[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCIxueqvI6IHZi51TIbfVts-y5OWIU-F1eaZenu_H1dI":3,"$fZYNFTAo4Y6fIrSeKyBtjc0faGScJU58-FC9xjCW30tc":335,"$fCMQH5mZJYY4TvLIPhZIp2qHx0PAWqEJ89M4Pm47BMFo":340},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":37,"analysis":136,"fingerprints":310},"ip-to-country","IP-to-Country","0.08","pepak.net","https:\u002F\u002Fprofiles.wordpress.org\u002Fpepaknet\u002F","\u003Cp>IP-to-Country is a plugin which doesn’t provide any output to users, but which\u003Cbr \u002F>\nmay be used by plugin authors to quickly and easily find, in which country an\u003Cbr \u002F>\nIP address is located.\u003C\u002Fp>\n\u003Cp>To do so the plugin uses data files from either http:\u002F\u002Fip-to-country.webhosting.info\u003Cbr \u002F>\n(IPv4 only) or http:\u002F\u002Fsoftware77.net\u002Fgeo-ip\u002F (both IPv4 and IPv6).\u003Cbr \u002F>\nOther sources are possible as long as they have the same format: CSV file,\u003Cbr \u002F>\nfields enclosed with quotes (“) and separated with comma (,), lines ending\u003Cbr \u002F>\nwith LF (\\n). Five columns:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lower bound of an IP range.\u003C\u002Fli>\n\u003Cli>Upper bound of an IP range. Both are represented as one 32-bit integer number,\u003Cbr \u002F>\nsuch as you can get by using funtion ip2long().\u003C\u002Fli>\n\u003Cli>2-character country code\u003C\u002Fli>\n\u003Cli>3-character country code\u003C\u002Fli>\n\u003Cli>Country name\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: In order to import IPv6 addresses, IPv4 must be imported first. The\u003Cbr \u002F>\nreason is, IPv6 database does not carry the full country information with\u003Cbr \u002F>\nit, while the IPv4 database does.\u003C\u002Fp>\n\u003Cp>Operations:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>To detect if IP-to-Country plugin is installed:\u003C\u002Fp>\n\u003Cp>$ip2c_available = class_exists(‘PepakIpToCountry’);\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>To find information about a numeric IP address:\u003C\u002Fp>\n\u003Cp>$country = PepakIpToCountry::IP_to_Country_Full(‘8.8.8.8’);\u003Cbr \u002F>\n    \u002F\u002F returns ‘UNITED STATES’\u003Cbr \u002F>\n    $country = PepakIpToCountry::IP_to_Country(‘8.8.8.8’);\u003Cbr \u002F>\n    $country = PepakIpToCountry::IP_to_Country_XX(‘8.8.8.8’);\u003Cbr \u002F>\n    \u002F\u002F both return ‘US’\u003Cbr \u002F>\n    $country = PepakIpToCountry::IP_to_Country_XXX(‘8.8.8.8’);\u003Cbr \u002F>\n    \u002F\u002F returns ‘USA’\u003Cbr \u002F>\n    $country = PepakIpToCountry::IP_to_Country_Info(‘8.8.8.8’);\u003Cbr \u002F>\n    \u002F\u002F returns Array(‘iso_name’=>’UNITED STATES’, ‘iso_code2’=>’US’, ‘iso_code3’=>’USA’)\u003Cbr \u002F>\n$image = PepakIpToCountry::IP_to_Country_Flag(‘8.8.8.8’);\u003Cbr \u002F>\n\u002F\u002F returns ”\u003C\u002Fp>\n\u003Cp>You may leave the IP address empty; in that case, IP address of currently\u003Cbr \u002F>\nactive user is used instead.\u003C\u002Fp>\n\u003Cp>Note: All requests are cached, so there shouldn’t be a noticeable difference\u003Cbr \u002F>\nbetween reading IP_to_Country_Info and reading all three pieces of information\u003Cbr \u002F>\nseparately using the _Full, _XX and _XXX functions.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>To interface your plugin’s tables to IP-to-Country plugin’s tables within SQL,\u003Cbr \u002F>\na function \u003Ccode>Subselect\u003C\u002Fcode> is published:\u003C\u002Fp>\n\u003Cp>$subselect = PepakIpToCountry::Subselect($ip, $countryfield);\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>$ip\u003C\u002Fcode> is a field that contains IP address in the form of one 32bit number, e.g.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Col>\n\u003Cli>If you store IP addresses in the usual form of four dot-separated\u003Cbr \u002F>\nnumbers (‘127.0.0.1’), you can use MySQL’s function INET_ATON:\u003Cbr \u002F>\n$ip = ‘INET_ATON(my_ip_address_field)’;\u003Cbr \u002F>\nIt is strongly recommended to use qualified field names (with tablename in\u003Cbr \u002F>\nfront, separated by a dot):\u003Cbr \u002F>\n$ip = ‘INET_ATON(banlist.ip_address)’;\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cul>\n\u003Cli>\u003Ccode>$countryfield\u003C\u002Fcode> is the field you want returned. It can be one of the following:\u003Cbr \u002F>\niso_name – returns the same string as PepakIpToCountry::IP_to_Country_Full(…)\u003Cbr \u002F>\niso_code2 – returns the same string as PepakIpToCountry::IP_to_Country_XX(…)\u003Cbr \u002F>\niso_code3 – returns the same string as PepakIpToCountry::IP_to_Country_XX(…)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: No checking or validation is done on either of these parameters. It is assumed\u003Cbr \u002F>\nthey are \u003Cem>field names\u003C\u002Fem>, \u003Cstrong>NOT\u003C\u002Fstrong> strings. DO NOT EVER USE VALUES THAT YOUR USERS CAN\u003Cbr \u002F>\nINFLUENCE! This is important! If you let users supply arguments to Subselect(), you\u003Cbr \u002F>\nare letting them to do whatever they like with your database!\u003C\u002Fp>\n\u003Cp>This function only works with IPv4 addresses.\u003C\u002Fp>\n\u003Cp>Example usage:\u003C\u002Fp>\n\u003Cp>if (class_exists(‘PepakIpToCountry’))\u003Cbr \u002F>\n      $field = PepakIpToCountry(“INET_ATON(b.ip_addr)”, ‘iso_code2’);\u003Cbr \u002F>\n    else\u003Cbr \u002F>\n      $field = ‘NULL’;\u003Cbr \u002F>\n    $sql = “SELECT b.*, ${field} country_code FROM ${wpdb->prefix}banlist b WHERE …”;\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: This plugin \u003Cem>requires\u003C\u002Fem> PHP5. If you want it to work with ZIP files\u003Cbr \u002F>\n(e.g. for updating IP-country info from the default location), your PHP\u003Cbr \u002F>\nmust have extension php_zip enabled.