[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fj08Gpll3BR0_ajfrLgOk8po2rPogkTlp-rJNl0tigZM":3,"$f_0R7iGsEAkijY57XkHi_MK5RQroJgZr-u_PpZxrLQno":205,"$fWHqbpN17tzqeCGVk0c5tQ-NBr3Z0zsFKjjMw7EsUt9Y":210},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":142,"fingerprints":189},"restrict-admin-login-by-country-grc","Restrict Admin Login by Country – GRC","1.6","Robert G.","https:\u002F\u002Fprofiles.wordpress.org\u002Frobertutzu\u002F","\u003Cp>This plugin protects your WordPress login area by restricting access to specific countries based on geolocation. It is especially useful for hardening security for roles such as administrator, shop manager, editor, and author.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Restricts logins for admin, shop manager, editor, and author roles based on IP geolocation.  \u003C\u002Fli>\n\u003Cli>Automatically whitelists the country where the plugin was first activated.  \u003C\u002Fli>\n\u003Cli>Settings page to manually select allowed countries.  \u003C\u002Fli>\n\u003Cli>Dynamically fetches a list of countries via a public API.  \u003C\u002Fli>\n\u003Cli>Lightweight and easy to configure.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Powered by \u003Ca href=\"https:\u002F\u002Fipinfo.io\" rel=\"nofollow ugc\">ipinfo.io\u003C\u002Fa> for IP geolocation detection.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on two external services to function properly. These services are used to identify user locations and provide country data for configuration purposes.\u003C\u002Fp>\n\u003Ch3>1. ipinfo.io\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What is the service used for?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Used to determine the geolocation (specifically, the country) of an IP address attempting to log in.\u003Cbr \u002F>\n– Ensures that only users from allowed countries can log in as administrator, shop manager, editor, or author.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when?\u003C\u002Fstrong>\u003Cbr \u002F>\n– The plugin sends the IP address of the user attempting to log in to \u003Ccode>ipinfo.io\u003C\u002Fcode> at the time of login.\u003Cbr \u002F>\n– This is done in real time to determine the user’s country and enforce access rules.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Provider:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Website: \u003Ca href=\"https:\u002F\u002Fipinfo.io\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u003C\u002Fa>\u003Cbr \u002F>\n– Terms of Service: \u003Ca href=\"https:\u002F\u002Fipinfo.io\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002Fterms\u003C\u002Fa>\u003Cbr \u002F>\n– Privacy Policy: \u003Ca href=\"https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>2. restcountries.com\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What is the service used for?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Used to dynamically fetch the list of countries (with country codes and names) displayed in the plugin settings.\u003Cbr \u002F>\n– Allows users to easily select which countries should be allowed for admin login access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when?\u003C\u002Fstrong>\u003Cbr \u002F>\n– No user data is sent.\u003Cbr \u002F>\n– The plugin performs a GET request to \u003Ccode>https:\u002F\u002Frestcountries.com\u002Fv3.1\u002Fall?fields=cca2,name\u003C\u002Fcode> to fetch a list of country codes and names during plugin settings initialization.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Provider:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Website: \u003Ca href=\"https:\u002F\u002Frestcountries.com\" rel=\"nofollow ugc\">https:\u002F\u002Frestcountries.com\u003C\u002Fa>\u003Cbr \u002F>\n– API Documentation: \u003Ca href=\"https:\u002F\u002Frestcountries.com\u002F#api-endpoints-v3-all\" rel=\"nofollow ugc\">https:\u002F\u002Frestcountries.com\u002F#api-endpoints-v3-all\u003C\u002Fa>\u003Cbr \u002F>\n– No specific privacy policy is published, as this is a public API that does not handle user-specific data.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fa> for details.\u003C\u002Fp>\n","Restrict admin, shop manager, editor, and author logins based on the user’s country. Automatically blocks access from non-authorized locations.",10,456,0,"2026-02-20T12:22:00.000Z","7.0","5.0","7.4",[19,20,21,22,23],"admin-login","country-restriction","geolocation","ipinfo","security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestrict-admin-login-by-country-grc.1.6.zip",100,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"robertutzu",2,110,30,94,"2026-05-19T19:15:36.369Z",[39,65,85,107,125],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":24,"tags":54,"homepage":24,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":13,"last_vuln_date":63,"fetched_at":64},"dologin","DoLogin Security","4.3","WPDO","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdo5ea\u002F","\u003Cp>In one click, your WordPress login page will be pretected with the smart brute force attack protection! Any login attempts more than 6 in 10 minutes (default value) will be limited.