[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4oXsBE-ReGyjaW6wZN8gveNZY_XkSOnmEBhxFW_3200":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":36,"analysis":129,"fingerprints":302},"polar-mass-advanced-ip-blocker","Polar Mass Advanced IP Blocker","1.0.1","polarmass","https:\u002F\u002Fprofiles.wordpress.org\u002Fpolarmass\u002F","\u003Cp>\u003Cstrong>Automatically Block Malicious IPs with Cloudflare\u003C\u002Fstrong>\u003Cbr \u002F>\nProtect your WordPress site from hackers and brute-force attacks. This free plugin automatically blocks malicious IPs detected by Wordfence and integrates with Cloudflare for real-time security.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🔒 \u003Cstrong>Automatic IP Blocking\u003C\u002Fstrong> – Blocks malicious IPs detected by Wordfence.\u003C\u002Fli>\n\u003Cli>⚡ \u003Cstrong>Cloudflare Integration\u003C\u002Fstrong> – Uses Cloudflare’s API for real-time threat mitigation.\u003C\u002Fli>\n\u003Cli>📉 \u003Cstrong>Reduces Server Load\u003C\u002Fstrong> – Shifts security tasks from WordPress to Cloudflare.\u003C\u002Fli>\n\u003Cli>🏆 \u003Cstrong>Lightweight & Fast\u003C\u002Fstrong> – Security without slowing down your site.\u003C\u002Fli>\n\u003Cli>🛠️ \u003Cstrong>Easy Setup\u003C\u002Fstrong> – Just enter your Cloudflare API key and Zone ID.\u003C\u002Fli>\n\u003Cli>🆓 \u003Cstrong>Free & Open Source\u003C\u002Fstrong> – Transparent and continuously improved.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GPL v2 or later\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, feature requests, or bug reports, open an issue or reach out via \u003Ca href=\"mailto:contact@polarmass.com\" rel=\"nofollow ugc\">email\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>To improve the user experience, \u003Cstrong>Polar Mass Advanced IP Blocker\u003C\u002Fstrong> may use the following third-party services:\u003C\u002Fp>\n\u003Ch4>Cloudflare API (https:\u002F\u002Fapi.cloudflare.com\u002Fclient\u002Fv4\u002F)\u003C\u002Fh4>\n\u003Cp>This plugin integrates with \u003Cstrong>Cloudflare’s API\u003C\u002Fstrong> to manage IP rules and firewall settings, helping block malicious traffic in real-time.\u003Cbr \u002F>\n– Users must manually enter their \u003Cstrong>Cloudflare API Key\u003C\u002Fstrong> and \u003Cstrong>Zone ID\u003C\u002Fstrong> in the plugin settings to enable this feature.\u003Cbr \u002F>\n– No automatic data collection occurs without user input.\u003Cbr \u002F>\n– When configured, the plugin securely sends user-defined IPs and rules to Cloudflare’s servers.\u003Cbr \u002F>\n– Cloudflare Privacy Policy: \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Polar Mass API (https:\u002F\u002Fpolarmass.com\u002Fwp-json\u002Fpmip\u002Fv1\u002Fnewsletter\u002Fsignup)\u003C\u002Fh4>\n\u003Cp>This plugin provides an \u003Cstrong>optional\u003C\u002Fstrong> newsletter signup form within the admin panel.\u003Cbr \u002F>\n– The \u003Cstrong>only\u003C\u002Fstrong> data collected is the email address entered by the user.\u003Cbr \u002F>\n– This data is securely transmitted to our server at \u003Cstrong>polarmass.com\u003C\u002Fstrong>.\u003Cbr \u002F>\n– No personal information is shared or processed without explicit user consent.\u003Cbr \u002F>\n– Privacy Policy: \u003Ca href=\"https:\u002F\u002Fpolarmass.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fpolarmass.com\u002Fprivacy-policy\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For more details, please review our \u003Ca href=\"https:\u002F\u002Fpolarmass.com\u002Fterms-and-conditions\u002F\" rel=\"nofollow ugc\">Terms and Conditions\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fpolarmass.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically block threats at the network level by forwarding Wordfence-detected IPs to Cloudflare.",90,873,100,2,"2025-05-20T18:49:00.000Z","6.8.5","5.8","7.4",[20,21,22,23,24],"cloudflare","firewall","ip-blocker","security","wordpress-security","https:\u002F\u002Fpolarmass.com\u002Fpolar-mass-advanced-ip-blocker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpolar-mass-advanced-ip-blocker.1.0.1.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,94,"2026-04-04T06:10:06.571Z",[37,53,75,94,114],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":32,"last_updated":47,"tested_up_to":16,"requires_at_least":48,"requires_php":18,"tags":49,"homepage":51,"download_link":52,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"proactive-security-suite","Proactive Security Suite","1.5.9.9","ITCS","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimath99\u002F","\u003Cp>Welcome to the \u003Cem>ProActive Security Suite\u003C\u002Fem> Plugin Wiki\u003C\u002Fp>\n\u003Cp>     Enhance your WordPress website’s security with the \u003Cstrong>ProActive Security Suite\u003C\u002Fstrong>. This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like \u003Cstrong>Cloudflare\u003C\u002Fstrong>, \u003Cstrong>AbuseIPDB\u003C\u002Fstrong>,  and \u003Cstrong>Whatismybrowser.com\u003C\u002Fstrong>. ProActive Security Suite provides proactive defense mechanisms to protect your site from malicious traffic and potential threats before they reach your server. \u003C\u002Fp>\n\u003Cp>     Table of Contents     \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#introduction\" rel=\"nofollow ugc\">Introduction\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#features\" rel=\"nofollow ugc\">Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#free-features\" rel=\"nofollow ugc\">Free Features\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#premium-features\" rel=\"nofollow ugc\">Premium Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#installation\" rel=\"nofollow ugc\">Installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#configuration\" rel=\"nofollow ugc\">Configuration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#cloudflare-settings\" rel=\"nofollow ugc\">Cloudflare Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#abuseipdb-integration\" rel=\"nofollow ugc\">AbuseIPDB Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#whatismybrowsercom-integration\" rel=\"nofollow ugc\">WhatIsMyBrowser.com Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#usage\" rel=\"nofollow ugc\">Usage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#automatic-ip-synchronization\" rel=\"nofollow ugc\">Automatic IP Synchronization\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#manual-synchronization\" rel=\"nofollow ugc\">Manual Synchronization\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#captured-traffic-data\" rel=\"nofollow ugc\">Captured Traffic Data\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#advanced-rule-builder\" rel=\"nofollow ugc\">Advanced Rule Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#rule-details-in-blocked-ips\" rel=\"nofollow ugc\">Rule Details in Blocked IPs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#advanced-settings\" rel=\"nofollow ugc\">Advanced Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#faq\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#support\" rel=\"nofollow ugc\">Support and Contribution\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#license\" rel=\"nofollow ugc\">License\u003C\u002Fa>\u003C\u002Fli>\n\u003Cp>Introduction\u003C\u002Fp>\n\u003Cp>     Welcome to the \u003Cstrong>ProActive Security Suite\u003C\u002Fstrong> plugin! This comprehensive security solution enhances your website’s protection by combining advanced threat detection, automated rule-based actions, and integration with services like \u003Cstrong>Cloudflare\u003C\u002Fstrong> and \u003Cstrong>AbuseIPDB\u003C\u002Fstrong>. By proactively analyzing traffic and applying custom security rules, ProActive Security Suite stops malicious traffic before it reaches your server, reducing load and enhancing performance. \u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Freleases\" rel=\"nofollow ugc\">Download Latest Release\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Features\u003C\u002Fp>\n\u003Ch3>Free Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic IP Synchronization:\u003C\u002Fstrong> Effortlessly sync blocked IPs to Cloudflare’s firewall.