[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fja-PgMm6uC_r4qauSbavvOJecPvTIIavVfqZ0euyXOA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":145,"fingerprints":177},"dynamic-hostname","Dynamic Hostname","0.4.2","Takayuki Miyauchi","https:\u002F\u002Fprofiles.wordpress.org\u002Fmiyauchi\u002F","\u003Cp>This plugin changes dynamically and automatically the host name which WordPress uses. For example, when you run WordPress on your different servers, for production, development or staging, the host name will be changed dynamically and each site won’t have broken links. It’s very useful when you use it with Vagrant Cloud.\u003C\u002Fp>\n\u003Ch4>Some features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Temporarily changes the host name to the current host name ($_SERVER[‘HTTP_HOST’]).\u003C\u002Fli>\n\u003Cli>Also replaces the host name of the links to the contents and the images in the same site.\u003C\u002Fli>\n\u003Cli>The host name included in the contents on the development server will be changed to the one for the production server. (You don’t need to replace the host name in the database when you move it to the production server.)\u003C\u002Fli>\n\u003Cli>The host name in the editor window is temporarily replaced with the current host name, so when you edit some on the development server, you never have broken links.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Hooks to use for replacing\u003C\u002Fh4>\n\u003Cp>This plugin uses the filter hooks below to replace the host name in URL.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$hooks = array(\n    \"home_url\",\n    \"site_url\",\n    \"stylesheet_directory_uri\",\n    \"template_directory_uri\",\n    \"plugins_url\",\n    \"wp_get_attachment_url\",\n    \"theme_mod_header_image\",\n    \"theme_mod_background_image\",\n    \"the_content\",\n    \"upload_dir\",\n    \"widget_text\",\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Those hooks also have their own filter hooks, so you can customize with other plugins you are using, etc.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('dynamic_hostname_filters' function($hooks){\n    $hooks[] = 'some_filter_hook';\n    return $hooks;\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Set hostname dynamically for the development.",300,26030,0,"2015-04-26T13:07:00.000Z","4.2.39","3.8","",[19,20,21,22],"hostname","site_url","vagrant-cloud","wp_home","https:\u002F\u002Fvccw.cc\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynamic-hostname.0.4.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"miyauchi",20,40630,86,30,84,"2026-04-04T09:04:43.602Z",[38,61,84,105,125],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":17,"tags":53,"homepage":59,"download_link":60,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"remove-comment-websiteurl-box","Remove Comment Website\u002FURL Box","1.0","Mark Hodder","https:\u002F\u002Fprofiles.wordpress.org\u002Fmahodder\u002F","\u003Cp>Simply active this plugin to remove the website \u002F url box from the WordPress comment form area.\u003C\u002Fp>\n\u003Cp>This plugin has been tested on:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Genesis 2.X\u003C\u002Fli>\n\u003Cli>Thesis 2.X\u003C\u002Fli>\n\u003Cli>WordPress Twenty Fourteen theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>While it may work on other themes, there is no guarantee. If it doesn’t work on your theme let me know in the support forums.\u003C\u002Fp>\n","Hide the Website \u002F URL input box on the comment form, supports Genesis 2.X, Thesis 2.X and some other WordPress themes (may not work on all themes)",600,15231,100,7,"2016-04-13T00:18:00.000Z","4.5.33","4.4",[54,55,56,57,58],"comment-form","comment-form-website-url","remove-url-box","url-box","website-url","http:\u002F\u002Fthemedy.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-comment-websiteurl-box.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":17,"tags":76,"homepage":82,"download_link":83,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"site-address-migrator","Site Address Migrator","2.0","MembershipWorks","https:\u002F\u002Fprofiles.wordpress.org\u002Fsourcefound\u002F","\u003Cp>If you ever change the Site Address under the WordPress settings, you may notice that all the links in your pages and posts may still use the old site url. This plugin plugin migrates all those urls in your WordPress database when you change the Site Address, without requiring the Search Replace DB script.