\u003C\u002Fp>\n\u003Cp>Limit the number of login attempts through both the login and the auth cookies.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Two-factor Authentication login.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Text SMS message passcode for 2nd step verification support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Cloudflare Turnstile (better than Google reCAPTCHA).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GeoLocation (Continent\u002FCountry\u002FCity) or IP range to limit login attempts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Passwordless login link.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Support Whitelist and Blacklist.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WooCommerce Login supported.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>XMLRPC gateway protection.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>API\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Call the function \u003Ccode>$link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'your plugin name or tag' ) : '';\u003C\u002Fcode> to generate one passwordless login link for the current user.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Call the function \u003Ccode>$link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'note\u002Ftip for this generation', $user_id ) : '';\u003C\u002Fcode> to generate a passwordless login link for the user which ID is \u003Ccode>$user_id\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The generated one-time used link will be expired after 7 days.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Define const \u003Ccode>SILENCE_INSTALL\u003C\u002Fcode> to avoid redirecting to setting page after installtion.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CLI\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>List all passwordless links: \u003Ccode>wp dologin list\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Generate a passwordless link for one username (for the login name \u003Ccode>root\u003C\u002Fcode>): \u003Ccode>wp dologin gen root\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Delete a passwordless link w\u002F the ID in list (for the record w\u002F ID 5): \u003Ccode>wp dologin del 5\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How GeoLocation works\u003C\u002Fh4>\n\u003Cp>When visitors hit the login page, this plugin will lookup the Geolocation info from API, compare the Geolocation setting (if has) with the whitelist\u002Fblacklist to decide if allow login attempts.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>The online IP lookup service is provided by https:\u002F\u002Fwww.doapi.us. The provider’s privacy policy is https:\u002F\u002Fwww.doapi.us\u002Fprivacy.\u003C\u002Fp>\n\u003Cp>Based on the original code from Limit Login Attemps plugin and Limit Login Attemps Reloaded plugin.\u003C\u002Fp>\n","Easy Login. 2FA login. Passwordless login. Cloudflare Turnstile reCAPTCHA. GeoLocation (Continent\u002FCountry\u002FCity)\u002FIP range to limit login attempts.",7000,164314,90,13,"2025-06-11T14:21:00.000Z","6.8.5","4.0",[55,56,57,58,59],"2fa-login","cloudflare-turnstile-recaptcha","easy-login","geolocation-login-limit","login-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdologin.4.3.zip",98,4,"2023-10-24 00:00:00","2026-04-16T10:56:18.058Z",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":49,"num_ratings":75,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":15,"tags":79,"homepage":83,"download_link":84,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":64},"woo-product-country-base-restrictions","Country Based Restrictions for WooCommerce","3.7.7","Zorem","https:\u002F\u002Fprofiles.wordpress.org\u002Fzorem\u002F","\u003Cp>\u003Cstrong>Country Based Restrictions for WooCommerce (CBR)\u003C\u002Fstrong> lets you control which products customers can see and purchase based on their country. Whether you need to comply with regional regulations, limit shipping to certain destinations, or create country-specific catalogs, CBR gives you per-product control using WooCommerce’s built-in geolocation.