[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffEJgROBEoqOq9RrUZ5AsOSpwH4dAK9qzaMSq0kaW6iI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":11,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":108,"fingerprints":136},"speedx-disable-login-verification-required-emails-for-wordfence","Speedx – Disable Login Verification Required Emails for Wordfence","1.1","Roice","https:\u002F\u002Fprofiles.wordpress.org\u002Froicecz\u002F","\u003Cp>An extremely simple plugin that disables login verification emails sent by Wordfence when Google reCAPTCHA is enabled. No settings, no bloat — just activate and it works.\u003C\u002Fp>\n\u003Cp>This plugin disables the “Login Verification Required” email notifications that Wordfence sends when using Google reCAPTCHA on the login page.\u003C\u002Fp>\n\u003Cp>If you’re using Wordfence with reCAPTCHA (v2, v3, or Enterprise), Wordfence may still send verification emails that require manual approval for login — even if reCAPTCHA validation is passed. This plugin turns that off entirely.\u003C\u002Fp>\n\u003Cp>There are \u003Cstrong>no settings\u003C\u002Fstrong> and \u003Cstrong>no configuration needed\u003C\u002Fstrong>. Just install, activate, and it works immediately.\u003C\u002Fp>\n\u003Cp>Perfect for managed hosting environments where modifying the \u003Ccode>functions.php\u003C\u002Fcode> file is not feasible or safe.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disables Wordfence’s login verification emails when using reCAPTCHA\u003C\u002Fli>\n\u003Cli>Works with all versions of Google reCAPTCHA (v2, v3, and Enterprise)\u003C\u002Fli>\n\u003Cli>Zero configuration — just install and activate\u003C\u002Fli>\n\u003Cli>Lightweight — one line of code\u003C\u002Fli>\n\u003Cli>No impact on other Wordfence features\u003C\u002Fli>\n\u003C\u002Ful>\n","Disables sending verification emails when reCAPTCHA is enabled. A simple plugin for Wordfence that uses the filter wordfence_ls_require_captcha.",100,657,1,"2025-04-23T08:12:00.000Z","6.8.5","6.8","7.4",[19,20,21,22],"disable-login-emails","disable-required-emails","disable-verification","wordfence","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspeedx-disable-login-verification-required-emails-for-wordfence.1.1.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":11,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"roicecz",2,200,30,94,"2026-04-04T13:04:30.209Z",[37,56,74,92],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":46,"num_ratings":31,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":23,"download_link":54,"security_score":55,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"remove-wordfence-2fa","Remove WordFence 2FA","1.0.0","Sam","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamtarling\u002F","\u003Cp>WordFence is a \u003Cem>pretty darn good\u003C\u002Fem> WordPress plugin, but they recently added two-factor authentication to the free version.\u003C\u002Fp>\n\u003Cp>2FA support is \u003Cstrong>super awesome\u003C\u002Fstrong>, but not when there’s no option to turn it off.\u003C\u002Fp>\n\u003Cp>Sure, you can just not use it, and for some people that’s 100% A-OKAY – but what if you’re already using a 2FA plugin? Now you’re faced with conflicting user interfaces, users are freaking out and clicking the “wrong 2FA button” and ain’t nobody got time for that.\u003C\u002Fp>\n\u003Cp>This WordPress plugin removes all \u003Cem>visual\u003C\u002Fem> traces of the WordFence 2FA feature from everywhere bar the actual WordFence settings pages (it does however remove the submenu item for “Login Security” under the WordFence admin menu item).\u003C\u002Fp>\n","(Visually) removes all trace of the WordFence 2FA feature",2504,60,"2020-10-10T09:56:00.000Z","5.5.18","5.2","7.2",[52,53,22],"2fa","remove","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-wordfence-2fa.1.0.0.zip",85,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":25,"num_ratings":25,"last_updated":66,"tested_up_to":67,"requires_at_least":49,"requires_php":50,"tags":68,"homepage":71,"download_link":72,"security_score":73,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"dmn-security-centre","DMN (Security Centre)","1.3","DMN Creative","https:\u002F\u002Fprofiles.wordpress.org\u002Fdmnplugins\u002F","\u003Cp>The DMN (Security Centre) plugin provides an easy way to keep your Wordfence security whitelist updated with all DMN services without having to check it all the time. This will automatically check and ensure that the whitelist is kept updated once a day. This service requires external communication with DMNs devstage server to aquire the office IP address which will be whitelisted. By using this plugin you agree that the service can be used and communicated with.