[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQuMJOHcU_grxpBkzhed1LX22mzjS-G4AUkVGbcCjJo4":3,"$fX8HYpzJhu5isZZteLKW-D7RsJlx-qvY1H6RILU2cI28":189,"$f-rmE-ThbCm1kjp2Oy-6G8hucTdfl0KLUQ7OvTlDh_0k":194},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":36,"analysis":129,"fingerprints":173},"dmn-security-centre","DMN (Security Centre)","1.3","DMN Creative","https:\u002F\u002Fprofiles.wordpress.org\u002Fdmnplugins\u002F","\u003Cp>The DMN (Security Centre) plugin provides an easy way to keep your Wordfence security whitelist updated with all DMN services without having to check it all the time. This will automatically check and ensure that the whitelist is kept updated once a day. This service requires external communication with DMNs devstage server to aquire the office IP address which will be whitelisted. By using this plugin you agree that the service can be used and communicated with.\u003C\u002Fp>\n\u003Cp>The DMN (Security Centre) plugin can be easily activated and deactivated from the WordPress dashboard, and requires no additional configuration or setup.\u003C\u002Fp>\n","The DMN (Security Centre) plugin keeps your word fences whitelist IP addresses updated with DMN services on your WordPress site.",60,858,0,"2024-08-13T11:08:00.000Z","6.5.8","5.2","7.2",[19,20,21],"security","whitelist","wordfence","https:\u002F\u002Fdmncreative.com\u002Fplugins\u002Fdmn-security-centre\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdmn-security-centre.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":24,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"dmnplugins",3,160,30,88,"2026-05-19T22:36:50.172Z",[37,56,76,95,111],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":54,"download_link":55,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"awesoft-ip-whitelist","IP Whitelist","1.0.2","Awesoft","https:\u002F\u002Fprofiles.wordpress.org\u002Fawesoft\u002F","\u003Cp>The “IP Whitelist” plugin allows administrators to limit access to the WordPress dashboard by whitelisting specific IP addresses. It’s intended to enhance security by restricting access to only trusted sources.\u003C\u002Fp>\n","Allows administrators to limit access to the WordPress dashboard",946,"2025-02-02T03:05:00.000Z","6.7.5","6.0","7.4",[51,52,53,19,20],"access","admin","ip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fawesoft-ip-whitelist\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawesoft-ip-whitelist.1.0.2.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":75,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"proxy-ip-addresses-for-cloudfront-with-wordfence","Proxy IP Addresses for Cloudfront with Wordfence","1.1","emfluence interactive marketing","https:\u002F\u002Fprofiles.wordpress.org\u002Femfluencekc\u002F","\u003Cp>If you have Cloudfront in front of WordPress and are using Wordfence, this plugin is for you.\u003C\u002Fp>\n\u003Cp>If you don’t provide Cloudfront’s IP addresses to Wordfence, any bad behavior out there can get Cloudfront itself blocked by Wordfence – and then no one will be able to access your site.\u003C\u002Fp>\n\u003Cp>This plugin downloads Cloudfront’s IP address list directly from Amazon Web Services (AWS). Then it adds and automatically updates the proxy IP addresses for Cloudfront in Wordfence, so that Wordfence can correctly identify the end user’s IP address.\u003C\u002Fp>\n\u003Cp>AWS updates its list of IP addresses every now and then. Don’t manually add IP addresses, and then try to keep track of Cloudfront IP address changes. Just install this plugin and stop worrying!\u003C\u002Fp>\n\u003Cp>Want to change how this plugin works, or add to it? Fork it on GitHub!\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Femfluencekc\u002FWordfence-Cloudfront-IPs\u003C\u002Fp>\n\u003Cp>Documentation, privacy, terms of use, and the list of IP addresses that are used by this plugin can be found here:\u003Cbr \u002F>\nhttps:\u002F\u002Fdocs.aws.amazon.com\u002FAmazonCloudFront\u002Flatest\u002FDeveloperGuide\u002FLocationsOfEdgeServers.html\u003C\u002Fp>\n","Automatically update Wordfence's list of proxy IP addresses with Cloudfront IP addresses",20,8016,"2024-03-19T21:40:00.000Z","6.4.8","5.0","5.6",[71,72,19,21],"cloudfront","proxy","https:\u002F\u002Fgithub.com\u002Femfluencekc\u002FWordfence-Cloudfront-IPs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproxy-ip-addresses-for-cloudfront-with-wordfence.1.1.zip",85,{"slug":77,"name":78,"version":40,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":64,"downloaded":83,"rating":34,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":93,"download_link":94,"security_score":75,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-login-security-2","WP Login Security 2","andersvinther2","https:\u002F\u002Fprofiles.wordpress.org\u002Fandersvinther2\u002F","\u003Cp>WP Login Security 2 provides enhanced security by requiring users to whitelist their IP address.\u003Cbr \u002F>\nIf the IP address is not recognized, the plugin will send an email to the user with a link that contains a one-time key. Optionally the blog administrator can also be notified.