\u003C\u002Fp>\n","Provide a simple interface for plugin authors to determine, in which country an IP is located.",20,6324,60,1,"2014-06-24T18:21:00.000Z","3.0.5","2.8.0","",[20,21,22,23,4],"country","geolocation","invisible","ip","http:\u002F\u002Fwww.pepak.net\u002Fwordpress\u002Fip-to-country-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-to-country.0.08.zip",85,0,null,"2026-03-15T15:16:48.613Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"pepaknet",30,84,"2026-05-20T03:12:56.011Z",[38,57,71,92,115],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":46,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":54,"download_link":55,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"quick-flag","Quick Flag","2.12","Marko-M","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarko-m\u002F","\u003Cp>Quick Flag resolves IP address to \u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FISO_3166-1_alpha-2\" rel=\"nofollow ugc\">ISO 3166-1 alpha-2\u003C\u002Fa> two-letter country code and name using \u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fip-countryside\u002F\" rel=\"nofollow ugc\">ip-countryside\u003C\u002Fa> generated database and displays country flag if required. In contrast to other IP to country solutions this one allows you to create and update database your self using 5 Regional Internet Registrars (RIR) databases: AFRINIC, APNIC, ARIN, LACNIC and RIPE and ip-countryside open source application that does the work of generating database for you. You can also update IP to country database automatically with single click or schedule weekly automatic updates.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Big thanks to \u003Ca href=\"http:\u002F\u002Fmadm.dfki.de\u002Fgoldstein\u002F\" rel=\"nofollow ugc\">Markus Goldstein\u003C\u002Fa> for ip-countryside project, weekly database updates and automatic update server used in the past. To offload Markus server, database updates are currently generated by me and stored inside \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMarko-M\u002Fip-countryside-db\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Quick Flag feature highlights\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>New in v2.10\u003C\u002Fstrong>: Country names can be translated using Poedit\u003C\u002Fli>\n\u003Cli>Quick Flag database can be updated using single click without updating Quick Flag plugin.\u003C\u002Fli>\n\u003Cli>Quick Flag database can be auto updated weekly without updating Quick Flag plugin.\u003C\u002Fli>\n\u003Cli>Because of the way Quick Flag database is created it has probably the most accurate IP to country database you can find.\u003C\u002Fli>\n\u003Cli>Database updates are generated using open source \u003Ca href=\"http:\u002F\u002Fcode.google.com\u002Fp\u002Fip-countryside\u002F\" rel=\"nofollow ugc\">ip-countryside\u003C\u002Fa> application.\u003C\u002Fli>\n\u003Cli>Quick Flag provides PHP function to retrieve country code and country name for given IP address (see FAQ for more)\u003C\u002Fli>\n\u003Cli>Quick Flag provides PHP function to retrieve country flag image for given country, 248 flag images provided by \u003Ca href=\"http:\u002F\u002Fwww.famfamfam.com\" rel=\"nofollow ugc\">Mark James\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other WordPress plugins supporting Quick Flag\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Voting polls plugin \u003Ca href=\"http:\u002F\u002Fwww.techytalk.info\u002Fwordpress-plugins\u002Fquick-poll\u002F\" rel=\"nofollow ugc\">Quick Poll\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Who is online plugin \u003Ca href=\"http:\u002F\u002Fwww.techytalk.info\u002Fwordpress-plugins\u002Fquick-count\u002F\" rel=\"nofollow ugc\">Quick Count\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Chat plugin \u003Ca href=\"http:\u002F\u002Fwww.techytalk.info\u002Fwordpress-plugins\u002Fquick-chat\u002F\" rel=\"nofollow ugc\">Quick Chat\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information and demo please visit \u003Ca href=\"http:\u002F\u002Fwww.techytalk.info\u002Fwordpress-plugins\u002Fquick-flag\u002F\" rel=\"nofollow ugc\">Quick Flag demo\u003C\u002Fa> page at \u003Ca href=\"http:\u002F\u002Fwww.techytalk.info\u002F\" rel=\"nofollow ugc\">TechyTalk.info\u003C\u002Fa>.\u003C\u002Fp>\n","Resolves IP address to ISO 3166-1 alpha-2 two-letter country code and name and displays country flag image if required.",100,15822,3,"2019-08-02T13:31:00.000Z","3.4.2","3.0",[21,4,53],"ip2country","http:\u002F\u002Fwww.techytalk.info\u002Fwordpress-plugins\u002Fquick-flag\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquick-flag.zip","2026-04-16T10:56:18.058Z",{"slug":53,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":27,"num_ratings":27,"last_updated":66,"tested_up_to":67,"requires_at_least":51,"requires_php":18,"tags":68,"homepage":69,"download_link":70,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"Ip2country","1.3","webvitaly","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebvitaly\u002F","\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002F\" title=\"WordPress Pro plugins\" rel=\"nofollow ugc\">WordPress Pro plugins\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002Fip2country\u002F\" title=\"Ip2country plugin page\" rel=\"nofollow ugc\">Ip2country plugin\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fdonate\u002F\" title=\"Support the development\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Code is based on: \u003Ca href=\"http:\u002F\u002Fphpweby.com\u002Fsoftware\u002Fip2country\" rel=\"nofollow ugc\">phpweby.com\u002Fsoftware\u002Fip2country\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Ip2country database table is based on: \u003Ca href=\"http:\u002F\u002Fmaxmind.com\u002F\" rel=\"nofollow ugc\">maxmind.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ip2country_info database table is based on: \u003Ca href=\"http:\u002F\u002Fwww.ip2nation.com\u002F\" rel=\"nofollow ugc\">ip2nation.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Last IP database update: 15-jan-2012\u003C\u002Fli>\n\u003Cli>Ip2country database is stored on your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get country code or country name:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n$ip2country = ip2country();\necho ' Country code: '.