\u003C\u002Fp>\n\u003Cp>The DMN (Security Centre) plugin can be easily activated and deactivated from the WordPress dashboard, and requires no additional configuration or setup.\u003C\u002Fp>\n","The DMN (Security Centre) plugin keeps your word fences whitelist IP addresses updated with DMN services on your WordPress site.",70,792,"2024-08-13T11:08:00.000Z","6.5.8",[69,70,22],"security","whitelist","https:\u002F\u002Fdmncreative.com\u002Fplugins\u002Fdmn-security-centre\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdmn-security-centre.zip",92,{"slug":75,"name":76,"version":6,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":25,"num_ratings":25,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":90,"download_link":91,"security_score":55,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"proxy-ip-addresses-for-cloudfront-with-wordfence","Proxy IP Addresses for Cloudfront with Wordfence","emfluence interactive marketing","https:\u002F\u002Fprofiles.wordpress.org\u002Femfluencekc\u002F","\u003Cp>If you have Cloudfront in front of WordPress and are using Wordfence, this plugin is for you.\u003C\u002Fp>\n\u003Cp>If you don’t provide Cloudfront’s IP addresses to Wordfence, any bad behavior out there can get Cloudfront itself blocked by Wordfence – and then no one will be able to access your site.\u003C\u002Fp>\n\u003Cp>This plugin downloads Cloudfront’s IP address list directly from Amazon Web Services (AWS). Then it adds and automatically updates the proxy IP addresses for Cloudfront in Wordfence, so that Wordfence can correctly identify the end user’s IP address.\u003C\u002Fp>\n\u003Cp>AWS updates its list of IP addresses every now and then. Don’t manually add IP addresses, and then try to keep track of Cloudfront IP address changes. Just install this plugin and stop worrying!\u003C\u002Fp>\n\u003Cp>Want to change how this plugin works, or add to it? Fork it on GitHub!\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Femfluencekc\u002FWordfence-Cloudfront-IPs\u003C\u002Fp>\n\u003Cp>Documentation, privacy, terms of use, and the list of IP addresses that are used by this plugin can be found here:\u003Cbr \u002F>\nhttps:\u002F\u002Fdocs.aws.amazon.com\u002FAmazonCloudFront\u002Flatest\u002FDeveloperGuide\u002FLocationsOfEdgeServers.html\u003C\u002Fp>\n","Automatically update Wordfence's list of proxy IP addresses with Cloudfront IP addresses",20,7567,"2024-03-19T21:40:00.000Z","6.4.8","5.0","5.6",[88,89,69,22],"cloudfront","proxy","https:\u002F\u002Fgithub.com\u002Femfluencekc\u002FWordfence-Cloudfront-IPs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproxy-ip-addresses-for-cloudfront-with-wordfence.1.1.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":11,"num_ratings":13,"last_updated":102,"tested_up_to":15,"requires_at_least":49,"requires_php":17,"tags":103,"homepage":23,"download_link":107,"security_score":11,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"proactive-security-suite","Proactive Security Suite","1.5.9.9","ITCS","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimath99\u002F","\u003Cp>Welcome to the \u003Cem>ProActive Security Suite\u003C\u002Fem> Plugin Wiki\u003C\u002Fp>\n\u003Cp>     Enhance your WordPress website’s security with the \u003Cstrong>ProActive Security Suite\u003C\u002Fstrong>. This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like \u003Cstrong>Cloudflare\u003C\u002Fstrong>, \u003Cstrong>AbuseIPDB\u003C\u002Fstrong>,  and \u003Cstrong>Whatismybrowser.com\u003C\u002Fstrong>. ProActive Security Suite provides proactive defense mechanisms to protect your site from malicious traffic and potential threats before they reach your server. \u003C\u002Fp>\n\u003Cp>     Table of Contents     \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#introduction\" rel=\"nofollow ugc\">Introduction\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#features\" rel=\"nofollow ugc\">Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#free-features\" rel=\"nofollow ugc\">Free Features\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#premium-features\" rel=\"nofollow ugc\">Premium Features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#installation\" rel=\"nofollow ugc\">Installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#configuration\" rel=\"nofollow ugc\">Configuration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#cloudflare-settings\" rel=\"nofollow ugc\">Cloudflare Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#abuseipdb-integration\" rel=\"nofollow ugc\">AbuseIPDB Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#whatismybrowsercom-integration\" rel=\"nofollow ugc\">WhatIsMyBrowser.com Integration\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#usage\" rel=\"nofollow ugc\">Usage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cul>\n\u003Cli>\u003Ca