\u003C\u002Fp>\n\u003Cp>If a user logs in from a known IP address no further action is required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What does this Plugin do?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Each time a user logs in, the plugin will compare their existing IP address to the last seen IP address.\u003C\u002Fli>\n\u003Cli>If the IP does not match or no IP addresses have been whitelisted, an email will be sent to the users registered email address.\u003C\u002Fli>\n\u003Cli>The user must login to their email and click the included link, which contains the one-time password.\u003C\u002Fli>\n\u003Cli>The plugin can be configured to also send an email to the blog administrator as well as the user.  \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Updates from the original plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is based on the original \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-login-security\u002F\" rel=\"ugc\">WP Login Security\u003C\u002Fa> plugin developed by joshuascott94.\u003C\u002Fp>\n\u003Cp>Since the original plugin is not supported any longer we took over and made a few updates:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Fixed: Incorrect number of parameters were passed to mt_rand().\u003C\u002Fli>\n\u003Cli>Recoded: The plugin notifications on the login screen only worked when Output Buffering was turned on in php.ini.\u003C\u002Fli>\n\u003Cli>Added buttons to clear whitelist and outstanding activation codes.\u003C\u002Fli>\n\u003Cli>Added code to clean up data on uninstallation.\u003C\u002Fli>\n\u003C\u002Fol>\n","Whitelist User IP addresses. If a user logs in from an unknown IP the plugin sends an email to the user and optionally the admin with a one-time key.",8254,5,"2012-12-19T13:08:00.000Z","3.5.2","3.0.1","",[52,90,91,19,92],"authentication","login","whitelisting","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-login-security-2\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-login-security-2.1.0.2.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":13,"num_ratings":13,"last_updated":105,"tested_up_to":106,"requires_at_least":87,"requires_php":88,"tags":107,"homepage":109,"download_link":110,"security_score":75,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"authorize-ip-address","Authorize IP Address","1.0.1","jovevskitoni","https:\u002F\u002Fprofiles.wordpress.org\u002Fjovevskitoni\u002F","\u003Cp>Authorize IP Address provides enhanced security by requiring users to whitelist their IP address.\u003Cbr \u002F>\nIf the IP address is not recognized, the plugin will send an email to the user with a link that contains a one-time key. Optionally the blog administrator can also be notified.\u003C\u002Fp>\n\u003Cp>If a user logs in from a known IP address no further action is required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What does this Plugin do?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Prevent from sharing login details. Users can login from only approved ip address from the user via email.\u003C\u002Fli>\n\u003Cli>Each time a user logs in, the plugin will compare their existing IP address to the last seen IP address.\u003C\u002Fli>\n\u003Cli>User First Time login IP address will be automaticly add to whitelist.\u003C\u002Fli>\n\u003Cli>If the IP does not match or no IP addresses have been whitelisted, an email will be sent to the users registered email address.\u003C\u002Fli>\n\u003Cli>The user must login to their email and click the included link, which contains the one-time password.\u003C\u002Fli>\n\u003Cli>The plugin can be configured to also send an email to the blog administrator as well as the user.\u003C\u002Fli>\n\u003C\u002Fol>\n","Authorize IP Address prevent login from unknown IP address.  Whitelist User IP addresses. If a user logs in from an unknown IP the plugin sends an ema &hellip;",10,1767,"2017-02-02T13:42:00.000Z","4.7.33",[90,108,91,19,92],"authorize-ip","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fauthorize-ip-address\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthorize-ip-address.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":103,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":16,"requires_php":49,"tags":124,"homepage":88,"download_link":128,"security_score":120,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"proactive-security-suite","Proactive Security Suite","1.5.9.9","ITCS","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimath99\u002F","\u003Cp>Welcome to the \u003Cem>ProActive Security Suite\u003C\u002Fem> Plugin Wiki\u003C\u002Fp>\n\u003Cp>     Enhance your WordPress website’s security with the \u003Cstrong>ProActive Security Suite\u003C\u002Fstrong>. This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like \u003Cstrong>Cloudflare\u003C\u002Fstrong>, \u003Cstrong>AbuseIPDB\u003C\u002Fstrong>,  and \u003Cstrong>Whatismybrowser.com\u003C\u002Fstrong>. ProActive Security Suite provides proactive defense mechanisms to protect your site from malicious traffic and potential threats before they reach your server. \u003C\u002Fp>\n\u003Cp>     Table of Contents     \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#introduction\" rel=\"nofollow