$ip2country->country_code;\necho ' Country name: '.$ip2country->country_name;\n\u002F\u002F or\n$ip2country2 = ip2country('212.113.46.148');\necho ' Country code: '.$ip2country2->country_code;\necho ' Country name: '.$ip2country2->country_name;\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Get additional info about the country by country code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n$ip2country_info = ip2country_info($ip2country->country_code);\necho ' iso_code_2: '.$ip2country_info->iso_code_2;\necho ' iso_code_3: '.$ip2country_info->iso_code_3;\necho ' iso_country: '.$ip2country_info->iso_country;\necho ' country: '.$ip2country_info->country;\necho ' lat: '.$ip2country_info->lat;\necho ' lon: '.$ip2country_info->lon;\n\u002F\u002F or\n$ip2country_info = ip2country_info('us');\necho ' lat: '.$ip2country_info->lat;\necho ' lon: '.$ip2country_info->lon;\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fweb-profile.com.ua\u002Fwordpress\u002Fplugins\u002Fip2country\u002F\" rel=\"nofollow ugc\">Ip2country support page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Useful:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpage-list\u002F\" title=\"list of pages with shortcodes\" rel=\"ugc\">“Page-list” – show list of pages with shortcodes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fiframe\u002F\" title=\"embed content\" rel=\"ugc\">“Iframe” – embed content\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fweb-profile.net\u002Fwordpress\u002Fplugins\u002F\" title=\"WordPress Pro plugins\" rel=\"nofollow ugc\">WordPress Pro plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Plugin converts IP-address to the country.",10,4327,"2020-08-09T23:23:00.000Z","5.4.19",[20,21,23,4,53],"http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fip2country\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip2country.1.3.zip",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":81,"num_ratings":82,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":18,"tags":86,"homepage":90,"download_link":91,"security_score":46,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":56},"ip-location-block","IP Location Block","1.3.8","Darko G.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdarkog\u002F","\u003Cp>IP Location Block plugin that allows you to block access to your site based on the visitor location while also keeping your site safe from malicious attacks. The plugin brings a smart and powerful protection methods such as “\u003Cstrong>WP Metadata Exploit Protection\u003C\u002Fstrong>“.\u003C\u002Fp>\n\u003Cp>Combined with those methods and IP address geolocation, you’ll be surprised to find a bunch of malicious or undesirable access blocked in the logs of this plugin after several days of installation.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> This plugin is based on the now abandoned “IP Geo Block” plugin by tokkonopapa. I fixed various issues and improved the overall codebase.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Native Geo-Location Provider\u003C\u002Fstrong>\u003Cbr \u002F>\nIP Location Block provides \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location Provider\u003C\u002Fa> that is faster, more secure and provides the needed \u003Cstrong>precision\u003C\u002Fstrong> for matching \u003Cstrong>CITY\u003C\u002Fstrong> and \u003Cstrong>STATE\u003C\u002Fstrong> besides the standard COUNTRY matching.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Privacy by design:\u003C\u002Fstrong>\u003Cbr \u002F>\nIP address is always encrypted on recording in logs\u002Fcache. Moreover, it can be anonymized and restricted on sending to the 3rd parties such as geolocation APIs or whois service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Immigration control:\u003C\u002Fstrong>\u003Cbr \u002F>\nAccess to the basic and important entrances into back-end such as \u003Ccode>wp-comments-post.php\u003C\u002Fcode>, \u003Ccode>xmlrpc.php\u003C\u002Fcode>, \u003Ccode>wp-login.php\u003C\u002Fcode>, \u003Ccode>wp-signup.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-ajax.php\u003C\u002Fcode>, \u003Ccode>wp-admin\u002Fadmin-post.php\u003C\u002Fcode> will be validated by means of a country code based on IP address. It allows you to configure either whitelist or blacklist to \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FISO_3166-1_alpha-2#Officially_assigned_code_elements\" title=\"ISO 3166-1 alpha-2 - Wikipedia\" rel=\"nofollow ugc\">specify the countires\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FClassless_Inter-Domain_Routing\" title=\"Classless Inter-Domain Routing - Wikipedia\" rel=\"nofollow ugc\">CIDR notation\u003C\u002Fa> for a range of IP addresses and \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAutonomous_system_(Internet)\" title=\"Autonomous system (Internet) - Wikipedia\" rel=\"nofollow ugc\">AS number\u003C\u002Fa> for a group of IP networks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Guard against login attempts:\u003C\u002Fstrong>\u003Cbr \u002F>\nIn order to prevent hacking through the login form and XML-RPC by brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address even from the permitted countries.