\u003C\u002Fp>\n\u003Cp>If a product shouldn’t be sold in a particular country — because of shipping limitations, legal requirements, licensing, or business strategy — CBR makes sure customers in that country either can’t see it or can’t buy it. No code required.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide Restricted Products Completely\u003C\u002Fstrong> — Remove products from your shop, search results, and catalog for customers in restricted countries. Products become invisible as if they don’t exist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide from Catalog, Keep Direct Links\u003C\u002Fstrong> — Remove products from shop pages and search, but still allow access via a direct URL. Useful for wholesale or private distribution.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visible but Not Purchasable\u003C\u002Fstrong> — Keep products visible in your shop and search results, but disable the Add to Cart button for restricted countries. Customers can browse but not buy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Product Include or Exclude Rules\u003C\u002Fstrong> — For each product, choose whether to allow it in specific countries (include) or block it in specific countries (exclude). Flexible enough for any restriction scenario.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Country Detection\u003C\u002Fstrong> — Uses WooCommerce Geolocation (IP-based) and the customer’s shipping address to determine their country — no manual input needed from the shopper.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong> — Fully translatable and compatible with multilingual stores.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Common Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Legal & Regulatory Compliance\u003C\u002Fstrong> — Block products that can’t legally be sold in certain countries (alcohol, supplements, electronics, age-restricted items).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shipping Limitations\u003C\u002Fstrong> — Don’t sell products in countries your logistics provider can’t deliver to. Avoid failed deliveries and refund requests.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Regional Licensing\u003C\u002Fstrong> — Restrict digital or licensed products to territories covered by your distribution agreement.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Country-Specific Catalogs\u003C\u002Fstrong> — Show different product selections to different markets, creating a tailored shopping experience per region.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Chargebacks & Wrong Orders\u003C\u002Fstrong> — Prevent customers from ordering products that can’t be fulfilled in their location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How Country Detection Works\u003C\u002Fh4>\n\u003Cp>CBR determines the customer’s country in this order:\u003C\u002Fp>\n\u003Col>\n\u003Cli>If the visitor is a \u003Cstrong>logged-in customer\u003C\u002Fstrong> with a shipping address on file, CBR uses that shipping country.\u003C\u002Fli>\n\u003Cli>If no shipping country is set (or the visitor is a guest), CBR falls back to \u003Cstrong>WooCommerce Geolocation\u003C\u002Fstrong> (IP-based detection).\u003C\u002Fli>\n\u003Cli>You can optionally force the plugin to always use geolocation only.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Upgrade to Country Based Restrictions PRO\u003C\u002Fh4>\n\u003Cp>Need to manage restrictions at scale? \u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fcountry-based-restriction-pro\u002F\" rel=\"nofollow ugc\">CBR PRO\u003C\u002Fa> adds powerful bulk tools and advanced controls:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bulk Restrictions by Category, Tag, Attribute, or Shipping Class\u003C\u002Fstrong> — Apply country rules to entire groups of products at once instead of editing each product individually.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Global (All Products) Restrictions\u003C\u002Fstrong> — Set a single rule that applies to your entire catalog.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Payment Methods by Country\u003C\u002Fstrong> — Control which payment gateways are available based on the customer’s country.