ugc\">Introduction\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#features\" rel=\"nofollow ugc\">Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#free-features\" rel=\"nofollow ugc\">Free Features\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#premium-features\" rel=\"nofollow ugc\">Premium Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#installation\" rel=\"nofollow ugc\">Installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#configuration\" rel=\"nofollow ugc\">Configuration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#cloudflare-settings\" rel=\"nofollow ugc\">Cloudflare Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#abuseipdb-integration\" rel=\"nofollow ugc\">AbuseIPDB Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#whatismybrowsercom-integration\" rel=\"nofollow ugc\">WhatIsMyBrowser.com Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#usage\" rel=\"nofollow ugc\">Usage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#automatic-ip-synchronization\" rel=\"nofollow ugc\">Automatic IP Synchronization\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#manual-synchronization\" rel=\"nofollow ugc\">Manual Synchronization\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#captured-traffic-data\" rel=\"nofollow ugc\">Captured Traffic Data\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#advanced-rule-builder\" rel=\"nofollow ugc\">Advanced Rule Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#rule-details-in-blocked-ips\" rel=\"nofollow ugc\">Rule Details in Blocked IPs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#advanced-settings\" rel=\"nofollow ugc\">Advanced Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#faq\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#support\" rel=\"nofollow ugc\">Support and Contribution\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#license\" rel=\"nofollow ugc\">License\u003C\u002Fa>\u003C\u002Fli>\n\u003Cp>Introduction\u003C\u002Fp>\n\u003Cp>     Welcome to the \u003Cstrong>ProActive Security Suite\u003C\u002Fstrong> plugin! This comprehensive security solution enhances your website’s protection by combining advanced threat detection, automated rule-based actions, and integration with services like \u003Cstrong>Cloudflare\u003C\u002Fstrong> and \u003Cstrong>AbuseIPDB\u003C\u002Fstrong>. By proactively analyzing traffic and applying custom security rules, ProActive Security Suite stops malicious traffic before it reaches your server, reducing load and enhancing performance. \u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Freleases\" rel=\"nofollow ugc\">Download Latest Release\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Features\u003C\u002Fp>\n\u003Ch3>Free Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic IP Synchronization:\u003C\u002Fstrong> Effortlessly sync blocked IPs to Cloudflare’s firewall.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Settings:\u003C\u002Fstrong> Tailor the plugin to your needs with adjustable settings:\n\u003Cul>\n\u003Cli>Blocked Hits Threshold\u003C\u002Fli>\n\u003Cli>Block Scope (Domain or Account)\u003C\u002Fli>\n\u003Cli>Block Mode (e.g., Block, Managed Challenge)\u003C\u002Fli>\n\u003Cli>Cron Interval\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Synchronization:\u003C\u002Fstrong> Trigger synchronization manually when immediate action is needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AbuseIPDB Integration:\u003C\u002Fstrong> Optional integration to fetch detailed information about IPs:\n\u003Cul>\n\u003Cli>Country Code\u003C\u002Fli>\n\u003Cli>Usage Type\u003C\u002Fli>\n\u003Cli>ISP Information\u003C\u002Fli>\n\u003Cli>Confidence Score\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced Rule Builder:\u003C\u002Fstrong> Create custom security rules based on various criteria such as confidence score, whitelisted status, abusive status, and more. Automate actions like blocking or challenging IPs based on these rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Priorities:\u003C\u002Fstrong> Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first, allowing critical rules to take precedence.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Action Application:\u003C\u002Fstrong> The plugin automatically applies actions to IPs that match your defined rules immediately after capturing traffic data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Details in Blocked IPs:\u003C\u002Fstrong> View detailed information about which rules caused IPs to be blocked, including criteria and actions taken.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Captured Traffic Data:\u003C\u002Fstrong> Log and analyze incoming traffic for enhanced security insights.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude User Roles:\u003C\u002Fstrong> Exclude specific WordPress user roles from traffic logging.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WhatIsMyBrowser.com API Integration:\u003C\u002Fstrong> Advanced user agent analysis and detection capabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced AbuseIPDB Integration:\u003C\u002Fstrong> Automatic updates for all entries with the same IP address.