українська\u003C\u002Fli>\n\u003C\u002Ful>\n","Simple to use free WordPress plugin for redirection depending visitor's country",400,13389,84,6,"2021-12-25T20:44:00.000Z","5.8.13","4.7","7.0",[19,20,21,22,23],"country","geo","ip","redirect","redirect-by-country","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcountry-redirect\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcountry-redirect.1.3.3.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":6,"profile_url":7,"plugin_count":33,"total_installs":10,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":12,"computed_at":35},"web8moon",1,30,"2026-04-04T14:43:13.555Z",[37,60,77,96,122],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":52,"download_link":58,"security_score":59,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"geo-targetly-geo-redirect","Geo Redirect","8.0.1","geotargetly","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeotargetly\u002F","\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FlKnv7QPzbaw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Create geo targeted url redirects for your website pages. Perfect for creating both simple and complex redirects.\u003C\u002Fp>\n\u003Cp>This plugin can allow you to create simple redirects for your complete website or particular pages of your website.\u003C\u002Fp>\n\u003Cp>You can also use this plugin on multiple websites to inter-redirect between them which is especially useful if you own different country level domains.\u003C\u002Fp>\n\u003Cp>This plugin is made by \u003Ca href=\"https:\u002F\u002Fgeotargetly.com\" title=\"Geo Targetly\" rel=\"nofollow ugc\">Geo Targetly\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Paid account is required \u003Ca href=\"https:\u002F\u002Fgeotargetly.com\u002Fpricing\" title=\"pricing\" rel=\"nofollow ugc\">see pricing\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Get a 14 day free trial sign up\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Redirect visitors by country, state, city, IP address, latitude-longitude-radius\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Create multiple redirects each targeted at a particular geo location\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to add a default redirect for non-targeted visitors\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to restrict redirect to only certain pages\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to redirect all subpages of a particular page\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to redirect visitors coming from external sources only\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to bypass redirect if visitor comes from certain domains or IPs\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to pass query strings onto redirected url\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to pass sub directory path onto redirected url\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to create custom URL mapping\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Built in analytics\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Detailed docs can be found below\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgeotargetly.com\u002Fgeo-redirect\" title=\"Overview\" rel=\"nofollow ugc\">Overview\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgeotargetly.com\u002Fdocs\u002Fgeo-redirect#quick-start-guide\" title=\"Quick Start Guide\" rel=\"nofollow ugc\">Quick Start Guide\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgeotargetly.com\u002Fdocs\u002Fgeo-redirect\" title=\"Docs\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Known issues\u003C\u002Fh3>\n\u003Cp>Issue: Elementor sometimes hangs and fails to load the editor due to a conflict with another plugin (Geo Redirect).\u003Cbr \u002F>\nWorkaround: Enable Safe Mode in Elementor (Elementor \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Tools \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Safe Mode) when editing. This bypasses the conflict until a permanent fix is implemented.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Live chat at \u003Ca href=\"https:\u002F\u002Fgeotargetly.com\" title=\"Geo Targetly\" rel=\"nofollow ugc\">Geo Targetly\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to an external endpoint via the domain https:\u002F\u002Fg10102301085.co to load and run a script that powers its core\u003Cbr \u002F>\nfunctionality, as outlined previously in the description.\u003C\u002Fp>\n\u003Cp>It sends the user’s location each time the plugin is loaded. This is necessary to determine and customize the plugin’s\u003Cbr \u002F>\nbehavior based on the user’s geographical context.\u003C\u002Fp>\n\u003Cp>Additionally, this plugin connects to analytics endpoint https:\u002F\u002Fg97676560.co\u002F to track plugin installation and usage over\u003Cbr \u002F>\ntime.\u003C\u002Fp>\n\u003Cp>This service is provided by Geo Targetly – \u003Ca href=\"https:\u002F\u002Fgeotargetly.com\u002Fwebsite-terms-of-use\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgeotargetly.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n","Redirect visitors based on geolocation (country, state, city, lat\u002Flng\u002Fradius)",1000,24138,86,11,"2025-12-01T09:52:00.000Z","6.8.5","3.0.1","",[54,55,56,23,57],"geo-content","geo-redirect","redirect-by-city","redirect-by-location","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-targetly-geo-redirect.8.0.1.zip",100,{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":47,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":16,"requires_php":17,"tags":73,"homepage":75,"download_link":76,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"redirect-modal-based-on-country","Redirect Modal Based On Country","1.0.0","David Kurniawan","https:\u002F\u002Fprofiles.wordpress.org\u002Fhivid\u002F","\u003Cp>This plugin is very useful to let your visitors know that they can also visit your website specifically from their country\u003Cbr \u002F>\nIt creates Settings page named Redirect Modal Based On Country in the WordPress’s admin section where it is possible to point redirect for any country in the world. And when visitor visits the frontend site, the visitor will be see popup modal to choose go to country or stay on this page.\u003Cbr \u002F>\nThe using of plugin is pretty simple and does not require of any special or programming skills.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default\u003C\u002Fli>\n\u003Cli>bg_BG\u003C\u002Fli>\n\u003Cli>da_DK\u003C\u002Fli>\n\u003Cli>de_DE\u003C\u002Fli>\n\u003Cli>es_ES\u003C\u002Fli>\n\u003Cli>fa_IR\u003C\u002Fli>\n\u003Cli>fr_CA\u003C\u002Fli>\n\u003Cli>fr_FR\u003C\u002Fli>\n\u003Cli>hi_IN\u003C\u002Fli>\n\u003Cli>id_ID\u003C\u002Fli>\n\u003Cli>it_IT\u003C\u002Fli>\n\u003Cli>pt_BR\u003C\u002Fli>\n\u003Cli>pt_PT\u003C\u002Fli>\n\u003Cli>ru_RU\u003C\u002Fli>\n\u003Cli>vi_VI\u003C\u002Fli>\n\u003C\u002Ful>\n","Let your visitors know that your website is also available specifically for their country",70,2053,3,"2021-08-21T04:39:00.000Z","5.8.0",[19,20,21,22,74],"redirect-by-ip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fredirect-modal-based-on-country\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fredirect-modal-based-on-country.zip",{"slug":78,"name":79,"version":63,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":52,"requires_php":52,"tags":90,"homepage":94,"download_link":95,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"geo-redirects","Geo Redirects Lite","Damian","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimersys\u002F","\u003Cp>Geo redirects plugins will let you redirect users based on their country by using a GeoIP database\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Premium Version\u003C\u002Fstrong> available at \u003Ca href=\"https:\u002F\u002Fgeotargetingwp.com\u002F?utm_source=geo_redirects_lite_plugin&utm_medium=banner\" rel=\"nofollow ugc\">https:\u002F\u002Fgeotargetingwp.com\u003C\u002Fa>\u003Cbr \u002F>\n  Features available:\u003Cbr \u002F>\n  * Redirect based on countries, states or cities\u003Cbr \u002F>\n  * Create regions\u002Fgroups of cities or countries for easily targeting\u003Cbr \u002F>\n  * Exclude bots\u003Cbr \u002F>\n  * Target devices\u003Cbr \u002F>\n  * Whitelist by IP\u003Cbr \u002F>\n  * One time redirection per session or for ever\u003Cbr \u002F>\n  * Fallback country\u003Cbr \u002F>\n  * Access to Geotargeting PRO plugin\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Create Geo redirects in an incredible easy way and use different set of rules to match users",10,3843,60,2,"2017-06-19T12:39:00.000Z","4.8.28",[91,78,92,93,23],"geo-redirection","geolite","geotargeting","https:\u002F\u002Fgeotargetingwp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-redirects.1.0.0.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":12,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":117,"download_link":118,"security_score":119,"vuln_count":120,"unpatched_count":27,"last_vuln_date":121,"fetched_at":29},"ip2location-country-blocker","IP2Location Country Blocker","2.41.2","IP2Location","https:\u002F\u002Fprofiles.wordpress.org\u002Fip2location\u002F","\u003Cp>\u003Cem>This plugin will NOT work if any cache plugin is enabled.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>This plugin enables user to block unwanted traffic from accessing your frontend (blog pages) or backend (admin area) by countries or proxy servers. It helps to reduce spam and unwanted sign ups easily by preventing unwanted visitors from browsing a particular page or entire website.\u003C\u002Fp>\n\u003Cp>Key Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allow you to block the access from multiple countries.\u003C\u002Fli>\n\u003Cli>Allow you to block the access by country grouping, such as EU, APAC, and so on.\u003C\u002Fli>\n\u003Cli>Allow you to block the access from anonymous proxies.\u003C\u002Fli>\n\u003Cli>Allow you to block the access by IP ranges.\u003C\u002Fli>\n\u003Cli>Allow you to whitelist the crawler, for example, Google, Bing, Yandex, and so on, to index your pages (SEO friendly).