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Settings:\u003C\u002Fstrong> Tailor the plugin to your needs with adjustable settings:\n\u003Cul>\n\u003Cli>Blocked Hits Threshold\u003C\u002Fli>\n\u003Cli>Block Scope (Domain or Account)\u003C\u002Fli>\n\u003Cli>Block Mode (e.g., Block, Managed Challenge)\u003C\u002Fli>\n\u003Cli>Cron Interval\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Synchronization:\u003C\u002Fstrong> Trigger synchronization manually when immediate action is needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AbuseIPDB Integration:\u003C\u002Fstrong> Optional integration to fetch detailed information about IPs:\n\u003Cul>\n\u003Cli>Country Code\u003C\u002Fli>\n\u003Cli>Usage Type\u003C\u002Fli>\n\u003Cli>ISP Information\u003C\u002Fli>\n\u003Cli>Confidence Score\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced Rule Builder:\u003C\u002Fstrong> Create custom security rules based on various criteria such as confidence score, whitelisted status, abusive status, and more. Automate actions like blocking or challenging IPs based on these rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Priorities:\u003C\u002Fstrong> Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first, allowing critical rules to take precedence.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Action Application:\u003C\u002Fstrong> The plugin automatically applies actions to IPs that match your defined rules immediately after capturing traffic data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Details in Blocked IPs:\u003C\u002Fstrong> View detailed information about which rules caused IPs to be blocked, including criteria and actions taken.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Captured Traffic Data:\u003C\u002Fstrong> Log and analyze incoming traffic for enhanced security insights.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude User Roles:\u003C\u002Fstrong> Exclude specific WordPress user roles from traffic logging.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WhatIsMyBrowser.com API Integration:\u003C\u002Fstrong> Advanced user agent analysis and detection capabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced AbuseIPDB Integration:\u003C\u002Fstrong> Automatic updates for all entries with the same IP address.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Support:\u003C\u002Fstrong> Access dedicated support for assistance and troubleshooting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Custom WAF Rule & List Management:\u003C\u002Fstrong> Optionally create a Cloudflare custom list and associated WAF rule. Manage entries directly from the plugin and get notified if Cloudflare reports issues such as a full list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     \u003Cstrong>Note:\u003C\u002Fstrong> The premium features require an active premium license. Upgrade to access these advanced functionalities. \u003C\u002Fp>\n\u003Cp>Installation\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Download the Plugin:\u003C\u002Fstrong> Clone the repository or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Freleases\" rel=\"nofollow ugc\">download the latest release\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upload to WordPress:\u003C\u002Fstrong> Upload the `proactive-security-suite` directory to `\u002Fwp-content\u002Fplugins\u002F`.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activate the Plugin:\u003C\u002Fstrong> In your WordPress dashboard, navigate to \u003Cem>Plugins\u003C\u002Fem> and activate \u003Cem>ProActive Security Suite\u003C\u002Fem>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Configuration\u003C\u002Fp>\n\u003Ch3>Cloudflare Settings\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Obtain Cloudflare Credentials:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email:\u003C\u002Fstrong> Your Cloudflare account email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API Key:\u003C\u002Fstrong> Your Global API Key or an API Token with necessary permissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zone ID:\u003C\u002Fstrong> Found in your Cloudflare dashboard under the domain’s overview.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account ID:\u003C\u002Fstrong> Located in your Cloudflare profile settings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure Plugin Settings:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Navigate to \u003Cem>Settings > ProActive Security Suite\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Enter your Cloudflare credentials securely.\u003C\u002Fli>\n\u003Cli>Adjust settings like Blocked Hits Threshold, Block Scope, and Block Mode.\u003C\u002Fli>\n\u003Cli>Enable \u003Cem>Custom WAF Rule\u003C\u002Fem> and supply a rule name to allow the plugin to create and maintain a Cloudflare custom list and matching WAF rule. List entries can be viewed, added, or removed from within the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>AbuseIPDB Integration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Sign Up for AbuseIPDB:\u003C\u002Fstrong> Visit \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002F\" rel=\"nofollow ugc\">AbuseIPDB\u003C\u002Fa> and sign up for an API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable Integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>In the plugin settings, enter your AbuseIPDB API key.\u003C\u002Fli>\n\u003Cli>Enable the \u003Cem>AbuseIPDB Lookup\u003C\u002Fem> option.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WhatIsMyBrowser.com Integration (Premium)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Obtain API Key:\u003C\u002Fstrong> Register at \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002F\" rel=\"nofollow ugc\">WhatIsMyBrowser.com\u003C\u002Fa> for an API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure Integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Enter the API key in the plugin’s settings under \u003Cem>WhatIsMyBrowser API Key\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Enable the integration features as desired.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Usage\u003C\u002Fp>\n\u003Ch3>Automatic IP Synchronization\u003C\u002Fh3>\n\u003Cp>     The plugin automatically syncs blocked IPs based on your configured cron interval. IPs exceeding the Blocked Hits Threshold are added to Cloudflare’s firewall or acted upon based on your defined rules. \u003C\u002Fp>\n\u003Ch3>Manual Synchronization\u003C\u002Fh3>\n\u003Cp>     Navigate to \u003Cem>Settings > ProActive Security Suite\u003C\u002Fem> and click the \u003Cstrong>Run Process\u003C\u002Fstrong> button to trigger synchronization and rule evaluation immediately. \u003C\u002Fp>\n\u003Ch3>Captured Traffic Data (Premium)\u003C\u002Fh3>\n\u003Cp>     Access detailed logs under the \u003Cem>Captured Traffic Data\u003C\u002Fem> tab. Analyze user agents, request methods, and more. Exclude specific user roles from logging in the settings. \u003C\u002Fp>\n\u003Ch3>Advanced Rule Builder (Premium)\u003C\u002Fh3>\n\u003Cp>     The plugin features a powerful \u003Cstrong>Rule Builder\u003C\u002Fstrong> that allows you to create custom security rules based on various criteria. You can define rules using conditions such as: \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Confidence Score:\u003C\u002Fstrong> Set thresholds using operators like greater than, less than, equal to, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Is Whitelisted:\u003C\u002Fstrong> Check if an IP is marked as whitelisted in AbuseIPDB.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Is Abusive:\u003C\u002Fstrong> Determine if an IP is associated with abusive behavior.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Criteria:\u003C\u002Fstrong> Add other criteria based on the data captured.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     Each rule can be assigned an \u003Cstrong>Action\u003C\u002Fstrong> (e.g., Block, Managed Challenge) that will be applied to IPs matching the rule. You can also assign a \u003Cstrong>Priority\u003C\u002Fstrong> to control the order in which rules are evaluated. \u003C\u002Fp>\n\u003Ch3>Rule Details in Blocked IPs (Premium)\u003C\u002Fh3>\n\u003Cp>     The \u003Cstrong>Blocked IPs\u003C\u002Fstrong> tab now includes a \u003Cem>Rule Details\u003C\u002Fem> column that displays comprehensive information about the rules that caused IPs to be blocked. This includes: \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Criteria:\u003C\u002Fstrong> The specific conditions that were met, such as confidence score thresholds, whitelisted status, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Action:\u003C\u002Fstrong> The action taken by the rule (e.g., Block, Managed Challenge).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     This enhancement allows administrators to easily identify which rules are triggering blocks and understand the reasons behind each IP being blocked. It provides greater transparency and aids in fine-tuning security settings. \u003C\u002Fp>\n\u003Cp>Advanced Settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Blocked Hits Threshold:\u003C\u002Fstrong> Define the minimum number of blocked hits before an IP is synchronized or evaluated by rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Scope:\u003C\u002Fstrong> Choose between domain-specific or account-wide blocking.