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Support:\u003C\u002Fstrong> Access dedicated support for assistance and troubleshooting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Custom WAF Rule & List Management:\u003C\u002Fstrong> Optionally create a Cloudflare custom list and associated WAF rule. Manage entries directly from the plugin and get notified if Cloudflare reports issues such as a full list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     \u003Cstrong>Note:\u003C\u002Fstrong> The premium features require an active premium license. Upgrade to access these advanced functionalities. \u003C\u002Fp>\n\u003Cp>Installation\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Download the Plugin:\u003C\u002Fstrong> Clone the repository or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Freleases\" rel=\"nofollow ugc\">download the latest release\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upload to WordPress:\u003C\u002Fstrong> Upload the `proactive-security-suite` directory to `\u002Fwp-content\u002Fplugins\u002F`.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activate the Plugin:\u003C\u002Fstrong> In your WordPress dashboard, navigate to \u003Cem>Plugins\u003C\u002Fem> and activate \u003Cem>ProActive Security Suite\u003C\u002Fem>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Configuration\u003C\u002Fp>\n\u003Ch3>Cloudflare Settings\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Obtain Cloudflare Credentials:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email:\u003C\u002Fstrong> Your Cloudflare account email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API Key:\u003C\u002Fstrong> Your Global API Key or an API Token with necessary permissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zone ID:\u003C\u002Fstrong> Found in your Cloudflare dashboard under the domain’s overview.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account ID:\u003C\u002Fstrong> Located in your Cloudflare profile settings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure Plugin Settings:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Navigate to \u003Cem>Settings > ProActive Security Suite\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Enter your Cloudflare credentials securely.\u003C\u002Fli>\n\u003Cli>Adjust settings like Blocked Hits Threshold, Block Scope, and Block Mode.\u003C\u002Fli>\n\u003Cli>Enable \u003Cem>Custom WAF Rule\u003C\u002Fem> and supply a rule name to allow the plugin to create and maintain a Cloudflare custom list and matching WAF rule. List entries can be viewed, added, or removed from within the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>AbuseIPDB Integration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Sign Up for AbuseIPDB:\u003C\u002Fstrong> Visit \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002F\" rel=\"nofollow ugc\">AbuseIPDB\u003C\u002Fa> and sign up for an API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable Integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>In the plugin settings, enter your AbuseIPDB API key.\u003C\u002Fli>\n\u003Cli>Enable the \u003Cem>AbuseIPDB Lookup\u003C\u002Fem> option.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WhatIsMyBrowser.com Integration (Premium)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Obtain API Key:\u003C\u002Fstrong> Register at \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002F\" rel=\"nofollow ugc\">WhatIsMyBrowser.com\u003C\u002Fa> for an API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure Integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Enter the API key in the plugin’s settings under \u003Cem>WhatIsMyBrowser API Key\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Enable the integration features as desired.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Usage\u003C\u002Fp>\n\u003Ch3>Automatic IP Synchronization\u003C\u002Fh3>\n\u003Cp>     The plugin automatically syncs blocked IPs based on your configured cron interval. IPs exceeding the Blocked Hits Threshold are added to Cloudflare’s firewall or acted upon based on your defined rules. \u003C\u002Fp>\n\u003Ch3>Manual Synchronization\u003C\u002Fh3>\n\u003Cp>     Navigate to \u003Cem>Settings > ProActive Security Suite\u003C\u002Fem> and click the \u003Cstrong>Run Process\u003C\u002Fstrong> button to trigger synchronization and rule evaluation immediately. \u003C\u002Fp>\n\u003Ch3>Captured Traffic Data (Premium)\u003C\u002Fh3>\n\u003Cp>     Access detailed logs under the \u003Cem>Captured Traffic Data\u003C\u002Fem> tab. Analyze user agents, request methods, and more. Exclude specific user roles from logging in the settings. \u003C\u002Fp>\n\u003Ch3>Advanced Rule Builder (Premium)\u003C\u002Fh3>\n\u003Cp>     The plugin features a powerful \u003Cstrong>Rule Builder\u003C\u002Fstrong> that allows you to create custom security rules based on various criteria. You can define rules using conditions such as: \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Confidence Score:\u003C\u002Fstrong> Set thresholds using operators like greater than, less than, equal to, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Is Whitelisted:\u003C\u002Fstrong> Check if an IP is marked as whitelisted in AbuseIPDB.