\u003C\u002Fp>\n\u003Cp>Site Address Migrator updates all links matching the old Site Address in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Description, content and excerpts of all posts, pages and media (including custom types)\u003C\u002Fli>\n\u003Cli>Post and page option fields\u003C\u002Fli>\n\u003Cli>Comments and comment option fields\u003C\u002Fli>\n\u003Cli>Post category and tag descriptions\u003C\u002Fli>\n\u003Cli>User descriptions\u003C\u002Fli>\n\u003Cli>User website fields\u003C\u002Fli>\n\u003Cli>WordPress and widget option fields\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Site Address Migrator will update links inside serialized data correctly. Site Address Migrator will also match links when the protocol does not match the Site Address (eg. the link uses “https:\u002F\u002F” instead of “http:\u002F\u002F”, or if it is protocol-relative “\u002F\u002F”). The protocol used for the original link will be honored (ie. if the link was “https:\u002F\u002F”, it will remain “https:\u002F\u002F” even if the Site Address is given as “http:\u002F\u002F”).\u003C\u002Fp>\n\u003Cp>Warning: Make sure you have access to the new site domain before updating the Site Address, and double check for spelling errors! Entering the wrong site address can prevent you from accessing WordPress again without manually fixing the MySQL database entries. Backup your MySQL database if possible.\u003C\u002Fp>\n\u003Cp>This plugin is not designed for, and has not been tested for Multi-Site installs.\u003C\u002Fp>\n","Updates urls in pages, posts, comments, descriptions, widgets and options when Site Address (Site URL) is changed.",200,6439,60,4,"2019-12-22T17:38:00.000Z","5.3.21","3.0.1",[77,78,79,80,81],"changing-site-address","changing-site-url","site-address","siteurl","update-url","https:\u002F\u002Fmembershipworks.com\u002Fwordpress-site-address-migrator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-address-migrator.2.0.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":48,"downloaded":92,"rating":48,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":17,"tags":97,"homepage":103,"download_link":104,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"remove-comment-url","Remove Website URL Field From Comment Form","1.2.1","Prem Tiwari","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreewebmentor\u002F","\u003Cp>Usually the comment spammers’ main goal is to get a do-follow or no-follow link from your website. Remove Website URL Field plugin allow you to remove the website URL field from the comment form from your blog\u002Fwebsite. This prevents automated bots to post spam links on your website. It also helps your website retain the SEO Juice.\u003C\u002Fp>\n\u003Cp>This is a lightweight and simple plugin which does not require any settings. The perfect way to discourage spam is to remove the “Website” or “URL” field entirely from your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits of Removing Website URL Field from the Comment Form\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove WEBSITE Field from Comment Form\u003C\u002Fli>\n\u003Cli>Remove hyper-link from comment AUTHOR\u003C\u002Fli>\n\u003Cli>Disable turning URLs into hyper-links in comments\u003C\u002Fli>\n\u003Cli>Remove HTML Link Tags in comments\u003C\u002Fli>\n\u003Cli>Reduced Spam comments\u003C\u002Fli>\n\u003Cli>Improved User Experience\u003C\u002Fli>\n\u003Cli>Faster Commenting Experience\u003C\u002Fli>\n\u003Cli>Increase the user interactions\u003C\u002Fli>\n\u003Cli>Encourage the quality comments\u003C\u002Fli>\n\u003Cli>Need less maintenance\u003C\u002Fli>\n\u003Cli>It will remove all the existing links from comments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎉 Remove the existing links from comments\u003C\u002Fh3>\n\u003Cp>I have added a new feature to remove the existing website links from the comments. Thanks to @wpexplorer to suggesting this feature.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Everything you need to discourage spammers from leaving useless or irrelevant comments on your precious blog posts is just a plugin activation away. By simply activating this plugin, the URL field will no longer appear in your comment form. This straightforward solution effectively deters spammers who often exploit this field for backlinks, thereby maintaining the quality and relevance of your blog’s comment section. Enhance your blog’s security and ensure meaningful interactions with ease by utilizing this essential tool.