\u003C\u002Fli>\n\u003Cli>Supports IPv4 and IPv6\u003C\u002Fli>\n\u003Cli>Default to 403 error (Permission Denied) display\u003C\u002Fli>\n\u003Cli>Allow you to customize your own 403 page.\u003C\u002Fli>\n\u003Cli>Send you an email notification if some one is trying to access your admin area.\u003C\u002Fli>\n\u003Cli>Provide you statistical report of traffics blocked.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin supports both IP2Location BIN data and web service for IP geolocation lookup. If you would like to use the IP2Location geolocation BIN data, you can easily download and update the BIN data via the plugin settings page. Alternatively, you can also download and update the BIN data file manually using the below links:\u003C\u002Fp>\n\u003Cp>IP Geolocation file download:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Flite.ip2location.com\" title=\"IP2Location LITE database\" rel=\"nofollow ugc\">IP2Location & IP2Proxy LITE database (Free)\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fip2location.com\" title=\"IP2Location commercial database\" rel=\"nofollow ugc\">IP2Location & IP2Proxy Commercial database (Comprehensive)\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To use the IP2Location IP geolocation web service (REST API) for geolocation, you’ll need to register an account at \u003Ca href=\"https:\u002F\u002Fwww.ip2location.io\" title=\"IP2Location.io IP Geolocation API\" rel=\"nofollow ugc\">IP2Location.io IP Geolocation API\u003C\u002Fa>. A free plan is available.\u003C\u002Fp>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>Please visit us at \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\" title=\"https:\u002F\u002Fwww.ip2location.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ip2location.com\u003C\u002Fa>\u003C\u002Fp>\n","Blocks unwanted visitors from accessing your frontend (blog pages) or backend (admin area) by countries or proxy servers.",30000,1626215,124,"2025-12-03T07:19:00.000Z","6.9.4","4.6","7.4",[112,113,114,115,116],"block-country","block-proxy","ip-address","ip2location","redirection","https:\u002F\u002Fip2location.com\u002Fresources\u002Fwordpress-ip2location-country-blocker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip2location-country-blocker.2.41.2.zip",93,9,"2025-02-21 19:56:54",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":17,"requires_at_least":135,"requires_php":52,"tags":136,"homepage":140,"download_link":141,"security_score":59,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"ip-location-block","IP Location Block","1.3.8","Darko G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdarkog\u002F","\u003Cp>IP Location Block plugin that allows you to block access to your site based on the visitor location while also keeping your site safe from malicious attacks. The plugin brings a smart and powerful protection methods such as “\u003Cstrong>WP Metadata Exploit Protection\u003C\u002Fstrong>“.\u003C\u002Fp>\n\u003Cp>Combined with those methods and IP address geolocation, you’ll be surprised to find a bunch of malicious or undesirable access blocked in the logs of this plugin after several days of installation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is based on the now abandoned “IP Geo Block” plugin by tokkonopapa. I fixed various issues and improved the overall codebase.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Native Geo-Location Provider\u003C\u002Fstrong>\u003Cbr \u002F>\nIP Location Block provides \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location Provider\u003C\u002Fa> that is faster, more secure and provides the needed \u003Cstrong>precision\u003C\u002Fstrong> for matching \u003Cstrong>CITY\u003C\u002Fstrong> and \u003Cstrong>STATE\u003C\u002Fstrong> besides the standard COUNTRY matching.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Privacy by design:\u003C\u002Fstrong>\u003Cbr \u002F>\nIP address is always encrypted on recording in logs\u002Fcache. Moreover, it can be anonymized and restricted on sending to the 3rd parties such as geolocation APIs or whois service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Immigration control:\u003C\u002Fstrong>\u003Cbr \u002F>\nAccess to the basic and important entrances into back-end such as \u003Ccode>wp-comments-post.php\u003C\u002Fcode>, \u003Ccode>xmlrpc.php\u003C\u002Fcode>, \u003Ccode>wp-login.php\u003C\u002Fcode>, \u003Ccode>wp-signup.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-ajax.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-post.php\u003C\u002Fcode> will be validated by means of a country code based on IP address. It allows you to configure either whitelist or blacklist to \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FISO_3166-1_alpha-2#Officially_assigned_code_elements\" title=\"ISO 3166-1 alpha-2 - Wikipedia\" rel=\"nofollow ugc\">specify the countires\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FClassless_Inter-Domain_Routing\" title=\"Classless Inter-Domain Routing - Wikipedia\" rel=\"nofollow ugc\">CIDR notation\u003C\u002Fa> for a range of IP addresses and \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAutonomous_system_(Internet)\" title=\"Autonomous system (Internet) - Wikipedia\" rel=\"nofollow ugc\">AS number\u003C\u002Fa> for a group of IP networks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Guard against login attempts:\u003C\u002Fstrong>\u003Cbr \u002F>\nIn order to prevent hacking through the login form and XML-RPC by brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address even from the permitted countries.