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Is Abusive:\u003C\u002Fstrong> Determine if an IP is associated with abusive behavior.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Criteria:\u003C\u002Fstrong> Add other criteria based on the data captured.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     Each rule can be assigned an \u003Cstrong>Action\u003C\u002Fstrong> (e.g., Block, Managed Challenge) that will be applied to IPs matching the rule. You can also assign a \u003Cstrong>Priority\u003C\u002Fstrong> to control the order in which rules are evaluated. \u003C\u002Fp>\n\u003Ch3>Rule Details in Blocked IPs (Premium)\u003C\u002Fh3>\n\u003Cp>     The \u003Cstrong>Blocked IPs\u003C\u002Fstrong> tab now includes a \u003Cem>Rule Details\u003C\u002Fem> column that displays comprehensive information about the rules that caused IPs to be blocked. This includes: \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Criteria:\u003C\u002Fstrong> The specific conditions that were met, such as confidence score thresholds, whitelisted status, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Action:\u003C\u002Fstrong> The action taken by the rule (e.g., Block, Managed Challenge).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     This enhancement allows administrators to easily identify which rules are triggering blocks and understand the reasons behind each IP being blocked. It provides greater transparency and aids in fine-tuning security settings. \u003C\u002Fp>\n\u003Cp>Advanced Settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Blocked Hits Threshold:\u003C\u002Fstrong> Define the minimum number of blocked hits before an IP is synchronized or evaluated by rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Scope:\u003C\u002Fstrong> Choose between domain-specific or account-wide blocking.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Mode:\u003C\u002Fstrong> Select the action for Cloudflare to take (e.g., Block, Challenge).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cron Interval:\u003C\u002Fstrong> Set how frequently the plugin checks for new blocked IPs and evaluates rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Priorities:\u003C\u002Fstrong> Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Role Exclusions:\u003C\u002Fstrong> Exclude specific WordPress user roles from traffic logging and rule evaluation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Frequently Asked Questions\u003C\u002Fp>\n\u003Ch3>How do I obtain my Cloudflare Zone ID and Account ID?\u003C\u002Fh3>\n\u003Cp>     \u003Cstrong>Zone ID:\u003C\u002Fstrong> Log into Cloudflare, select your domain, and find the Zone ID on the Overview page.\u003Cbr \u002F>     \u003Cstrong>Account ID:\u003C\u002Fstrong> Click on your profile in Cloudflare; the Account ID is listed there. \u003C\u002Fp>\n\u003Ch3>Can I use an API Token instead of the Global API Key?\u003C\u002Fh3>\n\u003Cp>     Yes, ensure the API Token has the necessary permissions for firewall access. \u003C\u002Fp>\n\u003Ch3>Is the plugin compatible with IPv6 addresses?\u003C\u002Fh3>\n\u003Cp>     Absolutely, the plugin supports both IPv4 and IPv6 addresses. \u003C\u002Fp>\n\u003Ch3>How does the plugin handle my API keys?\u003C\u002Fh3>\n\u003Cp>     All API keys are securely stored using WordPress’s options API and are never exposed in plain text. \u003C\u002Fp>\n\u003Ch3>How do rule priorities work?\u003C\u002Fh3>\n\u003Cp>     Rule priorities determine the order in which your rules are evaluated. Rules with higher priority numbers are evaluated first. If traffic data matches a rule, the corresponding action is applied, and no further rules are evaluated for that IP address. \u003C\u002Fp>\n\u003Ch3>Can I see which rule blocked an IP?\u003C\u002Fh3>\n\u003Cp>     Yes, with the \u003Cstrong>Rule Details in Blocked IPs\u003C\u002Fstrong> feature, you can view the exact rule criteria and action that caused an IP to be blocked. This information is displayed in the Blocked IPs tab under the Rule Details column. \u003C\u002Fp>\n\u003Ch3>How does the automatic action application work?\u003C\u002Fh3>\n\u003Cp>     When traffic data is captured, the plugin immediately evaluates it against your defined rules. If a rule matches, the specified action is applied to the IP address without any manual intervention. \u003C\u002Fp>\n\u003Cp>Support and Contribution\u003C\u002Fp>\n\u003Cp>     \u003Cstrong>Support:\u003C\u002Fstrong> For assistance, please open an issue on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Fissues\" rel=\"nofollow ugc\">GitHub Issues\u003C\u002Fa> page or contact us at \u003Ca href=\"mailto:info@itcs.services\" rel=\"nofollow ugc\">info@itcs.services\u003C\u002Fa>. \u003C\u002Fp>\n\u003Cp>License\u003C\u002Fp>\n\u003Cp>     This project is licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GNU General Public License v3.0\u003C\u002Fa>. \u003C\u002Fp>\n\u003Cp>     \u003Cem>Thank you for using ProActive Security Suite!