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Product Prices for Restricted Products\u003C\u002Fstrong> — Instead of hiding the product entirely, hide only the price and Add to Cart button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Single Product Rules in Bulk\u003C\u002Fstrong> — Clean up individual product rules using bulk actions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Mode\u003C\u002Fstrong> — Display a front-end toolbar (visible to admins only) showing the detected country, so you can test restrictions without affecting customers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Country Detection Widget\u003C\u002Fstrong> — Display the detected shipping country to shoppers and let them change their location while browsing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fcountry-based-restriction-pro\u002F\" rel=\"nofollow ugc\">Get Country Based Restrictions PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Setup guides, configuration tutorials, and developer resources are available in the \u003Ca href=\"https:\u002F\u002Fdocs.zorem.com\u002Fdocs\u002Fcountry-based-restrictions-pro\u002F\" rel=\"nofollow ugc\">CBR documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Need help? Visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwoo-product-country-base-restrictions\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>More Plugins by Zorem\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fwoocommerce-advanced-shipment-tracking\u002F\" rel=\"nofollow ugc\">Advanced Shipment Tracking PRO\u003C\u002Fa> — Add tracking numbers to orders and share them with customers automatically.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fsms-for-woocommerce\u002F\" rel=\"nofollow ugc\">SMS for WooCommerce\u003C\u002Fa> — Send SMS order notifications to customers.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fzorem-local-pickup-pro\u002F\" rel=\"nofollow ugc\">Zorem Local Pickup Pro\u003C\u002Fa> — Local pickup and store pickup for WooCommerce.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fcustomer-email-verification-for-woocommerce\u002F\" rel=\"nofollow ugc\">Customer Email Verification for WooCommerce\u003C\u002Fa> — Verify customer emails during registration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fzorem-returns\u002F\" rel=\"nofollow ugc\">Zorem Returns\u003C\u002Fa> — Manage product returns and RMA requests.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Explore all plugins at \u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002F\" rel=\"nofollow ugc\">zorem.com\u003C\u002Fa>.\u003C\u002Fp>\n","Restrict WooCommerce products by country — hide or block purchases using geolocation so only customers in allowed countries can buy.",5000,225408,52,"2026-02-10T13:26:00.000Z","6.9.4","5.3",[20,21,80,81,82],"product-visibility","restrict-products","woocommerce","https:\u002F\u002Fwww.zorem.com\u002Fshop\u002Fwoocommerce-product-country-based-restrictions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-product-country-base-restrictions.3.7.7.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":26,"num_ratings":95,"last_updated":96,"tested_up_to":77,"requires_at_least":16,"requires_php":97,"tags":98,"homepage":102,"download_link":103,"security_score":104,"vuln_count":105,"unpatched_count":13,"last_vuln_date":106,"fetched_at":64},"advanced-country-blocker","Advanced Country Blocker","2.3.2","brstefanovic","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrstefanovic\u002F","\u003Cp>\u003Cstrong>Advanced Country Blocker\u003C\u002Fstrong> helps you secure your WordPress site by restricting access based on the visitor’s geolocation (country) or IP address. Upon activation, the plugin detects the activating admin’s country and automatically sets that as the only allowed country. All other visitors from different countries are blocked, unless they use a secret key parameter to temporarily whitelist their IP. Country detection uses the privacy-friendly ip-api.com service by default but can be switched to a fully offline MaxMind GeoLite2 (or compatible) database file once you configure a local copy.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatically allows the admin’s country\u003C\u002Fstrong> on plugin activation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible IP-to-country lookups\u003C\u002Fstrong> – start with the built-in ip-api.com integration and optionally switch to an offline MaxMind GeoLite2 Country (or compatible) \u003Ccode>.mmdb\u003C\u002Fcode> database file.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allowlist or blacklist mode\u003C\u002Fstrong> – choose whether the country list acts as an allowlist or blocklist without re-entering countries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Temporary access\u003C\u002Fstrong> via a customizable secret URL parameter (e.g., \u003Ccode>?MySecretKey=1\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CAPTCHA Challenge\u003C\u002Fstrong> – allow blocked visitors to solve a CAPTCHA to gain temporary access (supports Google reCAPTCHA v2\u002Fv3, hCaptcha, Cloudflare Turnstile).