\u003C\u002Fp>\n","This plugin allows administrators to globally disable the URL\u002FWebsite input field from the WordPress inbuilt comments form on their site.",2027,3,"2025-06-30T06:29:00.000Z","6.8.5","5.0",[98,99,100,101,102],"comments-form","disable","remove-url","url","website-url-filed","https:\u002F\u002Fwww.premtiwari.in\u002Fremove-comment-url\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-comment-url.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":31,"downloaded":113,"rating":48,"num_ratings":114,"last_updated":115,"tested_up_to":95,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":123,"download_link":124,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"edh-bad-bots","EDH Bad Bots","1.4.3","EncodeDotHost","https:\u002F\u002Fprofiles.wordpress.org\u002Fencodedothost\u002F","\u003Cp>EDH Bad Bots is an intelligent bot detection and blocking system that protects your WordPress site from unwanted crawlers and malicious bots. Unlike traditional blocking methods that rely on user agent strings (which can be easily spoofed), this plugin uses a honeypot technique to identify and block bots that don’t respect your site’s \u003Ccode>robots.txt\u003C\u002Fcode> directives.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Bot Detection\u003C\u002Fstrong>: Identifies bad bots using a hidden trap URL technique\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Blocking System\u003C\u002Fstrong>: Blocks misbehaving bots with configurable duration (default 30 days)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced DNS Resolution\u003C\u002Fstrong>: PTR record lookups with DNS over HTTPS (DoH) support for hostname identification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dual-Level Blocking\u003C\u002Fstrong>: Server-level \u003Ccode>.htaccess\u003C\u002Fcode> blocking AND PHP-level blocking for maximum effectiveness\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Blocking Methods\u003C\u002Fstrong>: Choose between \u003Ccode>.htaccess\u003C\u002Fcode> blocking (Apache) or PHP-only blocking (Nginx compatible)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Whitelist Management\u003C\u002Fstrong>: Protect trusted IPs from ever being blocked\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Admin Interface\u003C\u002Fstrong>: Clean dashboard with hostname display, manual hostname updates, and debug tools\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background Processing\u003C\u002Fstrong>: Automated hostname resolution via WordPress cron jobs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero False Positives\u003C\u002Fstrong>: Legitimate search engine bots that follow robots.txt rules are never affected\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database Optimization\u003C\u002Fstrong>: Automatic cleanup of expired blocks to maintain performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security-First Design\u003C\u002Fstrong>: All forms include proper nonce verification and user capability checks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>The plugin implements a sophisticated honeypot system:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Trap URL Generation\u003C\u002Fstrong>: Creates a unique, hidden URL specific to your domain\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Robots.txt Integration\u003C\u002Fstrong>: Automatically adds a \u003Ccode>Disallow\u003C\u002Fcode> rule for the trap URL\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hidden Link Placement\u003C\u002Fstrong>: Places an invisible link to the trap URL in your site’s footer\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bot Detection\u003C\u002Fstrong>: When bad bots ignore robots.txt and follow the hidden link, they’re identified\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Blocking\u003C\u002Fstrong>: Detected bot IPs are blocked with configurable duration and immediate effect\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hostname Resolution\u003C\u002Fstrong>: PTR record lookups identify the hostname\u002Forganization behind blocked IPs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Legitimate Bot Protection\u003C\u002Fstrong>: Good bots (like Googlebot) respect robots.txt and never trigger the trap\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Ch3>Admin Dashboard\u003C\u002Fh3>\n\u003Cp>Access the plugin dashboard at \u003Cstrong>Tools > Bad Bots\u003C\u002Fstrong> in your WordPress admin:\u003C\u002Fp>\n\u003Ch4>Whitelisted IPs Tab\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add IP addresses that should never be blocked\u003C\u002Fli>\n\u003Cli>Remove IPs from the whitelist\u003C\u002Fli>\n\u003Cli>View all currently whitelisted addresses with