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Mode:\u003C\u002Fstrong> Select the action for Cloudflare to take (e.g., Block, Challenge).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cron Interval:\u003C\u002Fstrong> Set how frequently the plugin checks for new blocked IPs and evaluates rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Priorities:\u003C\u002Fstrong> Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Role Exclusions:\u003C\u002Fstrong> Exclude specific WordPress user roles from traffic logging and rule evaluation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Frequently Asked Questions\u003C\u002Fp>\n\u003Ch3>How do I obtain my Cloudflare Zone ID and Account ID?\u003C\u002Fh3>\n\u003Cp>     \u003Cstrong>Zone ID:\u003C\u002Fstrong> Log into Cloudflare, select your domain, and find the Zone ID on the Overview page.\u003Cbr \u002F>     \u003Cstrong>Account ID:\u003C\u002Fstrong> Click on your profile in Cloudflare; the Account ID is listed there. \u003C\u002Fp>\n\u003Ch3>Can I use an API Token instead of the Global API Key?\u003C\u002Fh3>\n\u003Cp>     Yes, ensure the API Token has the necessary permissions for firewall access. \u003C\u002Fp>\n\u003Ch3>Is the plugin compatible with IPv6 addresses?\u003C\u002Fh3>\n\u003Cp>     Absolutely, the plugin supports both IPv4 and IPv6 addresses. \u003C\u002Fp>\n\u003Ch3>How does the plugin handle my API keys?\u003C\u002Fh3>\n\u003Cp>     All API keys are securely stored using WordPress’s options API and are never exposed in plain text. \u003C\u002Fp>\n\u003Ch3>How do rule priorities work?\u003C\u002Fh3>\n\u003Cp>     Rule priorities determine the order in which your rules are evaluated. Rules with higher priority numbers are evaluated first. If traffic data matches a rule, the corresponding action is applied, and no further rules are evaluated for that IP address. \u003C\u002Fp>\n\u003Ch3>Can I see which rule blocked an IP?\u003C\u002Fh3>\n\u003Cp>     Yes, with the \u003Cstrong>Rule Details in Blocked IPs\u003C\u002Fstrong> feature, you can view the exact rule criteria and action that caused an IP to be blocked. This information is displayed in the Blocked IPs tab under the Rule Details column. \u003C\u002Fp>\n\u003Ch3>How does the automatic action application work?\u003C\u002Fh3>\n\u003Cp>     When traffic data is captured, the plugin immediately evaluates it against your defined rules. If a rule matches, the specified action is applied to the IP address without any manual intervention. \u003C\u002Fp>\n\u003Cp>Support and Contribution\u003C\u002Fp>\n\u003Cp>     \u003Cstrong>Support:\u003C\u002Fstrong> For assistance, please open an issue on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Fissues\" rel=\"nofollow ugc\">GitHub Issues\u003C\u002Fa> page or contact us at \u003Ca href=\"mailto:info@itcs.services\" rel=\"nofollow ugc\">info@itcs.services\u003C\u002Fa>. \u003C\u002Fp>\n\u003Cp>License\u003C\u002Fp>\n\u003Cp>     This project is licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GNU General Public License v3.0\u003C\u002Fa>. \u003C\u002Fp>\n\u003Cp>     \u003Cem>Thank you for using ProActive Security Suite!\u003C\u002Fem>  \u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Cloudflare\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We send visitor IPs (and optionally country\u002FISP data) to create Firewall rules.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address, associated rule details.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Cloudflare Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Cloudflare Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>AbuseIPDB\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We check IP reputation, fetching country code, ISP, and confidence score.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002Flegal\" rel=\"nofollow ugc\">AbuseIPDB Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WhatIsMyBrowser\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We send user agent strings to detect software (browser), OS, and if it’s abusive.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: User agent strings.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002Fabout\u002Flegal\u002F\" rel=\"nofollow ugc\">WhatIsMyBrowser Terms of Service\u003C\u002Fa> |\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002Fabout\u002Flegal\u002F\" rel=\"nofollow ugc\">Legal\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IPData\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We fetch detailed threat intelligence (Tor, proxy, known attacker, etc.).\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fipdata.co\u002Fterms-of-service.html\" rel=\"nofollow ugc\">IPData Terms\u003C\u002Fa> |\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fipdata.co\u002Fprivacy.html\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Welcome to the ProActive Security Suite Plugin Wiki      Enhance your WordPress website's security with the ProActive Security Suite.",10,904,"2025-08-24T19:26:00.000Z","5.2",[20,21,23,50,24],"wordfence","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproactive-security-suite.1.5.9.9.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"malcare-security","MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall","6.36","malcare","https:\u002F\u002Fprofiles.wordpress.org\u002Fmalcare\u002F","\u003Ch3>MALCARE SECURITY SERVICES\u003C\u002Fh3>\n\u003Cp>Security Plugin For WordPress Websites\u003Cbr \u002F>\n★★★★★\u003C\u002Fp>\n\u003Cp>A WordPress security plugin ensures that your website remains completely safe and secure, always. We created \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002F\" rel=\"nofollow ugc\">MalCare Security Plugin\u003C\u002Fa> to help website owners worry less about their site security, achieve peace of mind and focus all their energies on growing their business or website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why you need MalCare Security?\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fj3h0JF0we4o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Difference Between MalCare Free vs Premium\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4ja5ix9WDCo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>Why MalCare is best WordPress security plugin?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fvt-0TrMV-TQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>MalCare in 1 Minute – Overview\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FH1XRntW_FeE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003Cbr \u002F>\n\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important Links: \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Security Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002F\" rel=\"nofollow ugc\">Why Choose MalCare?\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Ftop-wordpress-security-plugins-compared\u002F\" rel=\"nofollow ugc\">Comparisons\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fmalcare-free-premium\u002F\" rel=\"nofollow ugc\">Free vs Paid\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MalCare is the \u003Cstrong>fastest\u003C\u002Fstrong> malware detection and removal plugin loved by thousands of developers and agencies. With an industry-first \u003Cstrong>automatic one-click malware removal\u003C\u002Fstrong>, your WordPress website is clean before Google blacklists it or your web host takes it down. MalCare has been developed from the ground up after \u003Cstrong>analyzing over 240,000 websites over 2.5+ years\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Its \u003Cstrong>intelligent scanning methodology\u003C\u002Fstrong> will \u003Cstrong>never slow down your WordPress site\u003C\u002Fstrong> and \u003Cstrong>accurately identifies\u003C\u002Fstrong> the most complex malware that typically goes undetected in other popular WordPress security plugins.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>one-click malware cleaner\u003C\u002Fstrong> offers unlimited automated cleanups while the inbuilt \u003Cstrong>powerful cloud-based firewall\u003C\u002Fstrong> ensures round-the-clock website protection against spam attacks. Moreover, you can \u003Cstrong>block countries\u003C\u002Fstrong> to mitigate hack attacks.\u003C\u002Fp>\n\u003Cp>MalCare comes integrated with a \u003Cstrong>complete website management\u003C\u002Fstrong> module that ensures better WP security and site management to your websites from a single dashboard.