href=\"#automatic-ip-synchronization\" rel=\"nofollow ugc\">Automatic IP Synchronization\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#manual-synchronization\" rel=\"nofollow ugc\">Manual Synchronization\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#captured-traffic-data\" rel=\"nofollow ugc\">Captured Traffic Data\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#advanced-rule-builder\" rel=\"nofollow ugc\">Advanced Rule Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#rule-details-in-blocked-ips\" rel=\"nofollow ugc\">Rule Details in Blocked IPs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cli>\u003Ca href=\"#advanced-settings\" rel=\"nofollow ugc\">Advanced Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#faq\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#support\" rel=\"nofollow ugc\">Support and Contribution\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"#license\" rel=\"nofollow ugc\">License\u003C\u002Fa>\u003C\u002Fli>\n\u003Cp>Introduction\u003C\u002Fp>\n\u003Cp>     Welcome to the \u003Cstrong>ProActive Security Suite\u003C\u002Fstrong> plugin! This comprehensive security solution enhances your website’s protection by combining advanced threat detection, automated rule-based actions, and integration with services like \u003Cstrong>Cloudflare\u003C\u002Fstrong> and \u003Cstrong>AbuseIPDB\u003C\u002Fstrong>. By proactively analyzing traffic and applying custom security rules, ProActive Security Suite stops malicious traffic before it reaches your server, reducing load and enhancing performance. \u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Freleases\" rel=\"nofollow ugc\">Download Latest Release\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Features\u003C\u002Fp>\n\u003Ch3>Free Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic IP Synchronization:\u003C\u002Fstrong> Effortlessly sync blocked IPs to Cloudflare’s firewall.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Settings:\u003C\u002Fstrong> Tailor the plugin to your needs with adjustable settings:\n\u003Cul>\n\u003Cli>Blocked Hits Threshold\u003C\u002Fli>\n\u003Cli>Block Scope (Domain or Account)\u003C\u002Fli>\n\u003Cli>Block Mode (e.g., Block, Managed Challenge)\u003C\u002Fli>\n\u003Cli>Cron Interval\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Synchronization:\u003C\u002Fstrong> Trigger synchronization manually when immediate action is needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AbuseIPDB Integration:\u003C\u002Fstrong> Optional integration to fetch detailed information about IPs:\n\u003Cul>\n\u003Cli>Country Code\u003C\u002Fli>\n\u003Cli>Usage Type\u003C\u002Fli>\n\u003Cli>ISP Information\u003C\u002Fli>\n\u003Cli>Confidence Score\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced Rule Builder:\u003C\u002Fstrong> Create custom security rules based on various criteria such as confidence score, whitelisted status, abusive status, and more. Automate actions like blocking or challenging IPs based on these rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Priorities:\u003C\u002Fstrong> Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first, allowing critical rules to take precedence.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Action Application:\u003C\u002Fstrong> The plugin automatically applies actions to IPs that match your defined rules immediately after capturing traffic data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Details in Blocked IPs:\u003C\u002Fstrong> View detailed information about which rules caused IPs to be blocked, including criteria and actions taken.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Captured Traffic Data:\u003C\u002Fstrong> Log and analyze incoming traffic for enhanced security insights.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude User Roles:\u003C\u002Fstrong> Exclude specific WordPress user roles from traffic logging.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WhatIsMyBrowser.com API Integration:\u003C\u002Fstrong> Advanced user agent analysis and detection capabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced AbuseIPDB Integration:\u003C\u002Fstrong> Automatic updates for all entries with the same IP address.