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Minimize server load against brute-force attacks:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin as a \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FMust_Use_Plugins\" title=\"Must Use Plugins « WordPress Codex\" rel=\"nofollow ugc\">Must Use Plugins\u003C\u002Fa> so that this plugin can be loaded prior to regular plugins. It can massively \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fvalidation-timing\u002F\" title=\"Validation timing | IP Location Block\" rel=\"nofollow ugc\">reduce the load on server\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Prevent malicious down\u002Fuploading:\u003C\u002Fstrong>\u003Cbr \u002F>\nA malicious request such as exposing \u003Ccode>wp-config.php\u003C\u002Fcode> or uploading malwares via vulnerable plugins\u002Fthemes can be blocked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block badly-behaved bots and crawlers:\u003C\u002Fstrong>\u003Cbr \u002F>\nA simple logic may help to reduce the number of rogue bots and crawlers scraping your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support of BuddyPress and bbPress:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can configure this plugin so that a registered user can login as a membership from anywhere, while a request such as a new user registration, lost password, creating a new topic and subscribing comment can be blocked by country. It is suitable for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress — WordPress Plugins\" rel=\"ugc\">BuddyPress\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbbpress\u002F\" title=\"WordPress › bbPress « WordPress Plugins\" rel=\"ugc\">bbPress\u003C\u002Fa> to help reducing spams.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Referrer suppressor for external links:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen you click an external hyperlink on admin screens, http referrer will be eliminated to hide a footprint of your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multiple source of IP Geolocation databases:\u003C\u002Fstrong>\u003Cbr \u002F>\nBesides the \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fnative-geo-location-provider\u002F?utm_source=plugin&utm_medium=wporgpage&utm_campaign=readme\" rel=\"nofollow ugc\">Native Geo-Location provider\u003C\u002Fa>, this plugin supports \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind GeoLite2 free databases\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\u002F\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location LITE databases\u003C\u002Fa>. Also free Geolocation REST APIs and whois information can be available for audit purposes.\u003Cbr \u002F>\nFather more, \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcloudflare-cloudfront-api-class-library\u002F\" title=\"CloudFlare & CloudFront API class library | IP Location Block\" rel=\"nofollow ugc\">dedicated API class libraries\u003C\u002Fa> can be installed for CloudFlare and CloudFront as a reverse proxy service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customizing response:\u003C\u002Fstrong>\u003Cbr \u002F>\nHTTP response code can be selectable as \u003Ccode>403 Forbidden\u003C\u002Fcode> to deny access pages, \u003Ccode>404 Not Found\u003C\u002Fcode> to hide pages or even \u003Ccode>200 OK\u003C\u002Fcode> to redirect to the top page.\u003Cbr \u002F>\nYou can also have a human friendly page (like \u003Ccode>404.php\u003C\u002Fcode>) in your parent\u002Fchild theme template directory to fit your site design.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Validation logs:\u003C\u002Fstrong>\u003Cbr \u002F>\nValidation logs for useful information to audit attack patterns can be manageable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Cooperation with full spec security plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin is lite enough to be able to cooperate with other full spec security plugin such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\u002F\" title=\"Wordfence Security — WordPress Plugins\" rel=\"ugc\">Wordfence Security\u003C\u002Fa>. See \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fpage-speed-performance\u002F\" title=\"Page speed performance | IP Location Block\" rel=\"nofollow ugc\">this report\u003C\u002Fa> about page speed performance.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Extendability:\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can customize the behavior of this plugin via \u003Ccode>add_filter()\u003C\u002Fcode> with \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002F\" title=\"Codex | IP Location Block\" rel=\"nofollow ugc\">pre-defined filter hook\u003C\u002Fa>. See various use cases in \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fexample-use-cases-for-the-developer-hooks\u002F\" rel=\"nofollow ugc\">samples.php\u003C\u002Fa> bundled within this package.\u003Cbr \u002F>\nYou can also get the extension \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\u002FWordPress-IP-Geo-Allow\" title=\"GitHub - ddur\u002FWordPress-IP-Geo-Allow: WordPress Plugin Exension for WordPress-IP-Geo-Block Plugin\" rel=\"nofollow ugc\">IP Geo Allow\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddur\" title=\"ddur (Dragan) - GitHub\" rel=\"nofollow ugc\">Dragan\u003C\u002Fa>. It makes admin screens strictly private with more flexible way than specifying IP addresses.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Self blocking prevention and easy rescue:\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite owners do not prefer themselves to be blocked. This plugin prevents such a sad thing unless you force it. And futhermore, if such a situation occurs, you can \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002Fcodex\u002Fwhat-should-i-do-when-im-locked-out\u002F\" title=\"What should I do when I'm locked out? | IP Location Block\" rel=\"nofollow ugc\">rescue yourself\u003C\u002Fa> easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean uninstallation:\u003C\u002Fstrong>\u003Cbr \u002F>\nNothing is left in your precious mySQL database after uninstallation. So you can feel free to install and activate to make a trial of this plugin’s functionality.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Documentation and more information can always be found on our \u003Ca href=\"https:\u002F\u002Fiplocationblock.com\u002F\" title=\"IP Location Block\" rel=\"nofollow ugc\">plugin website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Attribution\u003C\u002Fh4>\n\u003Cp>This package includes GeoLite2 library distributed by MaxMind, available from \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" title=\"MaxMind - IP Geolocation and Online Fraud Prevention\" rel=\"nofollow ugc\">MaxMind\u003C\u002Fa>, and also includes IP2Location open source libraries available from \u003Ca href=\"https:\u002F\u002Fwww.ip2location.com\" title=\"IP Address Geolocation to Identify Website Visitor's Geographical Location\" rel=\"nofollow ugc\">IP2Location\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Also thanks for providing the following services and REST APIs for free.