\u003C\u002Fp>\n\u003Cp>The WP security plugin \u003Cstrong>notifies you if the WordPress site goes down\u003C\u002Fstrong> so that you can handle the situation before you start losing visitors. Performance Check enables WordPress users to keep an eye on their \u003Cstrong>loading speed\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>MalCare offers a premium \u003Cstrong>White-Label\u003C\u002Fstrong> solution that lets agencies provide better website security to their clients without risking their business. And enables users to \u003Cstrong>generate beautiful reports\u003C\u002Fstrong> for their clients.\u003C\u002Fp>\n\u003Ch3>Why Choose MalCare WordPress Security Plugin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Ch4>WordPress Malware Scanner\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Cloud Based Deep malware scanner\u003C\u002Fli>\n\u003Cli>Doesn’t Slow down your WordPress site\u003C\u002Fli>\n\u003Cli>Detects malware BEFORE it’s too late\u003C\u002Fli>\n\u003Cli>NO impact on your website\u003C\u002Fli>\n\u003Cli>Finds ALL types of malware, even new & complex ones\u003C\u002Fli>\n\u003Cli>Get Alerts about Security Risks with our WordPress Vulnerability Scanner\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>WordPress Malware Removal\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View hacked file details\u003C\u002Fli>\n\u003Cli>Cleans your site INSTANTLY, in less than 60 Secs\u003C\u002Fli>\n\u003Cli>Removes ALL traces of malware\u003C\u002Fli>\n\u003Cli>UNLIMITED hack cleanups\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>WordPress Website Protection\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Blocks hacker BOTS from attacking login page\u003C\u002Fli>\n\u003Cli>Identifies & blocks MALICIOUS traffic\u003C\u002Fli>\n\u003Cli>Enables users to HARDEN their WordPress sites\u003C\u002Fli>\n\u003Cli>Enables users to block ENTIRE countries\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Easy to Use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set up an account in 60 secs\u003C\u002Fli>\n\u003Cli>Configure security once & never look at it again\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Agile & responsive customer support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Is MalCare Such a Game-Changer?\u003C\u002Fh3>\n\u003Cp>MalCare offers unparalleled security services. Some services are free and others are paid.\u003C\u002Fp>\n\u003Ch4>MalCare’s FREE Services –\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Ch4>Cloud-Based Malware Scanning (Free)\u003C\u002Fh4>\n\u003Cp>MalCare’s Cloud-based Scanning ensures no impact on your website ever. Moreover, it detects Complex Malware missed by other popular security plugins for WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Web-Application WordPress Firewall (Free)\u003C\u002Fh4>\n\u003Cp>Get Real-Time Protection for your WordPress website against the latest security threats with MalCare’s Smart Firewall. Block hackers & bots before they harm your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>CAPTCHA-Based Login Page Protection (Free)\u003C\u002Fh4>\n\u003Cp>Automatically prevent brute force attacks with MalCare’s Smart Captcha-Based Login Page Protection. Round-the-clock protection against malicious traffic.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>MalCare’s PAID Services –\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Ch4>Viewing Hacked Files (Paid)\u003C\u002Fh4>\n\u003Cp>View the infected files present on your WordPress website. Learn which themes or plugins or files or folders were infected by hackers.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Industry-First Instant Malware Removal (Paid)\u003C\u002Fh4>\n\u003Cp>Clean your hacked site instantly in less than 60 secs with MalCare’s 1-Click Cleaner. Clean your website before Google blacklists it or your web host takes it down.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>WordPress Recommended Website Hardening (Paid)\u003C\u002Fh4>\n\u003Cp>Easily configure WordPress recommended best security practices with just 1-Click from right within MalCare’s dashboard. No technical knowledge needed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Geo-blocking (Paid)\u003C\u002Fh4>\n\u003Cp>Restrict access to users based on their geographical location. Easily block all visitors from certain countries to mitigate the risk of being hacked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Uptime Monitoring (Paid)\u003C\u002Fh4>\n\u003Cp>With MalCare’s Uptime Monitoring keep a steady eye on your WordPress site. It ensures that you are not oblivious to website downtime.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Common Hack Attacks Prevented By MalCare\u003C\u002Fh3>\n\u003Cp>MalCare protects websites against all common hack attacks which includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-brute-force\u002F\" rel=\"nofollow ugc\">Brute force attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fjapanese-keyword-hack\u002F\" rel=\"nofollow ugc\">Japanese keyword hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-hacked-redirect\u002F\" rel=\"nofollow ugc\">WordPress redirect hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwhat-is-pharma-hack-how-to-clean-it\u002F\" rel=\"nofollow ugc\">Pharma hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fseo-spam\u002F\" rel=\"nofollow ugc\">SEO spam hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-theme-hacked\u002F\" rel=\"nofollow ugc\">WordPress theme hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fspam-link-injection-wordpress\u002F\" rel=\"nofollow ugc\">WordPress spam link injections\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Frevslider-exploit\u002F\" rel=\"nofollow ugc\">Revslider hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-timthumb\u002F\" rel=\"nofollow ugc\">TimThumb hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fadminer-php-hack\u002F\" rel=\"nofollow ugc\">Adminer.php hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fcross-site-scripting-xss-attacks-what-how-prevent-them\u002F\" rel=\"nofollow ugc\">XSS or cross-site scripting hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fhow-to-detect-and-remove-wp-vcd-malware-a-step-by-step-guide-and-a-bonus-plugin\u002F\" rel=\"nofollow ugc\">WP-VCD hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fpreventing-sql-injections\u002F\" rel=\"nofollow ugc\">SQL injection hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-malvertising\u002F\" rel=\"nofollow ugc\">WordPress malvertising hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fremove-google-blacklist-warning\u002F\" rel=\"nofollow ugc\">Google Blacklist hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fgoogle-adwords-account-suspended\u002F\" rel=\"nofollow ugc\">Google Adwords hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fsession-hijacking-cookie-stealing\u002F\" rel=\"nofollow ugc\">Cookie stealing & session hijacking\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fhow-to-remove-phishing\u002F\" rel=\"nofollow ugc\">WordPress phishing hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Ffavicon-ico-virus-wordpress\u002F\" rel=\"nofollow ugc\">Favicon.ico virus hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fremoving-wp-feed-php-malware\u002F\" rel=\"nofollow ugc\">WP-Feed.php & WP-Tmp.php\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fhow-to-scan-malware-and-backdoors-of-your-wordpress-site\u002F\" rel=\"nofollow ugc\">Backdoor hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fcoinhive-malware-wordpress\u002F\" rel=\"nofollow ugc\">Coinhive hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fdeface-wordpress\u002F\" rel=\"nofollow ugc\">WordPress deface hack\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MalCare Free vs. MalCare Premium\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Ch4>Cloud Based Malware Scanner (FREE)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Cloud-Based Malware Scanning \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Deep Malware Scanning – Files & Database \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Website Firewall (FREE)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Web Application Firewall \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Plugin Based Firewall \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Rules update every 7 days \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Login Page Protection \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Bot Protection \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Rules update every 5 mins \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Geo-Blocking \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Website Hardening \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Instant Malware Removal (PAID)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View Malware Insights \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Instant One-Click Clean Ups \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Automatic Clean-Ups \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Unlimited Clean-Ups \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Personalized Customer Support (Paid)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support on WordPress forum \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Support via email and chat \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Who Can Benefit From MalCare?