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Minimize server load against brute-force attacks:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin as a \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FMust_Use_Plugins\" title=\"Must Use Plugins « WordPress Codex\" rel=\"nofollow ugc\">Must Use Plugins\u003C\u002Fa> so that this plugin can be loaded prior to regular plugins. It can massively \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fvalidation-timing\u002F\" title=\"Validation timing | IP Location Block\" rel=\"nofollow ugc\">reduce the load on server\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Prevent malicious down\u002Fuploading:\u003C\u002Fstrong>\u003Cbr \u002F>\nA malicious request such as exposing \u003Ccode>wp-config.php\u003C\u002Fcode> or uploading malwares via vulnerable plugins\u002Fthemes can be blocked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block badly-behaved bots and crawlers:\u003C\u002Fstrong>\u003Cbr \u002F>\nA simple logic may help to reduce the number of rogue bots and crawlers scraping your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support of BuddyPress and bbPress:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin so that a registered user can login as a membership from anywhere, while a request such as a new user registration, lost password, creating a new topic and subscribing comment can be blocked by country. It is suitable for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress — WordPress Plugins\" rel=\"ugc\">BuddyPress\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbbpress\u002F\" title=\"WordPress › bbPress « WordPress Plugins\" rel=\"ugc\">bbPress\u003C\u002Fa> to help reducing spams.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Referrer suppressor for external links:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen you click an external hyperlink on admin screens, http referrer will be eliminated to hide a footprint of your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multiple source of IP Geolocation databases:\u003C\u002Fstrong>\u003Cbr \u002F>\nBesides the \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location provider\u003C\u002Fa>, this plugin supports \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind GeoLite2 free databases\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\u002F\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location LITE databases\u003C\u002Fa>. Also free Geolocation REST APIs and whois information can be available for audit purposes.\u003Cbr \u002F>\nFather more, \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcloudflare-cloudfront-api-class-library\u002F\" title=\"CloudFlare & CloudFront API class library | IP Location Block\" rel=\"nofollow ugc\">dedicated API class libraries\u003C\u002Fa> can be installed for CloudFlare and CloudFront as a reverse proxy service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customizing response:\u003C\u002Fstrong>\u003Cbr \u002F>\nHTTP response code can be selectable as \u003Ccode>403 Forbidden\u003C\u002Fcode> to deny access pages, \u003Ccode>404 Not Found\u003C\u002Fcode> to hide pages or even \u003Ccode>200 OK\u003C\u002Fcode> to redirect to the top page.\u003Cbr \u002F>\nYou can also have a human friendly page (like \u003Ccode>404.php\u003C\u002Fcode>) in your parent\u002Fchild theme template directory to fit your site design.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Validation logs:\u003C\u002Fstrong>\u003Cbr \u002F>\nValidation logs for useful information to audit attack patterns can be manageable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Cooperation with full spec security plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is lite enough to be able to cooperate with other full spec security plugin such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\u002F\" title=\"Wordfence Security — WordPress Plugins\" rel=\"ugc\">Wordfence Security\u003C\u002Fa>. See \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fpage-speed-performance\u002F\" title=\"Page speed performance | IP Location Block\" rel=\"nofollow ugc\">this report\u003C\u002Fa> about page speed performance.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Extendability:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can customize the behavior of this plugin via \u003Ccode>add_filter()\u003C\u002Fcode> with \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002F\" title=\"Codex | IP Location Block\" rel=\"nofollow ugc\">pre-defined filter hook\u003C\u002Fa>. See various use cases in \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fexample-use-cases-for-the-developer-hooks\u002F\" rel=\"nofollow ugc\">samples.php\u003C\u002Fa> bundled within this package.