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fgeoiplookup.net\u002F\" title=\"What Is My IP Address | GeoIP Lookup\" rel=\"nofollow ugc\">http:\u002F\u002Fgeoiplookup.net\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfo.io\u002F\" title=\"IP Address API and Data Solutions\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipapi.com\u002F\" title=\"ipapi - IP Address Lookup and Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipapi.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipstack.com\u002F\" title=\"ipstack - Free IP Geolocation API\" rel=\"nofollow ugc\">https:\u002F\u002Fipstack.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fipinfodb.com\u002F\" title=\"Free IP Geolocation Tools and API| IPInfoDB\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfodb.com\u002F\u003C\u002Fa> (IPv4, IPv6 \u002F free, need API key)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Development\u003C\u002Fh4>\n\u003Cp>Development of this plugin happens at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgdarko\u002Fip-location-block\" title=\"gdarko\u002Fip-location-block - GitHub\" rel=\"nofollow ugc\">IP Location Block – GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All contributions will always be welcome.\u003C\u002Fp>\n\u003Ch4>Known issues\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>From \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fcore\u002F2016\u002F03\u002F09\u002Fcomment-changes-in-wordpress-4-5\u002F\" title=\"Comment Changes in WordPress 4.5 – Make WordPress Core\" rel=\"nofollow ugc\">WordPress 4.5\u003C\u002Fa>, \u003Ccode>rel=nofollow\u003C\u002Fcode> had no longer be attached to the links in \u003Ccode>comment_content\u003C\u002Fcode>. This change prevents to block “\u003Ca href=\"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FServer_Side_Request_Forgery\" title=\"Server Side Request Forgery - OWASP\" rel=\"nofollow ugc\">Server Side Request Forgeries\u003C\u002Fa>” (not Cross Site but a malicious internal link in the comment field).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fapps.wordpress.com\u002Fmobile\u002F\" title=\"WordPress.com Apps - Mobile Apps\" rel=\"nofollow ugc\">WordPress.com Mobile App\u003C\u002Fa> can’t execute image uploading because of its own authentication system via XMLRPC.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily block visitors by country, state or ISP provider. Also, protects your site from spam, login attempts, malicious access & more.",10000,198024,92,33,"2026-03-13T00:57:00.000Z","7.0","3.7",[87,20,21,88,89],"block","ip-address","ip-geo-block","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fip-location-block\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-location-block.1.3.8.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":35,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":106,"tags":107,"homepage":112,"download_link":113,"security_score":46,"vuln_count":14,"unpatched_count":27,"last_vuln_date":114,"fetched_at":56},"user-ip-and-location","User IP and Location","4.0.2","Sunny Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Ftheguidex\u002F","\u003Cp>Looking to display your website visitor’s IP address, location, browser details, and other information on your WordPress site? Then “User IP and Location” plugin is exactly what you need!\u003C\u002Fp>\n\u003Cp>This plugin is very simple to set up and use. Just install it, and you can start showing visitor information anywhere on your website using easy shortcodes. You can put these shortcodes in your posts, pages, sidebar, footer – anywhere you want!\u003C\u002Fp>\n\u003Cp>The best part? We use the reliable and free \u003Ca href=\"http:\u002F\u002Fip-api.com\" title=\"IP-API\" rel=\"friend nofollow ugc\">IP-API\u003C\u002Fa> service to get all the location data, so the information is always accurate and up-to-date.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New in Version 4.x.x – Works with Caching Plugins!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Are you using WP-Rocket, W3 Total Cache, or any other caching plugin? No problem at all! We’ve completely rebuilt the plugin to work perfectly with all caching plugins. Your visitors will always see their own correct information, not some cached data from another visitor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong> – Get location names in 8 different languages (English, German, Spanish, Portuguese, French, Japanese, Chinese, Russian)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PRO API Key Support\u003C\u002Fstrong> – Use your premium IP-API key for higher limits and HTTPS security\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Caching System\u003C\u002Fstrong> – Built-in server-side caching with customizable expiration times (1 hour to 1 week)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conditional Content\u003C\u002Fstrong> – Show different content to visitors from specific countries, regions, or cities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Tools\u003C\u002Fstrong> – PHP functions and REST API endpoints for custom development\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Output\u003C\u002Fstrong> – Change “Yes\u002FNo” text to any language or format you prefer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here are all the shortcodes you can use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[userip_location type=\"ip\"] - Shows visitor's IP address\n[userip_location type=\"continent\"] - Shows continent name\n[userip_location type=\"country\"] - Shows country name\n[userip_location type=\"countrycode\"] - Shows country code (like IN, US, UK)\n[userip_location type=\"region\"] - Shows region code\n[userip_location type=\"regionname\"] - Shows region\u002Fstate name\n[userip_location type=\"city\"] - Shows city name\n[userip_location type=\"zip\"] - **NEW!