\u003C\u002Fem>  \u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Cloudflare\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We send visitor IPs (and optionally country\u002FISP data) to create Firewall rules.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address, associated rule details.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Cloudflare Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Cloudflare Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>AbuseIPDB\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We check IP reputation, fetching country code, ISP, and confidence score.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002Flegal\" rel=\"nofollow ugc\">AbuseIPDB Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WhatIsMyBrowser\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We send user agent strings to detect software (browser), OS, and if it’s abusive.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: User agent strings.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002Fabout\u002Flegal\u002F\" rel=\"nofollow ugc\">WhatIsMyBrowser Terms of Service\u003C\u002Fa> |\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002Fabout\u002Flegal\u002F\" rel=\"nofollow ugc\">Legal\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IPData\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We fetch detailed threat intelligence (Tor, proxy, known attacker, etc.).\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fipdata.co\u002Fterms-of-service.html\" rel=\"nofollow ugc\">IPData Terms\u003C\u002Fa> |\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fipdata.co\u002Fprivacy.html\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Welcome to the ProActive Security Suite Plugin Wiki      Enhance your WordPress website's security with the ProActive Security Suite.",971,100,1,"2025-08-24T19:26:00.000Z","6.8.5",[125,126,19,21,127],"cloudflare","firewall","wordpress-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproactive-security-suite.1.5.9.9.zip",{"attackSurface":130,"codeSignals":156,"taintFlows":163,"riskAssessment":164,"analyzedAt":172},{"hooks":131,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":13,"unprotectedCount":13},[132,138,142,146],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","init","dmnsc_schedule_wordfence_allowlist_update","dmn-security-centre.php",26,{"type":133,"name":139,"callback":140,"file":136,"line":141},"dmnsc_update_wordfence_allowlist_daily","dmnsc_update_wordfence_allowlist",89,{"type":133,"name":143,"callback":144,"file":136,"line":145},"admin_menu","dmnsc_add_settings_page",126,{"type":133,"name":147,"callback":148,"file":136,"line":149},"admin_init","dmnsc_register_settings",163,[],[],[],[154],{"hook":139,"callback":139,"file":136,"line":155},23,{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":13,"externalRequests":121,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":162},[],{"prepared":13,"raw":13,"locations":159},[],{"escaped":121,"rawEcho":13,"locations":161},[],[],[],{"summary":165,"deductions":166},"The \"dmn-security-centre\" v1.3 plugin exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history. The code analysis reveals no dangerous functions, no direct SQL queries (all are prepared), and all observed outputs are properly escaped. Crucially, there are no identified vulnerabilities in its history, which is a significant positive indicator. The plugin also has a very small attack surface, with no exposed AJAX handlers, REST API routes, or shortcodes that could be exploited without proper authentication or authorization checks. This suggests a development team that prioritizes security best practices.\n\nDespite the overwhelmingly positive indicators, there are a couple of points that warrant minor attention. The presence of a single cron event without explicit capability checks could potentially be a vector if the cron event performs sensitive operations. Similarly, the single external HTTP request, while not inherently risky, lacks specific detail on what it's communicating with and if that interaction is secured. The absence of nonce checks on AJAX (of which there are none) and capability checks on the limited entry points is a strength in this case due to the lack of these entry points, but in a larger plugin, this would be a significant concern.  Overall, this plugin appears to be very secure, with minimal theoretical risks.",[167,170],{"reason":168,"points":169},"Cron event without capability check",2,{"reason":171,"points":121},"External HTTP request without context","2026-03-16T21:37:49.783Z",{"wat":174,"direct":180},{"assetPaths":175,"generatorPatterns":177,"scriptPaths":178,"versionParams":179},[176],"\u002Fwp-content\u002Fplugins\u002Fdmn-security-centre\u002F",[],[],[],{"cssClasses":181,"htmlComments":182,"htmlAttributes":183,"restEndpoints":186,"jsGlobals":187,"shortcodeOutput":188},[],[],[184,185],"name=\"dmnsc_url\"","value=\"esc_attr($url)\"",[],[],[],{"error":190,"url":191,"statusCode":192,"statusMessage":193,"message":193},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdmn-security-centre\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":195},[]]