\u003C\u002Fh3>\n\u003Cp>MalCare is perfect for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Any WordPress Websites\u003C\u002Fli>\n\u003Cli>Small Business Websites\u003C\u002Fli>\n\u003Cli>Developer Websites\u003C\u002Fli>\n\u003Cli>Web Designing Websites\u003C\u002Fli>\n\u003Cli>eCommerce Stores\u003C\u002Fli>\n\u003Cli>Niche Sites\u003C\u002Fli>\n\u003Cli>Artists & Photographers Sites\u003C\u002Fli>\n\u003Cli>Amateur & Professional Bloggers\u003C\u002Fli>\n\u003Cli>Local Business Sites\u003C\u002Fli>\n\u003Cli>Website for Startups\u003C\u002Fli>\n\u003Cli>Websites Selling Courses\u003C\u002Fli>\n\u003Cli>Influencer Sites\u003C\u002Fli>\n\u003Cli>Web Hosting Companies\u003C\u002Fli>\n\u003Cli>Website Maintenance Services or Agencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Detailed Setup Step-by-Step Tutorials\u003C\u002Fh3>\n\u003Cp>This WordPress security plugin works in tandem with the \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\" rel=\"nofollow ugc\">MalCare\u003C\u002Fa> servers. MalCare servers do all the heavy processing and will alert you if your site has any security issues.\u003C\u002Fp>\n\u003Cp>Hence a MalCare account is needed to use the plugin. This account can also be used by our other products including \u003Ca href=\"https:\u002F\u002Fblogvault.net\" rel=\"nofollow ugc\">BlogVault\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Fsolutions\u002Farticles\u002F35000055512-how-do-i-set-up-a-malcare-account-\" rel=\"nofollow ugc\">How to Set Up a MalCare Account?\u003C\u002Fa> (Help Doc)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=v8L_DZllk7k&list=\" rel=\"nofollow ugc\">How to Set Up a MalCare Account?\u003C\u002Fa> (Video)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MalCare Full Security Features List\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Ch4>Cloud Based Malware Scanner\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Daily Scan Frequency\u003C\u002Fli>\n\u003Cli>On-demand Site Scans\u003C\u002Fli>\n\u003Cli>Scan Non-WP Files\u003C\u002Fli>\n\u003Cli>Does not slow down your website ever\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Instant Malware Removal\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View Hacked Files details\u003C\u002Fli>\n\u003Cli>Instant Automatic Malware Removal\u003C\u002Fli>\n\u003Cli>Removal of Unknown & New Malware\u003C\u002Fli>\n\u003Cli>Unlimited Malware Removal\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Intelligent Malware Protection\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Web Application Firewall\u003C\u002Fli>\n\u003Cli>IP Whitelisting\u003C\u002Fli>\n\u003Cli>CAPTCHA-based Login Page Protection\u003C\u002Fli>\n\u003Cli>Traffic Logs\u003C\u002Fli>\n\u003Cli>Login Logs\u003C\u002Fli>\n\u003Cli>Geo-Blocking\u003C\u002Fli>\n\u003Cli>Alerts for Suspicious Logins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Website Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block PHP Execution in Untrusted Folders\u003C\u002Fli>\n\u003Cli>Disable Files Editor\u003C\u002Fli>\n\u003Cli>Block Plugin or Theme Installation\u003C\u002Fli>\n\u003Cli>Change Security Keys\u003C\u002Fli>\n\u003Cli>Reset All Passwords\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Complete Website Management\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Centralized Dashboard\u003C\u002Fli>\n\u003Cli>Plugins & Themes Management & Update\u003C\u002Fli>\n\u003Cli>User Management\u003C\u002Fli>\n\u003Cli>Team Management\u003C\u002Fli>\n\u003Cli>Client Management\u003C\u002Fli>\n\u003Cli>Generate & Schedule Reports\u003C\u002Fli>\n\u003Cli>White-Labeling Solution\u003C\u002Fli>\n\u003Cli>Uptime Monitoring\u003C\u002Fli>\n\u003Cli>Site Speed Monitoring\u003C\u002Fli>\n\u003Cli>Blacklist Alarm\u003C\u002Fli>\n\u003Cli>Slack Integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Chat\u003C\u002Fli>\n\u003Cli>Social Media\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Fans Are Raving About Us\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvisualcomposer.com\u002Fblog\u002Fmalcare-review\u002F\" rel=\"nofollow ugc\">MalCare Review on VisualComposer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fresources\u002Fmalcare-security-and-firewall-the-right-security-plugin-for-your-site\" rel=\"nofollow ugc\">MalCare Review on ElegantThemes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fblog.weglot.com\u002Fideal-security-solution-malcare-review\u002F\" rel=\"nofollow ugc\">MalCare Review on Weglot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpwhitesecurity.com\u002Fmalcare-wordpress-site-security-service-reviewed\u002F\" rel=\"nofollow ugc\">MalCare Review on WPWhiteSecurity\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=2yNIb4Pc_ig\" rel=\"nofollow ugc\">MalCare Reviews by WordPress Influencer Adam Preiser (Plus Real Malware Removal Demo)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Connect With Our Team of Security Experts\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWordPressForWebCreators\u002F\" rel=\"nofollow ugc\">Join MalCare’s Facebook Community\u003C\u002Fa> – The purpose of the group is to enable Web Creators to gain valuable insights and help from community members which will be valuable to their business. So, if you are a WordPress user & want to keep up with the latest industry news and get help for your business, \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWordPressForWebCreators\u002F\" rel=\"nofollow ugc\">join us\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch3>Don’t Know Where to Getting Started? Start From Here –\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Fsolutions\u002Farticles\u002F35000055512-how-do-i-set-up-a-malcare-account-\" rel=\"nofollow ugc\">How to Setup MalCare Account?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWordPressForWebCreators\u002F\" rel=\"nofollow ugc\">Join MalCare Facebook Group MalCare\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUC5oQAXXvndQJuyVrWgMRWqg\" rel=\"nofollow ugc\">MalCare Tutorial Videos\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Fhome\" rel=\"nofollow ugc\">User Help Documentations\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Ffaq\u002F\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Ftickets\u002Fnew\" rel=\"nofollow ugc\">Support for MalCare Users\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MalCare vs. Others\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002Fblog\u002Fsucuri-vs-wordfence-vs-malcare\u002F\" rel=\"nofollow ugc\">MalCare vs Sucuri vs Wordfence by CodeinWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmayor.com\u002Fmalcare-sucuri-wordfence-sitelock-ithemes-security-comparison\u002F\" rel=\"nofollow ugc\">MalCare vs Sucuri vs Wordfence vs SiteLock vs iThemes Security by WPMayor\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Get Bulletproof Security for your WordPress site. WordPress security plugin packed with comprehensive Firewall, malware scanner, cleaner & more.",200000,17387894,86,519,"2026-01-29T13:26:00.000Z","6.9.4","4.0","7.0",[21,70,71,72,24],"malware-removal","malware-scanner","vulnerabilities","https:\u002F\u002Fwww.malcare.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmalcare-security.6.36.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":34,"num_ratings":85,"last_updated":86,"tested_up_to":66,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":92,"download_link":93,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"advanced-ip-blocker","Advanced IP Blocker","8.9.2","IniLerm","https:\u002F\u002Fprofiles.wordpress.org\u002Finilerm\u002F","\u003Cp>\u003Cstrong>Advanced IP Blocker\u003C\u002Fstrong> is your all-in-one security solution to safeguard your WordPress website from a wide range of threats. This plugin provides a comprehensive suite of tools to automatically detect and block malicious activity, including brute-force attacks, vulnerability scanning, and spam bots. With its intuitive interface, you can easily manage whitelists, blocklists, and view detailed security logs to understand exactly how your site is being protected.