** Shows ZIP\u002Fpostal code\n[userip_location type=\"lat\"] - Shows latitude\n[userip_location type=\"lon\"] - Shows longitude\n[userip_location type=\"timezone\"] - Shows timezone\n[userip_location type=\"currency\"] - Shows local currency\n[userip_location type=\"isp\"] - Shows internet provider name\n[userip_location type=\"mobile\"] - Shows if visitor is on mobile network\n[userip_location type=\"proxy\"] - Shows if visitor is using proxy\n[userip_location type=\"hosting\"] - Shows if IP is from hosting provider\n[userip_location type=\"browser\"] - Shows browser name\n[userip_location type=\"os\"] - Shows operating system\n[userip_location type=\"flag\" height=\"auto\" width=\"50px\" vertical_align=\"middle\"] - Shows country flag\n[userip_localtime] - **NEW!** Shows visitor's current local time\n[userip_localdate] - **NEW!** Shows visitor's current local date\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Smart Conditional Content:\u003C\u002Fstrong>\u003Cbr \u002F>\nShow different content to visitors from different places! Perfect for targeted marketing, regional offers, or localized messages.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[userip_conditional country=\"US,IN\"]Content for US and India visitors only[\u002Fuserip_conditional]\n[userip_conditional country_not=\"CN,RU\"]Content for everyone except China and Russia[\u002Fuserip_conditional]\n[userip_conditional region=\"CA,TX\"]Special offers for California and Texas![\u002Fuserip_conditional]\n[userip_conditional city=\"Mumbai,Delhi\"]Mumbai and Delhi exclusive deals[\u002Fuserip_conditional]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>About the Flag Shortcode:\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen using the flag shortcode, you can control its size and position. The \u003Ccode>height\u003C\u002Fcode>, \u003Ccode>width\u003C\u002Fcode>, and \u003Ccode>vertical_align\u003C\u002Fcode> options are all optional. By default, height is auto, width is 50px, and it aligns in the middle. You can change these as per your needs.\u003C\u002Fp>\n\u003Ch4>Why Choose User IP and Location Plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Super Easy Setup\u003C\u002Fstrong> – Just install and activate, that’s it!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with All Caching Plugins\u003C\u002Fstrong> – WP-Rocket, W3 Total Cache, you name it!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast Loading\u003C\u002Fstrong> – Uses modern AJAX technology so it doesn’t slow down your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lots of Information\u003C\u002Fstrong> – IP, country, city, flag, browser, OS, ISP, and much more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Language Support\u003C\u002Fstrong> – Location names in 8 different languages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PRO API Support\u003C\u002Fstrong> – Use premium IP-API keys for higher limits and HTTPS\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Caching\u003C\u002Fstrong> – Server-side caching with customizable expiration (1 hour to 1 week)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New Features\u003C\u002Fstrong> – ZIP code and local time shortcodes added\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Content\u003C\u002Fstrong> – Show different content to visitors from different countries, regions, or cities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Always Updated\u003C\u002Fstrong> – Uses reliable IP-API service for accurate data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong> – Includes PHP functions and REST API for custom development\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable\u003C\u002Fstrong> – Change output text, caching settings, and more from admin panel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for bloggers, businesses, and developers who want to personalize their website based on visitor location!\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This awesome plugin is created by the talented team at \u003Ca href=\"https:\u002F\u002Fheyserp.com\" title=\"HeySERP\" rel=\"friend nofollow ugc\"> HeySERP \u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Want to learn more about WordPress? Check out our website \u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002F\" title=\"TheGuideX\" rel=\"friend nofollow ugc\"> TheGuideX \u003C\u002Fa> where we share helpful tutorials on:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthewpx.com\u002Fget-ip-address-and-location-in-wordpress\u002F\" title=\"How to Get the IP Address and Location of Users in WordPress\" rel=\"friend nofollow ugc\">How to Get User IP and Location in WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fcommon-wordpress-errors\u002F\" title=\"Common WordPress Errors & Solutions\" rel=\"friend nofollow ugc\">Common WordPress Errors & How to Fix Them\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fgoogle-adsense-plugins-for-wordpress\u002F\" title=\"Best WordPress Ads Manager Plugins\" rel=\"friend nofollow ugc\">Best WordPress Ad Management Plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more helpful \u003Ca href=\"https:\u002F\u002Ftheguidex.com\u002Fcategory\u002Fwordpress\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa> in simple language!\u003C\u002Fp>\n","Want to show your website visitors their IP address, location, and other cool details? This plugin makes it super easy! Now works perfectly with cachi &hellip;",3000,38194,9,"2025-07-15T07:41:00.000Z","6.8.5","5.0","7.2",[108,21,109,110,111],"country-code","region","user-ip-address","user-location","https:\u002F\u002Ftheguidex.