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Activity Monitor\u003C\u002Fstrong> – live dashboard showing active visitors, recent blocks, and traffic statistics.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – comprehensive charts and statistics about blocked attempts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual blacklisting and safelisting of IPs\u003C\u002Fstrong> for added security and to accommodate uptime monitors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional email alerts\u003C\u002Fstrong> when new visitors are blocked.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin bypass\u003C\u002Fstrong> so logged-in admins can always access the site (toggleable in the code).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed logging\u003C\u002Fstrong> of blocked attempts in a custom database table, displayed in the WP admin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom response controls\u003C\u002Fstrong> – personalise the block page title\u002Fmessage, choose the HTTP status (403, 410, 451) or redirect to any URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic log cleanup\u003C\u002Fstrong> with configurable retention plus a one-click “Clear Logs” button.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Use the plugin settings page (\u003Cstrong>Country Blocker\u003C\u002Fstrong> menu in WP admin) to configure the list of allowed countries, blacklisted countries, blacklisted IPs, and whether email alerts are enabled.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is open-sourced software licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GPLv3 or later\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>By default this plugin contacts the ip-api.com geolocation service to detect visitor countries. You can disable all external lookups by switching the IP lookup method to the local MaxMind database in the settings.\u003C\u002Fp>\n","An advanced security plugin that blocks website visitors by country, with additional features like blacklisting, logging blocked attempts, admin bypas &hellip;",2000,12575,6,"2026-02-06T09:04:00.000Z","7.2",[99,100,21,101,23],"blocking","country","ip-blocking","https:\u002F\u002Fsparkcan.com\u002Facb.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-country-blocker.2.3.2.zip",99,1,"2026-02-06 20:24:09",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":61,"num_ratings":35,"last_updated":117,"tested_up_to":77,"requires_at_least":118,"requires_php":24,"tags":119,"homepage":123,"download_link":124,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":64},"cloudguard","CloudGuard","1.4.6","pipdig","https:\u002F\u002Fprofiles.wordpress.org\u002Fpipdig\u002F","\u003Cp>Use the power of the cloud and a global CDN to restrict access to your login page.\u003C\u002Fp>\n\u003Cp>CloudGuard brings global and cloud driven protection to your login page. Using Cloudflare’s free Geolocation service, this super lightweight plugin restricts access to your login page, allowing access to only your chosen countries.  This means that any login attempts from the rest of the world will be automatically blocked.\u003C\u002Fp>\n\u003Cp>Additionally, this plugin tracks any unauthorized login attempts and displays them on a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcloudguard\u002Fscreenshots\u002F\" rel=\"ugc\">world map\u003C\u002Fa> in your dashboard.\u003C\u002Fp>\n\u003Ch3>Main Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Protect your login page globally.\u003C\u002Fli>\n\u003Cli>Reduce server load.\u003C\u002Fli>\n\u003Cli>Country based IP ranges constantly updated by Cloudflare.\u003C\u002Fli>\n\u003Cli>Monitor login attempts via your dashboard.\u003C\u002Fli>\n\u003Cli>Block access to the login page or redirect to a URL.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Cloudflare’s Geolocation?\u003C\u002Fh3>\n\u003Cp>There are other plugins which can \u003Cstrong>restrict your login page by geographic location\u003C\u002Fstrong>. However, these plugins use your server to detect the IP and compare this to a geographic location. This adds extra overhead to your site, takes up space on your server, and requires frequent updates to keep the IP list relevant.\u003C\u002Fp>\n\u003Cp>CloudGuard is different. Since we leverage Cloudflare’s geolocation service, your server simply has to read the data, rather than compute and store it locally. Cloudflare does the grunt work, leaving your site safe, secure and optimized.