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Important Note on PHP Version:\u003C\u002Fstrong>\u003Cbr \u002F>\n  To ensure maximum security and access to all features, we strongly recommend using \u003Cstrong>PHP 8.1 or higher\u003C\u002Fstrong>. Some advanced features (like the local MaxMind database or full 2FA management via WP-CLI) require PHP 8.1.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n*   \u003Cstrong>(NEW) Country Selector Copy\u002FPaste:\u003C\u002Fstrong> Say goodbye to manually selecting 50+ countries. You can now instantly copy and paste a raw list of 2-letter country codes directly into Geoblocking, Geo-Challenge, and Whitelist Login fields.\u003Cbr \u002F>\n*   \u003Cstrong>(NEW) AIB Cloud Network V3:\u003C\u002Fstrong> Upgrade to the next-generation distributed threat intelligence network. The new API V3 provides secure, individual API Keys per site, drastically improving synchronization reliability, threat telemetry, and global network stability.\u003Cbr \u002F>\n*   \u003Cstrong>(NEW) Whitelist Login Countries:\u003C\u002Fstrong> Take absolute control over administrative access. Easily restrict your WordPress login page and XML-RPC to only allow connections from specific, whitelisted countries, instantly blocking unauthorized foreign login attempts.\u003Cbr \u002F>\n*   \u003Cstrong>(IMPROVED) Bulk Import\u002FExport for Blocked IPs & Whitelist:\u003C\u002Fstrong> Seamlessly import massive lists of IPs via CSV or manual entry. The system now features a bulletproof “Bulk Import” type, strict duration inheritance, and intelligent conflict resolution.\u003Cbr \u002F>\n*   \u003Cstrong>(NEW) Internal Security & Forensics:\u003C\u002Fstrong> A complete audit suite solely for WordPress. Track every sensitive event (plugin installs, settings changes, user logins) and monitor your critical files for unauthorized modifications with the integrated File Integrity Monitor.\u003Cbr \u002F>\n*   \u003Cstrong>(NEW) Activity Audit Log:\u003C\u002Fstrong> Gain complete visibility into what’s happening on your site. Who deactivated a plugin? Who changed a setting? The Audit Log answers these questions with timestamped, immutable records.\u003Cbr \u002F>\n*   \u003Cstrong>(NEW) Deep Scan Email Reports:\u003C\u002Fstrong> Get a weekly security summary delivered to your inbox, detailing pending updates, vulnerability status, and recent attack trends.\u003Cbr \u002F>\n*   \u003Cstrong>Username Blocking & Rules:\u003C\u002Fstrong> Gain granular control over login security. Creating Advanced Rules to block, challenge, or score specific usernames (e.g., “admin”, “test”).\u003Cbr \u002F>\n*   \u003Cstrong>Enhanced Lockdown Notifications:\u003C\u002Fstrong> Distributed Lockdowns (404\u002F403) now fully support Email and Push notifications, ensuring you never miss a critical security event.\u003Cbr \u002F>\n*   \u003Cstrong>Improved Logging:\u003C\u002Fstrong> New “Endpoint Challenge” event type provides deeper visibility into challenges served during automated lockdowns.\u003Cbr \u002F>\n*   \u003Cstrong>Server IP Reputation Check. Instantly audit your web server’s IP address against major blacklists (Spamhaus, AbuseIPDB) to diagnose SEO and email delivery issues.\u003Cbr \u002F>\n*   **HTTP Security Headers.\u003C\u002Fstrong> Easily configure essential security headers like HSTS, X-Frame-Options, and Permissions-Policy to harden your site against clickjacking, sniffing, and other browser-based attacks. Includes a “Report-Only” mode for CSP.\u003Cbr \u002F>\n*   \u003Cstrong>Site Health & Vulnerability Scanner. Audit your WordPress environment instantly. Detects outdated plugins, insecure PHP versions, and checks your installed plugins against a database of 30,000+ known vulnerabilities.\u003Cbr \u002F>\n*   **PERFORMANCE BOOST: High-Speed Community Database. Migrated the “Community Defense Network” blocklist to a dedicated, indexed database table. This allows checking thousands of malicious IPs in microseconds with zero impact on site memory usage.\u003Cbr \u002F>\n*   **WordPress 6.9 Ready. Fully tested and compatible with the latest WordPress core update.\u003Cbr \u002F>\n*   **Community Defense Network. Join forces with other WordPress admins. The plugin now shares anonymous attack data to build a global, real-time blocklist of verified threats. Protect your site with community-powered intelligence.\u003Cbr \u002F>\n*   **Auto-Cleaning Logic. Smart expiration handling ensures your blocklists stay fresh and performant, automatically removing stale IPs from both the database and external firewalls (Cloudflare\u002F.htaccess).\u003Cbr \u002F>\n*   **Cloud Edge Defense (Cloudflare). Connect your site directly to Cloudflare’s global network. Automatically sync your blocklists to the cloud to stop attackers before they reach your server. Zero server load protection.\u003Cbr \u002F>\n*   **Server-Level Firewall (.htaccess). Extreme performance upgrade. Write blocking rules and file hardening protections directly to your .htaccess file. Blocks threats instantly without loading PHP or WordPress.\u003Cbr \u002F>\n*   **IMPROVED: Smart Bot Verification. Enhanced logic to correctly identify legitimate traffic from iOS devices (iCloud Private Relay) and social media previews, eliminating false positives while keeping impostors out.\u003Cbr \u002F>\n*   **File Hardening.\u003C\u002Fstrong> Protect your most sensitive files (\u003Ccode>wp-config.php\u003C\u002Fcode>, \u003Ccode>readme.html\u003C\u002Fcode>, \u003Ccode>.git\u003C\u002Fcode>) at the server level with a single click.\u003Cbr \u002F>\n*   \u003Cstrong>AbuseIPDB Integration.\u003C\u002Fstrong> Proactively block attackers before they strike. The plugin can now check visitor IPs against AbuseIPDB’s real-time, crowdsourced database of malicious IPs and block those with a high abuse score on their very first request.\u003Cbr \u002F>\n*   \u003Cstrong>Edge Firewall Mode!\u003C\u002Fstrong> Protect any PHP file or standalone application within your WordPress directory (even if it’s not part of WordPress). Ideal for securing custom scripts, legacy applications, or folders like \u003Ccode>\u002Fscan\u002F\u003C\u002Fcode>. (Requires manual configuration).\u003Cbr \u002F>\n*   \u003Cstrong>Advanced Rules Engine!\u003C\u002Fstrong> Create powerful, custom security rules with multiple conditions (IP, Country, ASN, URI, User-Agent) and actions (Block, Challenge, or add Threat Score).\u003Cbr \u002F>\n*   \u003Cstrong>Known Bot Verification.\u003C\u002Fstrong> A powerful new security layer that uses reverse DNS lookups to verify legitimate crawlers like Googlebot and Bingbot. This completely neutralizes attackers who try to bypass security rules by faking their User-Agent, assigning high threat scores to impostors.\u003Cbr \u002F>\n*   \u003Cstrong>Onboarding Setup Wizard.\u003C\u002Fstrong> A brand new step-by-step wizard that guides new users through the essential security configurations (IP whitelisting, WAF, and bot traps) in under a minute, ensuring a strong security posture from day one.\u003Cbr \u002F>\n*   \u003Cstrong>Major Refactor: Codebase Modernization.\u003C\u002Fstrong> The entire plugin architecture has been refactored into a modern, modular structure. Logic for admin pages, AJAX, actions, and settings is now handled by dedicated classes, making the plugin more stable, performant, and easier to maintain and extend in the future.\u003Cbr \u002F>\n*   \u003Cstrong>Advanced IP Spoofing Protection.\u003C\u002Fstrong> A zero-trust “Trusted Proxies” system ensures the plugin always identifies the true visitor IP, even behind complex setups like Cloudflare or a custom reverse proxy. It neutralizes attacks that attempt to fake their IP, preventing block evasion and the framing of innocent users.\u003Cbr \u002F>\n*   \u003Cstrong>Geo-Challenge.\u003C\u002Fstrong> A smarter way to handle traffic from high-risk countries. Instead of a hard block, it presents a quick, invisible JavaScript challenge that stops bots but is seamless for human visitors. This reduces unwanted traffic without affecting potential legitimate users.\u003Cbr \u002F>\n*   \u003Cstrong>ENHANCEMENT: Full Bulk-Action Support.\u003C\u002Fstrong> IP management is now faster than ever. Both the Whitelist and the Blocked IPs list now support full bulk actions, allowing you to select and remove multiple entries at once, or unblock all IPs with a single click.\u003Cbr \u002F>\n*   \u003Cstrong>Endpoint Lockdown Mode:\u003C\u002Fstrong> Automatically shields \u003Ccode>wp-login.php\u003C\u002Fcode> and \u003Ccode>xmlrpc.php\u003C\u002Fcode> with a JavaScript challenge during sustained distributed attacks, preventing server overload.\u003Cbr \u002F>\n*   \u003Cstrong>Two-Factor Authentication (2FA):\u003C\u002Fstrong> Secure user accounts with industry-standard TOTP authentication, backup codes, role enforcement, and a central admin management dashboard.