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Support:\u003C\u002Fstrong> Access dedicated support for assistance and troubleshooting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Custom WAF Rule & List Management:\u003C\u002Fstrong> Optionally create a Cloudflare custom list and associated WAF rule. Manage entries directly from the plugin and get notified if Cloudflare reports issues such as a full list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     \u003Cstrong>Note:\u003C\u002Fstrong> The premium features require an active premium license. Upgrade to access these advanced functionalities. \u003C\u002Fp>\n\u003Cp>Installation\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Download the Plugin:\u003C\u002Fstrong> Clone the repository or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Freleases\" rel=\"nofollow ugc\">download the latest release\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upload to WordPress:\u003C\u002Fstrong> Upload the `proactive-security-suite` directory to `\u002Fwp-content\u002Fplugins\u002F`.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activate the Plugin:\u003C\u002Fstrong> In your WordPress dashboard, navigate to \u003Cem>Plugins\u003C\u002Fem> and activate \u003Cem>ProActive Security Suite\u003C\u002Fem>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Configuration\u003C\u002Fp>\n\u003Ch3>Cloudflare Settings\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Obtain Cloudflare Credentials:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email:\u003C\u002Fstrong> Your Cloudflare account email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API Key:\u003C\u002Fstrong> Your Global API Key or an API Token with necessary permissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zone ID:\u003C\u002Fstrong> Found in your Cloudflare dashboard under the domain’s overview.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account ID:\u003C\u002Fstrong> Located in your Cloudflare profile settings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure Plugin Settings:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Navigate to \u003Cem>Settings > ProActive Security Suite\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Enter your Cloudflare credentials securely.\u003C\u002Fli>\n\u003Cli>Adjust settings like Blocked Hits Threshold, Block Scope, and Block Mode.\u003C\u002Fli>\n\u003Cli>Enable \u003Cem>Custom WAF Rule\u003C\u002Fem> and supply a rule name to allow the plugin to create and maintain a Cloudflare custom list and matching WAF rule. List entries can be viewed, added, or removed from within the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>AbuseIPDB Integration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Sign Up for AbuseIPDB:\u003C\u002Fstrong> Visit \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002F\" rel=\"nofollow ugc\">AbuseIPDB\u003C\u002Fa> and sign up for an API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable Integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>In the plugin settings, enter your AbuseIPDB API key.\u003C\u002Fli>\n\u003Cli>Enable the \u003Cem>AbuseIPDB Lookup\u003C\u002Fem> option.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WhatIsMyBrowser.com Integration (Premium)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Obtain API Key:\u003C\u002Fstrong> Register at \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002F\" rel=\"nofollow ugc\">WhatIsMyBrowser.com\u003C\u002Fa> for an API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure Integration:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Enter the API key in the plugin’s settings under \u003Cem>WhatIsMyBrowser API Key\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Enable the integration features as desired.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Usage\u003C\u002Fp>\n\u003Ch3>Automatic IP Synchronization\u003C\u002Fh3>\n\u003Cp>     The plugin automatically syncs blocked IPs based on your configured cron interval. IPs exceeding the Blocked Hits Threshold are added to Cloudflare’s firewall or acted upon based on your defined rules. \u003C\u002Fp>\n\u003Ch3>Manual Synchronization\u003C\u002Fh3>\n\u003Cp>     Navigate to \u003Cem>Settings > ProActive Security Suite\u003C\u002Fem> and click the \u003Cstrong>Run Process\u003C\u002Fstrong> button to trigger synchronization and rule evaluation immediately. \u003C\u002Fp>\n\u003Ch3>Captured Traffic Data (Premium)\u003C\u002Fh3>\n\u003Cp>     Access detailed logs under the \u003Cem>Captured Traffic Data\u003C\u002Fem> tab. Analyze user agents, request methods, and more. Exclude specific user roles from logging in the settings. \u003C\u002Fp>\n\u003Ch3>Advanced Rule Builder (Premium)\u003C\u002Fh3>\n\u003Cp>     The plugin features a powerful \u003Cstrong>Rule Builder\u003C\u002Fstrong> that allows you to create custom security rules based on various criteria. You can define rules using conditions such as: \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Confidence Score:\u003C\u002Fstrong> Set thresholds using operators like greater than, less than, equal to, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Is Whitelisted:\u003C\u002Fstrong> Check if an IP is marked as whitelisted in AbuseIPDB.