\u003C\u002Fp>\n\u003Cp>Note: This plugin requires that you have an account (including the free option) on \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\" rel=\"nofollow ugc\">Cloudflare\u003C\u002Fa> with \u003Ca href=\"https:\u002F\u002Fsupport.cloudflare.com\u002Fhc\u002Fen-us\u002Farticles\u002F200168236-What-does-Cloudflare-IP-Geolocation-do-\" rel=\"nofollow ugc\">Geolocation\u003C\u002Fa> enabled.\u003C\u002Fp>\n\u003Cp>This free plugin is brought to you by \u003Ca href=\"https:\u002F\u002Fwww.pipdig.co\u002F\" rel=\"nofollow ugc\">pipdig\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fcloudguard?rate=5#postform\" rel=\"ugc\">leaving a 5-star rating\u003C\u002Fa> if this plugin has helped you.\u003C\u002Fp>\n","Use Cloudflare's free geolocation service to restrict access to your site's login page.",1000,28575,"2025-12-03T16:06:00.000Z","4.9",[120,21,121,122,23],"cloudflare","ip","login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcloudguard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudguard.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":26,"num_ratings":105,"last_updated":135,"tested_up_to":52,"requires_at_least":16,"requires_php":97,"tags":136,"homepage":140,"download_link":141,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":64},"geo-blocker","Geo Blocker – Control Site Access by Region and IP","1.0.0","Mohamed Shili","https:\u002F\u002Fprofiles.wordpress.org\u002Fmedshi8\u002F","\u003Cp>🔐 Block or allow visitors by country. Track access attempts. View analytics. Stay in control — effortlessly.\u003C\u002Fp>\n\u003Ch3>🧠 Description\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Geo Blocker\u003C\u002Fstrong> gives you full control over who can access your WordPress site — based on visitor country and IP. Whether you’re protecting content, reducing attack surface, or managing regional access, this plugin does it with precision and clarity.\u003C\u002Fp>\n\u003Cp>🎯 Designed for performance, security, and ease of use.\u003Cbr \u002F>\n📊 Built-in analytics and access logs.\u003Cbr \u002F>\n🧭 Never get locked out — admin-safe bypass included.\u003C\u002Fp>\n\u003Ch3>🚀 Features\u003C\u002Fh3>\n\u003Ch3>✅ Access Control That Makes Sense\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Selected Countries\u003C\u002Fstrong> – deny access to specific regions  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allow Selected Countries\u003C\u002Fstrong> – restrict site only to approved countries  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🧩 Smart Blocking Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>📜 Show custom message  \u003C\u002Fli>\n\u003Cli>🔁 Redirect to a URL  \u003C\u002Fli>\n\u003Cli>🚫 Send HTTP 403 Forbidden response  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 Visual Country Selector\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Flag icons & search bar for quick targeting  \u003C\u002Fli>\n\u003Cli>Filter by continent (Africa, Asia, Europe, etc.)  \u003C\u002Fli>\n\u003Cli>One-click select\u002Fdeselect all  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📈 Analytics Dashboard\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Summary cards: total visits, blocks, IPs  \u003C\u002Fli>\n\u003Cli>Hourly charts for real-time insights  \u003C\u002Fli>\n\u003Cli>Filter by date range & data type (accesses, unique IPs, etc.)  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 Detailed Logs\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>See IP, country, URL, status, user agent  \u003C\u002Fli>\n\u003Cli>Filters out common junk (favicon, robots.txt)  \u003C\u002Fli>\n\u003Cli>Admin visits are auto-ignored to reduce noise  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ Admin-Proof Bypass URL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Special URL with bypass parameter to access login anytime  \u003C\u002Fli>\n\u003Cli>Prevents accidental lockouts  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔄 Data Export & Log Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Export logs in CSV or JSON  \u003C\u002Fli>\n\u003Cli>Clear logs with a single click  \u003C\u002Fli>\n\u003Cli>Sort & search logs in the UI\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses a third-party API to determine the visitor’s country based on their IP address.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service used:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwho.is\" rel=\"nofollow ugc\">IPWho.is\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To perform IP geolocation and detect the country of each visitor, allowing the plugin to block or allow access accordingly.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent:\u003C\u002Fstrong> The visitor’s IP address is sent to the IPWho.is API on page load when geo-blocking is active.