\u003Cbr \u002F>\nYou can also get the extension \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\u002FWordPress-IP-Geo-Allow\" title=\"GitHub - ddur\u002FWordPress-IP-Geo-Allow: WordPress Plugin Exension for WordPress-IP-Geo-Block Plugin\" rel=\"nofollow ugc\">IP Geo Allow\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\" title=\"ddur (Dragan) - GitHub\" rel=\"nofollow ugc\">Dragan\u003C\u002Fa>. It makes admin screens strictly private with more flexible way than specifying IP addresses.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Self blocking prevention and easy rescue:\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite owners do not prefer themselves to be blocked. This plugin prevents such a sad thing unless you force it. And futhermore, if such a situation occurs, you can \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fwhat-should-i-do-when-im-locked-out\u002F\" title=\"What should I do when I'm locked out? | IP Location Block\" rel=\"nofollow ugc\">rescue yourself\u003C\u002Fa> easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean uninstallation:\u003C\u002Fstrong>\u003Cbr \u002F>\nNothing is left in your precious mySQL database after uninstallation. So you can feel free to install and activate to make a trial of this plugin’s functionality.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Documentation and more information can always be found on our \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002F\" title=\"IP Location Block\" rel=\"nofollow ugc\">plugin website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Attribution\u003C\u002Fh4>\n\u003Cp>This package includes GeoLite2 library distributed by MaxMind, available from \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind\u003C\u002Fa>, and also includes IP2Location open source libraries available from \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Also thanks for providing the following services and REST APIs for free.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fgeoiplookup.net\u002F\" title=\"What Is My IP Address | GeoIP Lookup\" rel=\"nofollow ugc\">http:\u002F\u002Fgeoiplookup.net\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfo.io\u002F\" title=\"IP Address API and Data Solutions\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipapi.com\u002F\" title=\"ipapi - IP Address Lookup and Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipapi.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipstack.com\u002F\" title=\"ipstack - Free IP Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipstack.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfodb.com\u002F\" title=\"Free IP Geolocation Tools and API| IPInfoDB\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfodb.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Development\u003C\u002Fh4>\n\u003Cp>Development of this plugin happens at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgdarko\u002Fip-location-block\" title=\"gdarko\u002Fip-location-block - GitHub\" rel=\"nofollow ugc\">IP Location Block – GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All contributions will always be welcome.\u003C\u002Fp>\n\u003Ch4>Known issues\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>From \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2016\u002F03\u002F09\u002Fcomment-changes-in-wordpress-4-5\u002F\" title=\"Comment Changes in WordPress 4.5 – Make WordPress Core\" rel=\"nofollow ugc\">WordPress 4.5\u003C\u002Fa>, \u003Ccode>rel=nofollow\u003C\u002Fcode> had no longer be attached to the links in \u003Ccode>comment_content\u003C\u002Fcode>. This change prevents to block “\u003Ca href=\"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FServer_Side_Request_Forgery\" title=\"Server Side Request Forgery - OWASP\" rel=\"nofollow ugc\">Server Side Request Forgeries\u003C\u002Fa>” (not Cross Site but a malicious internal link in the comment field).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapps.wordpress.com\u002Fmobile\u002F\" title=\"WordPress.com Apps - Mobile Apps\" rel=\"nofollow ugc\">WordPress.com Mobile App\u003C\u002Fa> can’t execute image uploading because of its own authentication system via XMLRPC.