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Is Abusive:\u003C\u002Fstrong> Determine if an IP is associated with abusive behavior.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Criteria:\u003C\u002Fstrong> Add other criteria based on the data captured.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     Each rule can be assigned an \u003Cstrong>Action\u003C\u002Fstrong> (e.g., Block, Managed Challenge) that will be applied to IPs matching the rule. You can also assign a \u003Cstrong>Priority\u003C\u002Fstrong> to control the order in which rules are evaluated. \u003C\u002Fp>\n\u003Ch3>Rule Details in Blocked IPs (Premium)\u003C\u002Fh3>\n\u003Cp>     The \u003Cstrong>Blocked IPs\u003C\u002Fstrong> tab now includes a \u003Cem>Rule Details\u003C\u002Fem> column that displays comprehensive information about the rules that caused IPs to be blocked. This includes: \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Criteria:\u003C\u002Fstrong> The specific conditions that were met, such as confidence score thresholds, whitelisted status, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Action:\u003C\u002Fstrong> The action taken by the rule (e.g., Block, Managed Challenge).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>     This enhancement allows administrators to easily identify which rules are triggering blocks and understand the reasons behind each IP being blocked. It provides greater transparency and aids in fine-tuning security settings. \u003C\u002Fp>\n\u003Cp>Advanced Settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Blocked Hits Threshold:\u003C\u002Fstrong> Define the minimum number of blocked hits before an IP is synchronized or evaluated by rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Scope:\u003C\u002Fstrong> Choose between domain-specific or account-wide blocking.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Mode:\u003C\u002Fstrong> Select the action for Cloudflare to take (e.g., Block, Challenge).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cron Interval:\u003C\u002Fstrong> Set how frequently the plugin checks for new blocked IPs and evaluates rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rule Priorities:\u003C\u002Fstrong> Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Role Exclusions:\u003C\u002Fstrong> Exclude specific WordPress user roles from traffic logging and rule evaluation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Frequently Asked Questions\u003C\u002Fp>\n\u003Ch3>How do I obtain my Cloudflare Zone ID and Account ID?\u003C\u002Fh3>\n\u003Cp>     \u003Cstrong>Zone ID:\u003C\u002Fstrong> Log into Cloudflare, select your domain, and find the Zone ID on the Overview page.\u003Cbr \u002F>     \u003Cstrong>Account ID:\u003C\u002Fstrong> Click on your profile in Cloudflare; the Account ID is listed there. \u003C\u002Fp>\n\u003Ch3>Can I use an API Token instead of the Global API Key?\u003C\u002Fh3>\n\u003Cp>     Yes, ensure the API Token has the necessary permissions for firewall access. \u003C\u002Fp>\n\u003Ch3>Is the plugin compatible with IPv6 addresses?\u003C\u002Fh3>\n\u003Cp>     Absolutely, the plugin supports both IPv4 and IPv6 addresses. \u003C\u002Fp>\n\u003Ch3>How does the plugin handle my API keys?\u003C\u002Fh3>\n\u003Cp>     All API keys are securely stored using WordPress’s options API and are never exposed in plain text. \u003C\u002Fp>\n\u003Ch3>How do rule priorities work?\u003C\u002Fh3>\n\u003Cp>     Rule priorities determine the order in which your rules are evaluated. Rules with higher priority numbers are evaluated first. If traffic data matches a rule, the corresponding action is applied, and no further rules are evaluated for that IP address. \u003C\u002Fp>\n\u003Ch3>Can I see which rule blocked an IP?\u003C\u002Fh3>\n\u003Cp>     Yes, with the \u003Cstrong>Rule Details in Blocked IPs\u003C\u002Fstrong> feature, you can view the exact rule criteria and action that caused an IP to be blocked. This information is displayed in the Blocked IPs tab under the Rule Details column. \u003C\u002Fp>\n\u003Ch3>How does the automatic action application work?\u003C\u002Fh3>\n\u003Cp>     When traffic data is captured, the plugin immediately evaluates it against your defined rules. If a rule matches, the specified action is applied to the IP address without any manual intervention. \u003C\u002Fp>\n\u003Cp>Support and Contribution\u003C\u002Fp>\n\u003Cp>     \u003Cstrong>Support:\u003C\u002Fstrong> For assistance, please open an issue on our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fitcssec\u002FProActiveSecuritySuite\u002Fissues\" rel=\"nofollow ugc\">GitHub Issues\u003C\u002Fa> page or contact us at \u003Ca href=\"mailto:info@itcs.services\" rel=\"nofollow ugc\">info@itcs.services\u003C\u002Fa>. \u003C\u002Fp>\n\u003Cp>License\u003C\u002Fp>\n\u003Cp>     This project is licensed under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">GNU General Public License v3.0\u003C\u002Fa>. \u003C\u002Fp>\n\u003Cp>     \u003Cem>Thank you for using ProActive Security Suite!