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwhois.io\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fipwhois.io\u002Fterms\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fipwhois.io\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fipwhois.io\u002Fprivacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🖥️ Screenshots\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>📊 Dashboard Overview\u003C\u002Fstrong> – See country blocks, allowed hits & total attempts   \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔧 Blocking Rules\u003C\u002Fstrong> – Choose block mode, action type, and targets. Enable or disable countries visually\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📉 Analytics Graphs\u003C\u002Fstrong> – View access by time, state, and IP 5. \u003Cstrong>📑 Logs Table\u003C\u002Fstrong> – Deep insights with full logs of visitor attempts. Export CSV\u002FJSON logs with one click\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>📦 Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the plugin folder to \u003Ccode>\u002Fwp-content\u002Fplugins\u002Fgeo-blocker\u003C\u002Fcode>  \u003C\u002Fli>\n\u003Cli>Activate via \u003Cstrong>Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Installed Plugins\u003C\u002Fstrong>  \u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Geo Blocker\u003C\u002Fstrong>  \u003C\u002Fli>\n\u003Cli>Enable Geo Blocking using the toggle  \u003C\u002Fli>\n\u003Cli>Choose between \u003Cstrong>block\u003C\u002Fstrong> or \u003Cstrong>allow\u003C\u002Fstrong> mode  \u003C\u002Fli>\n\u003Cli>Select countries using the visual interface  \u003C\u002Fli>\n\u003Cli>Pick your blocking action (message, redirect, or 403)  \u003C\u002Fli>\n\u003Cli>Save settings — done!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>❓ Frequently Asked Questions\u003C\u002Fh3>\n\u003Ch3>How does Geo Blocker detect country?\u003C\u002Fh3>\n\u003Cp>It uses the reliable \u003Cstrong>IpWhoIs API\u003C\u002Fstrong> to fetch country data based on the visitor’s IP.\u003C\u002Fp>\n\u003Ch3>Will it slow down my site?\u003C\u002Fh3>\n\u003Cp>Nope. It’s optimized with \u003Cstrong>transient caching\u003C\u002Fstrong> and smart triggers — no unnecessary lookups.\u003C\u002Fp>\n\u003Ch3>Can I lock myself out?\u003C\u002Fh3>\n\u003Cp>No. There’s a \u003Cstrong>login bypass URL\u003C\u002Fstrong> generated for administrators — shown right on the dashboard.\u003C\u002Fp>\n\u003Ch3>Can I block specific pages?\u003C\u002Fh3>\n\u003Cp>Not yet — current version works site-wide. Per-page rules may come in a future update.\u003C\u002Fp>\n\u003Ch3>Can I export visitor logs?\u003C\u002Fh3>\n\u003Cp>Yes. Logs can be exported in \u003Cstrong>CSV or JSON\u003C\u002Fstrong> format directly from the Logs tab.\u003C\u002Fp>\n\u003Ch3>Does it work with caching plugins?\u003C\u002Fh3>\n\u003Cp>Yes, but you may need to \u003Cstrong>exclude the plugin’s logic\u003C\u002Fstrong> from caching. Dynamic geo checks should not be cached.\u003C\u002Fp>\n\u003Ch3>🗂️ Changelog\u003C\u002Fh3>\n\u003Ch4>1.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🎉 Initial release with all core features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛡️ Additional Notes\u003C\u002Fh3>\n\u003Ch3>Emergency Bypass\u003C\u002Fh3>\n\u003Cp>Every admin gets a custom bypass link to avoid accidental lockouts. It’s always visible in the dashboard.\u003C\u002Fp>\n\u003Ch3>Blocking Actions\u003C\u002Fh3>\n\u003Cp>Choose the experience blocked users receive:\u003Cbr \u002F>\n– Custom message\u003Cbr \u002F>\n– Redirect to another URL\u003Cbr \u002F>\n– Send 403 Forbidden header\u003C\u002Fp>\n\u003Ch3>Logs & Privacy\u003C\u002Fh3>\n\u003Cp>Logs are stored locally in your WordPress database. The plugin sends only the visitor’s IP to IPWho.is — no personally identifiable information is shared or stored externally.\u003C\u002Fp>\n\u003Ch3>💡 Enjoying Geo Blocker? Try Our Other Free Plugins\u003C\u002Fh3>\n\u003Cp>Looking for even more control and peace of mind? Check out our other tools:\u003C\u002Fp>\n\u003Cp>🔕 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnotification-blocker\u002F\" rel=\"ugc\">Notification Blocker\u003C\u002Fa>\u003C\u002Fstrong> – Hide annoying plugin notices from your dashboard without hacking core files.\u003C\u002Fp>\n\u003Cp>🛡️ \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffortress-login-pro\u002F\" rel=\"ugc\">Fortress Login Pro\u003C\u002Fa>\u003C\u002Fstrong> – Obscure your login page, add brute-force protection, and block unauthorized access attempts with ease.\u003C\u002Fp>\n\u003Cp>If you like Geo Blocker, you’ll probably find these just as helpful. Try them out!