timestamps\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Blocked Bots Tab\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View all currently blocked IP addresses with hostnames\u003C\u002Fli>\n\u003Cli>See when each IP was blocked and when the block expires\u003C\u002Fli>\n\u003Cli>Manually update missing hostnames for better identification\u003C\u002Fli>\n\u003Cli>Force refresh all hostnames to clear cache and re-resolve\u003C\u002Fli>\n\u003Cli>Debug hostname resolution issues (when WP_DEBUG is enabled)\u003C\u002Fli>\n\u003Cli>Manually unblock IPs if needed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Options Tab\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ccode>.htaccess Blocking\u003C\u002Fcode>\u003C\u002Fstrong>: Enable\u002Fdisable server-level IP blocking via \u003Ccode>.htaccess\u003C\u002Fcode> file\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Duration\u003C\u002Fstrong>: Configure how many days to block detected bots\u003C\u002Fli>\n\u003Cli>Configure blocking method based on your server setup (Apache vs Nginx)\u003C\u002Fli>\n\u003Cli>Server-level blocking bypasses caching for immediate effect\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Help Tab\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Detailed explanation of how the plugin works\u003C\u002Fli>\n\u003Cli>Best practices for managing IPs\u003C\u002Fli>\n\u003Cli>Information about \u003Ccode>.htaccess\u003C\u002Fcode> blocking options\u003C\u002Fli>\n\u003Cli>Unique trap URL for caching plugin exclusion\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 6.2 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>MySQL 5.6 or higher\u003C\u002Fli>\n\u003Cli>Apache server (for \u003Ccode>.htaccess\u003C\u002Fcode> blocking) or Nginx (PHP-only blocking)\u003C\u002Fli>\n\u003Cli>Writable \u003Ccode>.htaccess\u003C\u002Fcode> file (if using Apache server-level blocking)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Technical Details\u003C\u002Fh3>\n\u003Ch3>Database Tables\u003C\u002Fh3>\n\u003Cp>The plugin creates two custom database tables:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_edhbb_blocked_bots\u003C\u002Fcode>: Stores blocked IP addresses with expiration dates and hostnames\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_edhbb_whitelisted_ips\u003C\u002Fcode>: Stores permanently whitelisted IP addresses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>DNS Resolution System\u003C\u002Fh3>\n\u003Cp>The plugin includes an advanced DNS lookup system:\u003C\u002Fp>\n\u003Ch4>DNS over HTTPS (DoH) Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Primary providers\u003C\u002Fstrong>: Cloudflare DNS, Google DNS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure queries\u003C\u002Fstrong>: HTTPS-encrypted DNS requests for enhanced privacy\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fallback system\u003C\u002Fstrong>: Automatic fallback to traditional DNS methods\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PTR Record Lookups\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Reverse DNS\u003C\u002Fstrong>: Converts IP addresses to hostnames for better identification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IPv4 and IPv6 support\u003C\u002Fstrong>: Full support for both IP versions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Caching\u003C\u002Fstrong>: Results cached for 1 hour to improve performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background processing\u003C\u002Fstrong>: Automated hostname resolution via WordPress cron\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Blocking Methods\u003C\u002Fh3>\n\u003Cp>The plugin offers two blocking approaches:\u003C\u002Fp>\n\u003Ch4>1. Server-Level Blocking (\u003Ccode>.htaccess\u003C\u002Fcode>)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Default method\u003C\u002Fstrong> for Apache servers\u003C\u002Fli>\n\u003Cli>Blocks IPs at the server level before WordPress loads\u003C\u002Fli>\n\u003Cli>Bypasses caching plugins for immediate effect\u003C\u002Fli>\n\u003Cli>More efficient and faster blocking\u003C\u002Fli>\n\u003Cli>Automatically manages \u003Ccode>.htaccess\u003C\u002Fcode> file with unique markers\u003C\u002Fli>\n\u003Cli>Safe cleanup on plugin deactivation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2. PHP-Level Blocking\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Alternative method\u003C\u002Fstrong> for Nginx or when \u003Ccode>.htaccess\u003C\u002Fcode> is unavailable\u003C\u002Fli>\n\u003Cli>Blocks IPs during WordPress initialization\u003C\u002Fli>\n\u003Cli>Compatible