\u003Cbr \u002F>\n*   \u003Cstrong>IP Trust & Threat Scoring System:\u003C\u002Fstrong> An intelligent defense that assigns “threat points” to IPs for malicious actions, blocking them only when they reach a configurable score. More accurate and context-aware than simple rules.\u003Cbr \u002F>\n*   \u003Cstrong>Attack Signature Engine (Beta):\u003C\u002Fstrong> Proactively stops distributed botnet attacks by identifying and blocking the attacker’s “fingerprint” (signature) instead of just individual IPs.\u003Cbr \u002F>\n*   \u003Cstrong>Web Application Firewall (WAF):\u003C\u002Fstrong> Block malicious requests (SQLi, XSS, etc.) with a customizable ruleset.\u003Cbr \u002F>\n*   \u003Cstrong>And much more:\u003C\u002Fstrong> Rate Limiting, Country & ASN Blocking (with Spamhaus support), ASN Whitelisting, Push Notifications, Google reCAPTCHA, Honeypots, Active User Session Management, and Full WP-CLI Support.\u003C\u002Fp>\n","A complete WordPress security firewall: blocks IPs, bots & countries. Includes an intelligent WAF, Threat Scoring, Geo-Challenge, 2FA, and Anti-Sp …",1000,20374,15,"2026-03-15T09:30:00.000Z","6.7","8.1",[90,21,22,23,91],"country-block","waf","https:\u002F\u002Fadvaipbl.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-ip-blocker.8.9.2.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":83,"downloaded":102,"rating":13,"num_ratings":103,"last_updated":104,"tested_up_to":66,"requires_at_least":105,"requires_php":68,"tags":106,"homepage":109,"download_link":110,"security_score":111,"vuln_count":112,"unpatched_count":27,"last_vuln_date":113,"fetched_at":29},"injection-guard","Injection Guard","1.3.0","Fahad Mahmood","https:\u002F\u002Fprofiles.wordpress.org\u002Ffahadmahmood\u002F","\u003Cp>\u003Cstrong>Author:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.androidbubbles.com\u002Fcontact\" rel=\"nofollow ugc\">Fahad Mahmood\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Project URI:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.androidbubbles.com\u002Fextends\u002Fwordpress\u002Fplugins\u002Finjection-guard\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.androidbubbles.com\u002Fextends\u002Fwordpress\u002Fplugins\u002Finjection-guard\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>License:\u003C\u002Fstrong> GPL v3\u003C\u002Fp>\n\u003Cp>Injection Guard is a WordPress plugin designed to block malicious query string attacks and suspicious URL parameters. It logs all incoming attempts, blocks harmful parameters, and adds extra security intelligence to your WordPress admin—like user session tracking and capability audit.\u003C\u002Fp>\n\u003Cp>The plugin uses the \u003Ccode>ig_\u003C\u002Fcode> prefix for database keys and functions, follows WordPress coding standards, and supports multiple languages. It’s compatible with pretty permalinks and helps in securing your site from automated bots and manual attacks.\u003C\u002Fp>\n\u003Ch3>Method A (Admin Panel)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Login to WordPress Admin > Plugins > Add New > Upload Plugin\u003C\u002Fli>\n\u003Cli>Upload the ZIP file and activate the plugin\u003C\u002Fli>\n\u003Cli>Go to Settings > IG Settings and click “Save Settings”\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Method B (Manual Upload)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download and unzip the plugin package\u003C\u002Fli>\n\u003Cli>Upload the folder to \u003Ccode>\u002Fwp-content\u002Fplugins\u002Finjection-guard\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Activate the plugin from the WordPress Dashboard\u003C\u002Fli>\n\u003Cli>Visit Settings > IG Settings to configure\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Logs all unique query strings attempting to penetrate your website\u003C\u002Fli>\n\u003Cli>Blocks malicious or unknown query parameters\u003C\u002Fli>\n\u003Cli>Tracks login, logout, session start and duration per user\u003C\u002Fli>\n\u003Cli>Capability audit report for all WordPress users\u003C\u002Fli>\n\u003Cli>Multi-language support (FR, DE, ES)\u003C\u002Fli>\n\u003Cli>Bootstrap-based admin UI and dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software licensed under the GNU GPL v2 or later.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with this plugin. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin blocks all unauthorized and irrelevant requests through query strings and provides extended session tracking and capability audit.",32926,4,"2026-03-14T21:13:00.000Z","3.0",[107,21,23,108,24],"anti-hacking","sql-injection","https:\u002F\u002Fwww.androidbubbles.com\u002Fextends\u002Fwordpress\u002Fplugins\u002Finjection-guard","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finjection-guard.1.3.0.zip",96,5,"2025-07-24 00:00:00",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":45,"downloaded":122,"rating":13,"num_ratings":14,"last_updated":123,"tested_up_to":16,"requires_at_least":124,"requires_php":51,"tags":125,"homepage":51,"download_link":128,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"guardify","Guardify Firewall","1.1.2","BitCleric","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoamuller23\u002F","\u003Cp>\u003Cstrong>Guardify\u003C\u002Fstrong> is a powerful WordPress firewall plugin designed to protect your website from a wide range of threats, including brute force attacks, SQL injections, malicious bots, and unauthorized access attempts. With an intuitive dashboard, detailed statistics, and advanced settings, Guardify empowers you to secure your site effortlessly.\u003C\u002Fp>\n\u003Ch3>🔐 Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Advanced Web Application Firewall (WAF)\u003C\u002Fstrong>\u003Cbr \u002F>\nIntercepts and filters all incoming traffic before it reaches WordPress. Blocks SQL injection, XSS, RFI, LFI, and other attack vectors.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Brute Force Attack Protection\u003C\u002Fstrong>\u003Cbr \u002F>\nBlocks repeated login attempts by limiting login frequency and analyzing IP reputation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>2-Factor Authentication (2FA)\u003C\u002Fstrong>\u003Cbr \u002F>\nAdds an extra layer of login security for admin users, using time-based one-time passwords (TOTP).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Real-Time Activity Logs\u003C\u002Fstrong>\u003Cbr \u002F>\nTrack login attempts, blocked IPs, suspicious requests, and system actions with detailed logs. View statistics by day, week, or month.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom IP Whitelisting & Blacklisting\u003C\u002Fstrong>\u003Cbr \u002F>\nControl access to your site by adding IPs or IP ranges to allow or deny lists. Includes temporary blocking for failed login attempts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>GeoIP Blocking\u003C\u002Fstrong>\u003Cbr \u002F>\nBlock or allow access from specific countries using the MaxMind GeoIP2 database integration.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bot Access Control\u003C\u002Fstrong>\u003Cbr \u002F>\nDetect and manage access from known bots, scrapers, and fake crawlers. Option to block non-human traffic.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Anti-PHP Injection & File Access Blocking\u003C\u002Fstrong>\u003Cbr \u002F>\nPrevents direct access to PHP files in sensitive directories such as \u003Ccode>\u002Fwp-includes\u002F\u003C\u002Fcode> and \u003Ccode>\u002Fwp-content\u002Fuploads\u002F\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block Plugin and Theme Installation\u003C\u002Fstrong>\u003Cbr \u002F>\nRestrict installation of new plugins and themes via the WordPress dashboard — even by administrators. This helps prevent unauthorized or accidental installation of insecure components. Manual installation via FTP remains possible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block Theme Editor\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable access to the Theme Editor (\u003Ccode>\u002Fwp-admin\u002Ftheme-editor.php\u003C\u002Fcode>) to prevent direct file editing. This minimizes the risk of malicious code injection or unintentional file corruption.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Forbidden Comment Words Filter\u003C\u002Fstrong>\u003Cbr \u002F>\nAutomatically mark comments as spam if they contain forbidden words or patterns (e.g., \u003Ccode>http\u003C\u002Fcode>, \u003Ccode>viagra\u003C\u002Fcode>, \u003Ccode>casino\u003C\u002Fcode>, \u003Ccode>porn\u003C\u002Fcode>). Helps drastically reduce comment spam by detecting common keywords and links.