\u003C\u002Fp>\n","🔐 Block or allow visitors by country. Track access attempts. View analytics. Stay in control — effortlessly.",700,1958,"2025-05-18T22:09:00.000Z",[137,20,138,21,139],"access-control","geo-blocking","ip-blocker","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgeo-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeo-blocker.1.0.0.zip",{"attackSurface":143,"codeSignals":169,"taintFlows":180,"riskAssessment":181,"analyzedAt":188},{"hooks":144,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":13,"unprotectedCount":13},[145,152,157,161],{"type":146,"name":147,"callback":148,"priority":149,"file":150,"line":151},"filter","authenticate","grcsecdev_restrict_admin_login_by_country",21,"restrict-admin-login-by-country-grc.php",14,{"type":153,"name":154,"callback":155,"file":150,"line":156},"action","admin_menu","grcsecdev_add_settings_page",72,{"type":153,"name":158,"callback":159,"file":150,"line":160},"admin_init","grcsecdev_register_settings",83,{"type":146,"name":162,"callback":163,"priority":11,"file":150,"line":164},"pre_update_option_grcsecdev_allowed_countries","grcsecdev_enforce_installer_country",187,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":173,"fileOperations":13,"externalRequests":178,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":179},[],{"prepared":13,"raw":13,"locations":172},[],{"escaped":50,"rawEcho":105,"locations":174},[175],{"file":150,"line":176,"context":177},177,"raw output",3,[],[],{"summary":182,"deductions":183},"The security posture of the 'restrict-admin-login-by-country-grc' v1.6 plugin appears to be strong based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points, combined with no identified dangerous functions or file operations, significantly limits the potential attack surface.  Furthermore, the use of prepared statements for all SQL queries and a high percentage of properly escaped output are excellent security practices.\n\nThe plugin also shows no history of known vulnerabilities, with zero CVEs recorded, which is a positive indicator of its past security. The lack of any critical or high-severity taint flows further reinforces its current apparent security. However, the absence of nonce checks and capability checks across all entry points is a notable concern. While the current architecture might not expose them, any future expansion or modification could introduce vulnerabilities if these fundamental WordPress security features are not implemented.\n\nIn conclusion, the plugin demonstrates a good understanding of secure coding practices in its current implementation, particularly regarding data handling and limiting exposed functionalities. The primary weakness lies in the potential for future vulnerabilities due to the consistent lack of nonce and capability checks, which are critical for robust WordPress security. While no immediate critical risks are evident, a proactive approach to incorporating these checks would be advisable for long-term security.",[184,186],{"reason":185,"points":11},"Missing nonce checks",{"reason":187,"points":11},"Missing capability checks","2026-04-16T11:33:12.541Z",{"wat":190,"direct":195},{"assetPaths":191,"generatorPatterns":192,"scriptPaths":193,"versionParams":194},[],[],[],[],{"cssClasses":196,"htmlComments":197,"htmlAttributes":198,"restEndpoints":202,"jsGlobals":203,"shortcodeOutput":204},[],[],[199,200,201],"name=\"grcsecdev_allowed_countries[]\"","name=\"grcsecdev_settings_group\"","id=\"grcsecdev_country_list\"",[],[],[],{"error":206,"url":207,"statusCode":208,"statusMessage":209,"message":209},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Frestrict-admin-login-by-country-grc\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":33,"versions":211},[212,218],{"version":6,"download_url":25,"svn_tag_url":213,"released_at":27,"has_diff":214,"diff_files_changed":215,"diff_lines":27,"trac_diff_url":216,"vulnerabilities":217,"is_current":206},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Frestrict-admin-login-by-country-grc\u002Ftags\u002F1.6\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frestrict-admin-login-by-country-grc%2Ftags%2F1.5&new_path=%2Frestrict-admin-login-by-country-grc%2Ftags%2F1.6",[],{"version":219,"download_url":220,"svn_tag_url":221,"released_at":27,"has_diff":214,"diff_files_changed":222,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":223,"is_current":214},"1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestrict-admin-login-by-country-grc.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frestrict-admin-login-by-country-grc\u002Ftags\u002F1.5\u002F",[],[]]