with all web servers\u003C\u002Fli>\n\u003Cli>May be affected by caching plugins\u003C\u002Fli>\n\u003Cli>No server configuration files modified\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Nonce Verification\u003C\u002Fstrong>: All forms use WordPress nonces for CSRF protection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Capability Checks\u003C\u002Fstrong>: Only users with \u003Ccode>manage_options\u003C\u002Fcode> capability can access admin features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Input Sanitization\u003C\u002Fstrong>: All user inputs are properly sanitized and validated\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SQL Injection Protection\u003C\u002Fstrong>: All database queries use prepared statements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe \u003Ccode>.htaccess\u003C\u002Fcode> Management\u003C\u002Fstrong>: Uses unique markers and automatic cleanup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Performance Optimization\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Cleanup\u003C\u002Fstrong>: Expired blocks are automatically removed from the database\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Efficient Queries\u003C\u002Fstrong>: Database operations are optimized for minimal performance impact\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Loading\u003C\u002Fstrong>: Admin assets only load on the plugin’s admin page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server-Level Blocking\u003C\u002Fstrong>: \u003Ccode>.htaccess\u003C\u002Fcode> blocking prevents blocked requests from reaching PHP\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist Filtering\u003C\u002Fstrong>: Whitelisted IPs are excluded from \u003Ccode>.htaccess\u003C\u002Fcode> rules automatically\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DNS Caching\u003C\u002Fstrong>: Hostname lookups cached to reduce DNS query overhead\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background Processing\u003C\u002Fstrong>: Hostname resolution runs in background to avoid delays\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>API Hooks\u003C\u002Fh3>\n\u003Ch3>Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>plugins_loaded\u003C\u002Fcode>: Plugin initialization\u003C\u002Fli>\n\u003Cli>\u003Ccode>init\u003C\u002Fcode>: Early request blocking check\u003C\u002Fli>\n\u003Cli>\u003Ccode>template_redirect\u003C\u002Fcode>: Bot trap detection\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_footer\u003C\u002Fcode>: Hidden link injection\u003C\u002Fli>\n\u003Cli>\u003Ccode>admin_menu\u003C\u002Fcode>: Admin page registration\u003C\u002Fli>\n\u003Cli>\u003Ccode>edhbb_update_hostnames_cron\u003C\u002Fcode>: Background hostname resolution\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>robots_txt\u003C\u002Fcode>: Adds disallow rule to robots.txt\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>File Structure\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>edh-bad-bots\u002F\u003Cbr \u002F>\n├── admin\u002F\u003Cbr \u002F>\n│   └── views\u002F\u003Cbr \u002F>\n│       └── admin-display.php    # Admin interface HTML\u003Cbr \u002F>\n├── assets\u002F\u003Cbr \u002F>\n│   ├── css\u002F\u003Cbr \u002F>\n│   │   └── admin-style.css      # Admin page styling\u003Cbr \u002F>\n│   └── js\u002F\u003Cbr \u002F>\n│       └── admin-script.js      # Admin page JavaScript\u003Cbr \u002F>\n├── includes\u002F\u003Cbr \u002F>\n│   ├── class-edhbb-admin.php    # Admin functionality\u003Cbr \u002F>\n│   ├── class-edhbb-blocker.php  # Bot detection and blocking\u003Cbr \u002F>\n│   ├── class-edhbb-database.php # Database operations\u003Cbr \u002F>\n│   └── class-edhbb-dnslookup.php # DNS\u002FPTR lookup system\u003Cbr \u002F>\n├── edh-bad-bots.php            # Main plugin file\u003Cbr \u002F>\n├── LICENSE\u003Cbr \u002F>\n└── readme.txt\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>Contributions are welcome! Please feel free to submit a Pull Request.\u003C\u002Fp>\n\u003Ch3>Development Setup\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Clone the repository to your WordPress plugins directory\u003C\u002Fli>\n\u003Cli>Ensure you have a WordPress development environment running\u003C\u002Fli>\n\u003Cli>Activate the plugin and test your changes\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This project is licensed under the GPL v3 or later.