\u003C\u002Fem>  \u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Cloudflare\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We send visitor IPs (and optionally country\u002FISP data) to create Firewall rules.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address, associated rule details.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Cloudflare Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Cloudflare Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>AbuseIPDB\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We check IP reputation, fetching country code, ISP, and confidence score.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002Flegal\" rel=\"nofollow ugc\">AbuseIPDB Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.abuseipdb.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WhatIsMyBrowser\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We send user agent strings to detect software (browser), OS, and if it’s abusive.\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: User agent strings.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002Fabout\u002Flegal\u002F\" rel=\"nofollow ugc\">WhatIsMyBrowser Terms of Service\u003C\u002Fa> |\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fdevelopers.whatismybrowser.com\u002Fapi\u002Fabout\u002Flegal\u002F\" rel=\"nofollow ugc\">Legal\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IPData\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Usage\u003C\u002Fstrong>: We fetch detailed threat intelligence (Tor, proxy, known attacker, etc.).\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP address.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fipdata.co\u002Fterms-of-service.html\" rel=\"nofollow ugc\">IPData Terms\u003C\u002Fa> |\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fipdata.co\u002Fprivacy.html\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Welcome to the ProActive Security Suite Plugin Wiki      Enhance your WordPress website's security with the ProActive Security Suite.",10,904,"2025-08-24T19:26:00.000Z",[104,105,69,22,106],"cloudflare","firewall","wordpress-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproactive-security-suite.1.5.9.9.zip",{"attackSurface":109,"codeSignals":121,"taintFlows":128,"riskAssessment":129,"analyzedAt":135},{"hooks":110,"ajaxHandlers":117,"restRoutes":118,"shortcodes":119,"cronEvents":120,"entryPointCount":25,"unprotectedCount":25},[111],{"type":112,"name":113,"callback":114,"file":115,"line":116},"filter","wordfence_ls_require_captcha","__return_false","speedx-disable-login-verification-required-emails-for-wordfence.php",17,[],[],[],[],{"dangerousFunctions":122,"sqlUsage":123,"outputEscaping":125,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":127},[],{"prepared":25,"raw":25,"locations":124},[],{"escaped":25,"rawEcho":25,"locations":126},[],[],[],{"summary":130,"deductions":131},"The 'speedx-disable-login-verification-required-emails-for-wordfence' plugin, v1.1, exhibits an exceptionally clean static analysis profile. There are no identified entry points such as AJAX handlers, REST API routes, or shortcodes that are exposed without authentication. The code also demonstrates strong secure coding practices, with no dangerous functions, a complete absence of SQL queries (thus no raw SQL), and all potential outputs are properly escaped. Furthermore, there are no file operations or external HTTP requests, and importantly, no nonce or capability checks are present. This lack of explicit checks, while seemingly good due to the absence of entry points, does indicate a minimal attack surface that hasn't been thoroughly scrutinized for potential access vectors that might bypass standard WordPress security mechanisms. The plugin also has no known vulnerability history, which is a positive indicator of its past security performance. However, the complete absence of capability checks, while not directly exploitable given the current zero attack surface, suggests a potential area of concern if functionality were ever to be added or exposed through alternative means.",[132],{"reason":133,"points":134},"No capability checks found",5,"2026-03-16T20:58:42.227Z",{"wat":137,"direct":142},{"assetPaths":138,"generatorPatterns":139,"scriptPaths":140,"versionParams":141},[],[],[],[],{"cssClasses":143,"htmlComments":144,"htmlAttributes":145,"restEndpoints":146,"jsGlobals":147,"shortcodeOutput":148},[],[],[],[],[],[]]