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily block visitors by country, state or ISP provider. Also, protects your site from spam, login attempts, malicious access & more.",10000,192738,92,33,"2026-03-13T00:57:00.000Z","3.7",[137,19,138,114,139],"block","geolocation","ip-geo-block","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fip-location-block\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-location-block.1.3.8.zip",{"attackSurface":143,"codeSignals":169,"taintFlows":200,"riskAssessment":236,"analyzedAt":247},{"hooks":144,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":27,"unprotectedCount":27},[145,151,155,158,162],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","admin_notices","cntrd_activation_notice","country-redirect.php",51,{"type":146,"name":152,"callback":153,"file":149,"line":154},"plugins_loaded","closure",57,{"type":146,"name":156,"callback":153,"file":149,"line":157},"admin_menu",65,{"type":146,"name":159,"callback":160,"file":149,"line":161},"admin_init","cntrd_initialize_options",187,{"type":146,"name":163,"callback":153,"file":149,"line":164},"template_redirect",290,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":176,"fileOperations":84,"externalRequests":33,"nonceChecks":27,"capabilityChecks":33,"bundledLibraries":199},[],{"prepared":27,"raw":33,"locations":172},[173],{"file":149,"line":174,"context":175},784,"$wpdb->query() with variable interpolation",{"escaped":70,"rawEcho":84,"locations":177},[178,181,183,185,187,189,191,193,195,197],{"file":149,"line":179,"context":180},195,"raw output",{"file":149,"line":182,"context":180},196,{"file":149,"line":184,"context":180},200,{"file":149,"line":186,"context":180},201,{"file":149,"line":188,"context":180},207,{"file":149,"line":190,"context":180},208,{"file":149,"line":192,"context":180},253,{"file":149,"line":194,"context":180},264,{"file":149,"line":196,"context":180},276,{"file":149,"line":198,"context":180},284,[],[201],{"entryPoint":202,"graph":203,"unsanitizedCount":33,"severity":235},"\u003Ccountry-redirect> (country-redirect.php:0)",{"nodes":204,"edges":229},[205,210,216,219,223],{"id":206,"type":207,"label":208,"file":149,"line":209},"n0","source","$_SERVER",296,{"id":211,"type":212,"label":213,"file":149,"line":214,"wp_function":215},"n1","sink","wp_redirect() [Open Redirect]",344,"wp_redirect",{"id":217,"type":207,"label":208,"file":149,"line":218},"n2",336,{"id":220,"type":221,"label":222,"file":149,"line":218},"n3","transform","→ cntrd_ipapi()",{"id":224,"type":212,"label":225,"file":226,"line":227,"wp_function":228},"n4","wp_remote_get() [SSRF]","engine\\ipapi.php",18,"wp_remote_get",[230,232,234],{"from":206,"to":211,"sanitized":231},true,{"from":217,"to":220,"sanitized":233},false,{"from":220,"to":224,"sanitized":233},"medium",{"summary":237,"deductions":238},"The \"country-redirect\" plugin v1.3.3 exhibits a generally good security posture regarding its attack surface, with zero identified entry points like AJAX handlers, REST API routes, or shortcodes. This significantly limits direct avenues for external attacks.  However, the code analysis reveals notable areas of concern. A significant portion of SQL queries are not using prepared statements, which is a critical vulnerability that can lead to SQL injection if the data is not properly sanitized before being used in the query. Furthermore, only 23% of output is properly escaped, indicating a risk of Cross-Site Scripting (XSS) vulnerabilities where untrusted data could be injected into the page content.  The taint analysis also identified one flow with an unsanitized path, which could potentially lead to unintended file access or manipulation, though it was not classified as critical or high severity.  The plugin's history of zero recorded CVEs is a positive indicator, suggesting a generally stable and well-maintained codebase. However, this should not be taken as a guarantee of future security, especially given the identified coding practices that introduce inherent risks.\n\nIn conclusion, while the plugin has a minimal attack surface and no known vulnerabilities in its history, the static analysis highlights specific, high-impact coding weaknesses. The lack of prepared statements in SQL queries and the low rate of output escaping represent tangible risks that should be addressed. The single unsanitized path in the taint analysis, while not critically severe, also warrants attention. Users should be aware that these identified weaknesses could be exploited, despite the absence of past CVEs.",[239,242,244],{"reason":240,"points":241},"Raw SQL queries without prepared statements",8,{"reason":243,"points":13},"Low rate of output escaping",{"reason":245,"points":246},"Flow with unsanitized path (taint analysis)",5,"2026-03-16T19:44:20.872Z",{"wat":249,"direct":258},{"assetPaths":250,"generatorPatterns":253,"scriptPaths":254,"versionParams":255},[251,252],"\u002Fwp-content\u002Fplugins\u002Fcountry-redirect\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fcountry-redirect\u002Fjs\u002Fredirect.js",[],[252],[256,257],"country-redirect\u002Fstyle.css?ver=","country-redirect\u002Fjs\u002Fredirect.js?ver=",{"cssClasses":259,"htmlComments":261,"htmlAttributes":266,"restEndpoints":268,"jsGlobals":269,"shortcodeOutput":272},[260],"cntrd_settings_wrap",[262,263,264,265],"\u003C!-- Country Redirect Settings -->","\u003C!-- Country Redirect Engine Settings -->","\u003C!-- Country Redirect Redirect Settings -->","\u003C!-- Country Redirect Whitelist Settings -->",[267],"data-cntrd-redirect-urls",[],[270,271],"window.cntrd_redirect_urls","var cntrd_redirect_urls",[]]