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-ip-and-location.zip","2023-04-28 00:00:00",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":46,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":105,"requires_php":106,"tags":128,"homepage":132,"download_link":133,"security_score":134,"vuln_count":14,"unpatched_count":27,"last_vuln_date":135,"fetched_at":56},"advanced-country-blocker","Advanced Country Blocker","2.3.2","brstefanovic","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrstefanovic\u002F","\u003Cp>\u003Cstrong>Advanced Country Blocker\u003C\u002Fstrong> helps you secure your WordPress site by restricting access based on the visitor’s geolocation (country) or IP address. Upon activation, the plugin detects the activating admin’s country and automatically sets that as the only allowed country. All other visitors from different countries are blocked, unless they use a secret key parameter to temporarily whitelist their IP. Country detection uses the privacy-friendly ip-api.com service by default but can be switched to a fully offline MaxMind GeoLite2 (or compatible) database file once you configure a local copy.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatically allows the admin’s country\u003C\u002Fstrong> on plugin activation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible IP-to-country lookups\u003C\u002Fstrong> – start with the built-in ip-api.com integration and optionally switch to an offline MaxMind GeoLite2 Country (or compatible) \u003Ccode>.mmdb\u003C\u002Fcode> database file.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allowlist or blacklist mode\u003C\u002Fstrong> – choose whether the country list acts as an allowlist or blocklist without re-entering countries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Temporary access\u003C\u002Fstrong> via a customizable secret URL parameter (e.g., \u003Ccode>?MySecretKey=1\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CAPTCHA Challenge\u003C\u002Fstrong> – allow blocked visitors to solve a CAPTCHA to gain temporary access (supports Google reCAPTCHA v2\u002Fv3, hCaptcha, Cloudflare Turnstile).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Activity Monitor\u003C\u002Fstrong> – live dashboard showing active visitors, recent blocks, and traffic statistics.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – comprehensive charts and statistics about blocked attempts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual blacklisting and safelisting of IPs\u003C\u002Fstrong> for added security and to accommodate uptime monitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional email alerts\u003C\u002Fstrong> when new visitors are blocked.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin bypass\u003C\u002Fstrong> so logged-in admins can always access the site (toggleable in the code).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed logging\u003C\u002Fstrong> of blocked attempts in a custom database table, displayed in the WP admin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom response controls\u003C\u002Fstrong> – personalise the block page title\u002Fmessage, choose the HTTP status (403, 410, 451) or redirect to any URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic log cleanup\u003C\u002Fstrong> with configurable retention plus a one-click “Clear Logs” button.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Use the plugin settings page (\u003Cstrong>Country Blocker\u003C\u002Fstrong> menu in WP admin) to configure the list of allowed countries, blacklisted countries, blacklisted IPs, and whether email alerts are enabled.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is open-sourced software licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GPLv3 or later\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>By default this plugin contacts the ip-api.com geolocation service to detect visitor countries. You can disable all external lookups by switching the IP lookup method to the local MaxMind database in the settings.\u003C\u002Fp>\n","An advanced security plugin that blocks website visitors by country, with additional features like blacklisting, logging blocked attempts, admin bypas &hellip;",2000,12575,6,"2026-02-06T09:04:00.000Z","6.9.4",[129,20,21,130,131],"blocking","ip-blocking","security","https:\u002F\u002Fsparkcan.com\u002Facb.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-country-blocker.2.3.2.zip",99,"2026-02-06 20:24:09",{"attackSurface":137,"codeSignals":152,"taintFlows":213,"riskAssessment":293,"analyzedAt":309},{"hooks":138,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":27,"unprotectedCount":27},[139,144],{"type":140,"name":141,"callback":142,"file":143,"line":13},"action","init","ActionInit","ip-to-country.php",{"type":140,"name":145,"callback":146,"file":143,"line":147},"admin_menu","PepakIpToCountry_BuildAdminMenu",61,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":176,"fileOperations":211,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":212},[],{"prepared":155,"raw":102,"locations":156},16,[157,160,162,164,166,168,170,172,174],{"file":143,"line":158,"context":159},265,"$wpdb->query() with variable interpolation",{"file":143,"line":161,"context":159},297,{"file":143,"line":163,"context":159},303,{"file":143,"line":165,"context":159},321,{"file":143,"line":167,"context":159},347,{"file":143,"line":169,"context":159},355,{"file":143,"line":171,"context":159},369,{"file":143,"line":173,"context":159},370,{"file":143,"line":175,"context":159},437,{"escaped":14,"rawEcho":155,"locations":177},[178,181,183,185,187,189,191,193,195,197,199,201,203,205,207,209],{"file":143,"line":179,"context":180},563,"raw output",{"file":143,"line":182,"context":180},643,{"file":143,"line":184,"context":180},644,{"file":143,"line":186,"context":180},645,{"file":143,"line":188,"context":180},646,{"file":143,"line":190,"context":180},648,{"file":143,"line":192,"context":180},652,{"file":143,"line":194,"context":180},656,{"file":143,"line":196,"context":180},658,{"file":143,"line":198,"context":180},659,{"file":143,"line":200,"context":180},662,{"file":143,"line":202,"context":180},663,{"file":143,"line":204,"context":180},666,{"file":143,"line":206,"context":180},670,{"file":143,"line":208,"context":180},674,{"file":143,"line":210,"context":180},675,4,[],[214,256,271],{"entryPoint":215,"graph":216,"unsanitizedCount":254,"severity":255},"AdminPanel (ip-to-country.php:566)",{"nodes":217,"edges":248},[218,223,229,232,236,240,242,246],{"id":219,"type":220,"label":221,"file":143,"line":222},"n0","source","$_POST (x3)",574,{"id":224,"type":225,"label":226,"file":143,"line":227,"wp_function":228},"n1","sink","update_option() [Settings Manipulation]",583,"update_option",{"id":230,"type":220,"label":231,"file":143,"line":182},"n2","$_SERVER['REQUEST_URI']",{"id":233,"type":225,"label":234,"file":143,"line":182,"wp_function":235},"n3","echo() [XSS]","echo",{"id":237,"type":220,"label":238,"file":143,"line":239},"n4","$_FILES",626,{"id":241,"type":225,"label":234,"file":143,"line":186,"wp_function":235},"n5",{"id":243,"type":220,"label":244,"file":143,"line":245},"n6","$_POST (x2)",575,{"id":247,"type":225,"label":234,"file":143,"line":198,"wp_function":235},"n7",[249,251,252,253],{"from":219,"to":224,"sanitized":250},false,{"from":230,"to":233,"sanitized":250},{"from":237,"to":241,"sanitized":250},{"from":243,"to":247,"sanitized":250},7,"medium",{"entryPoint":257,"graph":258,"unsanitizedCount":269,"severity":270},"IP_to_Country_Info (ip-to-country.php:166)",{"nodes":259,"edges":267},[260,263],{"id":219,"type":220,"label":261,"file":143,"line":262},"$_SERVER (x2)",172,{"id":224,"type":225,"label":264,"file":143,"line":265,"wp_function":266},"get_row() [SQLi]",192,"get_row",[268],{"from":219,"to":224,"sanitized":250},2,"high",{"entryPoint":272,"graph":273,"unsanitizedCount":102,"severity":270},"\u003Cip-to-country> (ip-to-country.php:0)",{"nodes":274,"edges":287},[275,276,277,278,279,280,281,282,283,285],{"id":219,"type":220,"label":261,"file":143,"line":262},{"id":224,"type":225,"label":264,"file":143,"line":265,"wp_function":266},{"id":230,"type":220,"label":221,"file":143,"line":222},{"id":233,"type":225,"label":226,"file":143,"line":227,"wp_function":228},{"id":237,"type":220,"label":231,"file":143,"line":182},{"id":241,"type":225,"label":234,"file":143,"line":182,"wp_function":235},{"id":243,"type":220,"label":238,"file":143,"line":239},{"id":247,"type":225,"label":234,"file":143,"line":186,"wp_function":235},{"id":284,"type":220,"label":244,"file":143,"line":245},"n8",{"id":286,"type":225,"label":234,"file":143,"line":198,"wp_function":235},"n9",[288,289,290,291,292],{"from":219,"to":224,"sanitized":250},{"from":230,"to":233,"sanitized":250},{"from":237,"to":241,"sanitized":250},{"from":243,"to":247,"sanitized":250},{"from":284,"to":286,"sanitized":250},{"summary":294,"deductions":295},"The \"ip-to-country\" plugin v0.08 exhibits a mixed security posture. On one hand, the plugin has a remarkably small attack surface with zero identified entry points that require authentication checks, no AJAX handlers, REST API routes, shortcodes, or cron events. This suggests a limited potential for direct exploitation through common plugin interaction vectors.\n\nHowever, the static analysis reveals significant concerns within the code itself. A concerning 64% of SQL queries are not using prepared statements, which opens the door to SQL injection vulnerabilities if any user-supplied data is incorporated into these queries. Furthermore, the extremely low rate of output escaping (6%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as dynamic content is likely being rendered without proper sanitization. The taint analysis highlighting two high-severity flows with unsanitized paths, despite no critical issues, is also a red flag for potential data manipulation or leakage risks. The absence of nonce checks and capability checks on any potential, though currently non-existent, entry points is a concern if the plugin's functionality were to expand or be integrated differently.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. While this is positive, it's crucial to remember that a lack of reported vulnerabilities doesn't guarantee absolute security, especially given the identified code quality issues. The absence of any past vulnerabilities might also indicate limited exposure or integration into environments where such vulnerabilities were not discovered or reported. In conclusion, the plugin's minimal attack surface is a strength, but the significant number of unescaped outputs, insecure SQL queries, and high-severity taint flows present substantial risks that outweigh the clean vulnerability history. The code quality issues require immediate attention to improve its security.",[296,299,302,304,307],{"reason":297,"points":298},"High number of SQL queries without prepared statements",15,{"reason":300,"points":301},"Low percentage of properly escaped output",12,{"reason":303,"points":64},"High severity taint flows without sanitization",{"reason":305,"points":306},"Missing Nonce checks",5,{"reason":308,"points":306},"Missing Capability checks","2026-03-16T23:08:45.140Z",{"wat":311,"direct":316},{"assetPaths":312,"generatorPatterns":313,"scriptPaths":314,"versionParams":315},[],[],[],[],{"cssClasses":317,"htmlComments":318,"htmlAttributes":331,"restEndpoints":332,"jsGlobals":333,"shortcodeOutput":334},[],[319,320,321,322,323,324,325,326,327,328,329,330],"Copyright 2009, 2010  Pepak (email: wordpress@pepak.net)","This program is free software; you can redistribute it and\u002For modify","it under the terms of the GNU General Public License as published by","the Free Software Foundation; either version 2 of the License, or","(at your option) any later version.","This program is distributed in the hope that it will be useful,","but WITHOUT ANY WARRANTY; without even the implied warranty of","MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the","GNU General Public License for more details.","You should have received a copy of the GNU General Public License","along with this program; if not, write to the Free Software","Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA",[],[],[],[],{"error":336,"url":337,"statusCode":338,"statusMessage":339,"message":339},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fip-to-country\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":341},[]]