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Block IPs in .htaccess\u003C\u002Fstrong>\u003Cbr \u002F>\nWhen enabled, IPs that exceed the rate limit are automatically added to the \u003Ccode>.htaccess\u003C\u002Fcode> file for permanent blocking. This server-level block prevents any further requests. Use with care, as shared or corporate IPs may be affected.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Email Notifications\u003C\u002Fstrong>\u003Cbr \u002F>\nStay informed with email alerts about critical security events, such as admin login attempts or IP bans.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customizable Firewall Rules\u003C\u002Fstrong>\u003Cbr \u002F>\nAdvanced users can fine-tune rules with regex filters, HTTP method checks, user-agent filters, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User-Friendly Admin Interface\u003C\u002Fstrong>\u003Cbr \u002F>\nGuardify features a modern and intuitive UI built using native WordPress design language.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean Uninstall\u003C\u002Fstrong>\u003Cbr \u002F>\nAutomatically cleans up all data, logs, and settings when uninstalled—leaving your database clean.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Guardify is a powerful WordPress firewall plugin designed to protect your website from a wide range of threats, including brute force attacks, SQL inj …",480,"2025-06-04T19:22:00.000Z","5.0",[126,21,127,23,24],"brute-force-protection","ip-blocking","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fguardify.1.1.2.zip",{"attackSurface":130,"codeSignals":225,"taintFlows":247,"riskAssessment":294,"analyzedAt":301},{"hooks":131,"ajaxHandlers":181,"restRoutes":207,"shortcodes":208,"cronEvents":209,"entryPointCount":224,"unprotectedCount":27},[132,138,142,146,152,156,160,164,169,173,177],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_menu","add_admin_menu","includes\\class-admin.php",41,{"type":133,"name":139,"callback":140,"file":136,"line":141},"admin_init","register_settings",42,{"type":133,"name":143,"callback":144,"file":136,"line":145},"admin_enqueue_scripts","enqueue_admin_assets",43,{"type":147,"name":148,"callback":149,"file":150,"line":151},"filter","cron_schedules","closure","includes\\class-installer.php",46,{"type":147,"name":148,"callback":153,"file":154,"line":155},"add_cron_intervals","includes\\class-plugin.php",65,{"type":133,"name":157,"callback":158,"file":154,"line":159},"pmip_check_ips","check_and_block_ips",78,{"type":133,"name":161,"callback":162,"file":154,"line":163},"pmip_realtime_check_ips","real_time_block_ips",81,{"type":133,"name":165,"callback":166,"priority":167,"file":154,"line":168},"wordfence_security_event","handle_wordfence_event",8,84,{"type":133,"name":170,"callback":171,"file":154,"line":172},"admin_notices","check_requirements",87,{"type":133,"name":174,"callback":175,"file":176,"line":137},"plugins_loaded","pmip_blocker_init","polar-mass-advanced-ip-blocker.php",{"type":133,"name":178,"callback":179,"file":176,"line":180},"init","pmip_blocker_load_textdomain",51,[182,188,192,195,199,203],{"action":183,"nopriv":184,"callback":185,"hasNonce":186,"hasCapCheck":186,"file":136,"line":187},"pmip_register_cron",false,"ajax_register_cron",true,44,{"action":189,"nopriv":184,"callback":190,"hasNonce":186,"hasCapCheck":186,"file":136,"line":191},"pmip_block_ip","ajax_block_ip",45,{"action":193,"nopriv":184,"callback":194,"hasNonce":186,"hasCapCheck":186,"file":136,"line":151},"pmip_unblock_ip","ajax_unblock_ip",{"action":196,"nopriv":184,"callback":197,"hasNonce":186,"hasCapCheck":186,"file":136,"line":198},"pmip_sync_wordfence","ajax_sync_wordfence",47,{"action":200,"nopriv":184,"callback":201,"hasNonce":186,"hasCapCheck":184,"file":136,"line":202},"pmip_update_newsletter_status","ajax_update_newsletter_status",48,{"action":204,"nopriv":184,"callback":205,"hasNonce":186,"hasCapCheck":184,"file":136,"line":206},"pmip_export_logs","ajax_export_logs",49,[],[],[210,212,214,216,218,220,222],{"hook":157,"callback":157,"file":136,"line":211},270,{"hook":157,"callback":157,"file":136,"line":213},300,{"hook":161,"callback":161,"file":136,"line":215},304,{"hook":157,"callback":157,"file":150,"line":217},37,{"hook":219,"callback":219,"file":150,"line":141},"pmip_realtime_interval",{"hook":157,"callback":157,"file":154,"line":221},69,{"hook":161,"callback":161,"file":154,"line":223},74,6,{"dangerousFunctions":226,"sqlUsage":227,"outputEscaping":229,"fileOperations":244,"externalRequests":32,"nonceChecks":245,"capabilityChecks":112,"bundledLibraries":246},[],{"prepared":14,"raw":27,"locations":228},[],{"escaped":172,"rawEcho":224,"locations":230},[231,234,236,238,240,242],{"file":136,"line":232,"context":233},375,"raw output",{"file":154,"line":235,"context":233},101,{"file":154,"line":237,"context":233},113,{"file":154,"line":239,"context":233},131,{"file":154,"line":241,"context":233},145,{"file":154,"line":243,"context":233},159,3,9,[],[248,280],{"entryPoint":249,"graph":250,"unsanitizedCount":27,"severity":279},"save_settings (includes\\class-admin.php:243)",{"nodes":251,"edges":275},[252,257,262,264,268,272],{"id":253,"type":254,"label":255,"file":136,"line":256},"n0","source","$_POST[$field]",261,{"id":258,"type":259,"label":260,"file":136,"line":256,"wp_function":261},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":263,"type":254,"label":255,"file":136,"line":256},"n2",{"id":265,"type":259,"label":266,"file":136,"line":256,"wp_function":267},"n3","call_user_func() [RCE]","call_user_func",{"id":269,"type":254,"label":270,"file":136,"line":271},"n4","$_POST (x2)",267,{"id":273,"type":259,"label":260,"file":136,"line":274,"wp_function":261},"n5",268,[276,277,278],{"from":253,"to":258,"sanitized":186},{"from":263,"to":265,"sanitized":186},{"from":269,"to":273,"sanitized":186},"low",{"entryPoint":281,"graph":282,"unsanitizedCount":27,"severity":279},"\u003Cclass-admin> (includes\\class-admin.php:0)",{"nodes":283,"edges":290},[284,285,286,287,288,289],{"id":253,"type":254,"label":255,"file":136,"line":256},{"id":258,"type":259,"label":260,"file":136,"line":256,"wp_function":261},{"id":263,"type":254,"label":255,"file":136,"line":256},{"id":265,"type":259,"label":266,"file":136,"line":256,"wp_function":267},{"id":269,"type":254,"label":270,"file":136,"line":271},{"id":273,"type":259,"label":260,"file":136,"line":274,"wp_function":261},[291,292,293],{"from":253,"to":258,"sanitized":186},{"from":263,"to":265,"sanitized":186},{"from":269,"to":273,"sanitized":186},{"summary":295,"deductions":296},"The \"polar-mass-advanced-ip-blocker\" plugin version 1.0.1 exhibits a generally strong security posture based on the static analysis and vulnerability history.  A significant strength is the complete absence of unpatched CVEs and any recorded past vulnerabilities, suggesting a mature and well-maintained codebase. The plugin also demonstrates good security practices by utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. Furthermore, all identified entry points, including AJAX handlers, are protected by authentication checks.\n\nHowever, there are a few areas for potential improvement. While the attack surface of 6 AJAX handlers is relatively small, and all are protected, the presence of any unprotected entry points would be a concern. The plugin performs 3 file operations and 1 external HTTP request, which, while not inherently risky, represent potential avenues for exploitation if not handled with extreme care and robust validation.  The taint analysis found no unsanitized paths, which is a positive indicator. Overall, the plugin appears to be secure for its current version, with the primary concerns revolving around the handling of file operations and external requests, which are not explicitly detailed in terms of their security implementation within the provided data.",[297,299],{"reason":298,"points":103},"File operations present potential risk",{"reason":300,"points":244},"External HTTP requests can be risky","2026-03-16T21:17:17.938Z",{"wat":303,"direct":312},{"assetPaths":304,"generatorPatterns":307,"scriptPaths":308,"versionParams":309},[305,306],"\u002Fwp-content\u002Fplugins\u002Fpolar-mass-advanced-ip-blocker\u002Fassets\u002Fcss\u002Fadmin.min.css","\u002Fwp-content\u002Fplugins\u002Fpolar-mass-advanced-ip-blocker\u002Fassets\u002Fjs\u002Fadmin.min.js",[],[306],[310,311],"polar-mass-advanced-ip-blocker\u002Fassets\u002Fcss\u002Fadmin.min.css?ver=","polar-mass-advanced-ip-blocker\u002Fassets\u002Fjs\u002Fadmin.min.js?ver=",{"cssClasses":313,"htmlComments":314,"htmlAttributes":315,"restEndpoints":322,"jsGlobals":323,"shortcodeOutput":325},[],[],[316,317,318,319,320,321],"data-action=\"pmip_register_cron\"","data-action=\"pmip_block_ip\"","data-action=\"pmip_unblock_ip\"","data-action=\"pmip_sync_wordfence\"","data-action=\"pmip_update_newsletter_status\"","data-action=\"pmip_export_logs\"",[],[324],"pmipAdmin",[]]