\u003C\u002Fp>\n\u003Ch3>Author\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>EncodeDotHost\u003C\u002Fstrong>\u003Cbr \u002F>\n– Website: \u003Ca href=\"https:\u002F\u002Fencode.host\" rel=\"nofollow ugc\">https:\u002F\u002Fencode.host\u003C\u002Fa>\u003Cbr \u002F>\n– GitHub: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEncodeDotHost\" rel=\"nofollow ugc\">@EncodeDotHost\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contributors\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnbwpuk\" rel=\"nofollow ugc\">@nbwpuk\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, please visit \u003Ca href=\"https:\u002F\u002Fencode.host\" rel=\"nofollow ugc\">https:\u002F\u002Fencode.host\u003C\u002Fa> or create an issue on the GitHub repository.\u003C\u002Fp>\n","A smart WordPress plugin that automatically blocks malicious bots and crawlers that ignore your site's robots.txt file.",305,1,"2025-09-06T18:12:00.000Z","6.2","7.4",[119,120,19,121,122],"bots","dns","ptr","security","https:\u002F\u002Fgithub.com\u002FEncodeDotHost\u002Fedh-bad-bots","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedh-bad-bots.1.4.3.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":13,"num_ratings":13,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":17,"download_link":144,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"dynamic-siteurl-for-widget","Dynamic Siteurl For Widget","1.0.0","shouryawp","https:\u002F\u002Fprofiles.wordpress.org\u002Fshouryawp\u002F","\u003Cp>This is for the dynamic site url on widget area of wordpress. We need to change the links of the widget texts while we are moving the live server. Now we can don’t need to think about it again. It’s true. So now we don’t need to think about the changing the links of the widget section and don’t need to run any queries as well.\u003C\u002Fp>\n","Need to change the site url dynamically while migrating the widget to live site this plugin is the ultimate solution",10,1098,"2018-04-24T17:43:00.000Z","4.7.32","4.0","5.2.4",[140,141,142,143],"dynamic","dynamic-variable","site-url","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynamic-siteurl-for-widget.zip",{"attackSurface":146,"codeSignals":165,"taintFlows":172,"riskAssessment":173,"analyzedAt":176},{"hooks":147,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":13,"unprotectedCount":13},[148,153,156,159],{"type":149,"name":150,"callback":150,"file":151,"line":152},"action","after_setup_theme","dynamic-hostname.php",28,{"type":149,"name":154,"callback":154,"priority":133,"file":151,"line":155},"save_post",55,{"type":149,"name":157,"callback":157,"file":151,"line":158},"admin_notices",58,{"type":149,"name":154,"callback":154,"priority":133,"file":151,"line":160},73,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":171},[],{"prepared":13,"raw":13,"locations":168},[],{"escaped":13,"rawEcho":13,"locations":170},[],[],[],{"summary":174,"deductions":175},"The dynamic-hostname plugin, version 0.4.2, exhibits an exceptionally secure static analysis profile.  The absence of any identified attack surface points (AJAX handlers, REST API routes, shortcodes, cron events) significantly limits the potential for external exploitation.  Furthermore, the code shows a strong adherence to security best practices with no dangerous functions used, 100% of SQL queries employing prepared statements, and all output being properly escaped. The lack of file operations and external HTTP requests further bolsters its security. The taint analysis also revealed no flows with unsanitized paths, indicating a low risk of data injection or manipulation vulnerabilities.\n\nThe vulnerability history for this plugin is also clean, with no recorded CVEs of any severity. This suggests a history of responsible development and maintenance, or potentially a lack of focus from security researchers due to its limited scope. The plugin's strengths lie in its minimal attack surface and rigorous implementation of secure coding practices for the components it does have.\n\nWhile the static analysis and vulnerability history paint a very positive security picture, the complete absence of any detected components (0 AJAX, 0 REST API, etc.) raises a slight concern about the plugin's actual functionality and whether the analysis might have missed something due to its simplicity. However, based solely on the provided data, the plugin appears to be very well-secured.",[],"2026-03-16T20:05:50.571Z",{"wat":178,"direct":184},{"assetPaths":179,"generatorPatterns":181,"scriptPaths":182,"versionParams":183},[180],"\u002Fwp-content\u002Fplugins\u002Fdynamic-hostname\u002F",[],[],[],{"cssClasses":185,"htmlComments":186,"htmlAttributes":187,"restEndpoints":188,"jsGlobals":189,"shortcodeOutput":190},[],[],[],[],[],[]]