[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMAL_DZOCPi8FnuVo7Vuo7lqcy1-Y779suibnS5MNci4":3,"$fXCsZ8FE9VhBaqeaMrBHQdj6efbqEhV9JECxBU1grUGc":481,"$f1BCp16N0y3D_9pgVsDL0EOV3fG6Jx1tC5K-VHCqyb3Y":485},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":38,"analysis":146,"fingerprints":442},"vpn-guard","VPN Guard – Block VPN, Proxy, Bots & Anonymous Visitors","1.0.5","vpndeals","https:\u002F\u002Fprofiles.wordpress.org\u002Fvpndeals\u002F","\u003Cp>\u003Cstrong>VPN Guard\u003C\u002Fstrong> is the ultimate freemium WordPress plugin to help you block VPNs, proxies, and other anonymizing networks frequently leveraged by unwanted bots and suspicious traffic in real-time — no subscription required.\u003C\u002Fp>\n\u003Cp>It uses the powerful \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fvpnapi.io\" rel=\"nofollow ugc\">vpnapi.io\u003C\u002Fa>\u003C\u002Fstrong> engine to scan visitors’ IP addresses and instantly block connections flagged as VPN, Proxy, Tor, or Relay—and your free account includes \u003Cstrong>1,000 API requests per day!\u003C\u002Fstrong> This helps protect your site from various threats that hide behind these anonymization layers.\u003C\u002Fp>\n\u003Cp>And here’s the game-changer: \u003Cstrong>YOU decide the battlefield!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to shield your entire site? Done.\u003C\u002Fp>\n\u003Cp>Need to protect just your login page, WooCommerce checkout, specific posts, or even the entire \u003Ccode>\u002Fwp-admin\u002F\u003C\u002Fcode> area?\u003C\u002Fp>\n\u003Cp>VPN Guard gives you \u003Cstrong>pinpoint control\u003C\u002Fstrong> with its advanced targeting rules.\u003C\u002Fp>\n\u003Cp>> 💡 \u003Cstrong>Premium-grade features, no premium price.\u003C\u002Fstrong> Unlock serious protection with granular control, without spending a dime.\u003C\u002Fp>\n\u003Ch3>✅ Features You’ll Love\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>✨ \u003Cstrong>NEW! Block Page Preview & Test Tab\u003C\u002Fstrong> – See exactly what your blocked users see and get tips for testing your setup!\u003C\u002Fli>\n\u003Cli>🎯 \u003Cstrong>NEW! LASER-FOCUSED TARGETING!\u003C\u002Fstrong> – Why block everything when you can block SMARTER?\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full Site Protection:\u003C\u002Fstrong> Shield your entire WordPress site with one click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Specific Areas Only:\u003C\u002Fstrong> Create custom rules to protect:\u003Cbr \u002F>\n    – Individual \u003Cstrong>Post \u002F Page ID(s)\u003C\u002Fstrong>\u003Cbr \u002F>\n    – Entire \u003Cstrong>Post Types\u003C\u002Fstrong> (e.g., all “products”, all “articles”, or your \u003Cstrong>custom post types\u003C\u002Fstrong>)\u003Cbr \u002F>\n    – URLs based on \u003Cstrong>Contains\u003C\u002Fstrong>, \u003Cstrong>Starts With\u003C\u002Fstrong>, or \u003Cstrong>Exact Match\u003C\u002Fstrong>\u003Cbr \u002F>\n    – Critical \u003Cstrong>WooCommerce Pages\u003C\u002Fstrong> (Cart, Checkout, My Account)\u003Cbr \u002F>\n    – Essential \u003Cstrong>WordPress Pages\u003C\u002Fstrong> (Login Page, Registration Page)\u003Cbr \u002F>\n    – The entire \u003Cstrong>WordPress Admin Area (\u003Ccode>\u002Fwp-admin\u002F\u003C\u002Fcode>)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>🔍 \u003Cstrong>VPN & Proxy Detection\u003C\u002Fstrong> – Block anonymized traffic (VPN, Proxy, Tor, Relay) using trusted IP intelligence. Enhanced IP validation logic.\u003C\u002Fli>\n\u003Cli>🛡️ \u003Cstrong>Mitigate Unwanted Traffic\u003C\u002Fstrong> – Helps reduce access from scrapers and unwanted bots that often operate through the types of anonymizing networks detected by the API.\u003C\u002Fli>\n\u003Cli>🔐 \u003Cstrong>WordPress Login Security\u003C\u002Fstrong> – Harden your admin and login endpoints (now even more precise with targeting!)\u003C\u002Fli>\n\u003Cli>🛒 \u003Cstrong>WooCommerce Checkout Protection\u003C\u002Fstrong> – Reduce fraud and suspicious orders by blocking high-risk anonymized connections.\u003C\u002Fli>\n\u003Cli>🧠 \u003Cstrong>Smart Role Bypasses\u003C\u002Fstrong> – Let trusted roles skip blocking rules.\u003C\u002Fli>\n\u003Cli>⏰ \u003Cstrong>Scheduled Blocking\u003C\u002Fstrong> – Only apply blocking rules at certain hours or days. Improved scheduler logic.\u003C\u002Fli>\n\u003Cli>📋 \u003Cstrong>View Blocked Logs\u003C\u002Fstrong> – Review recent blocked IPs, URLs, and detection reasons. User Agent and Referer now included in CSV export.\u003C\u002Fli>\n\u003Cli>📤 \u003Cstrong>Export to CSV\u003C\u002Fstrong> – One-click export for audit logs or compliance. Log export functionality restored and improved.\u003C\u002Fli>\n\u003Cli>✅ \u003Cstrong>IP Whitelist\u003C\u002Fstrong> – Allow specific IPs even if flagged by the detection service.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>– 🛡️ \u003Cstrong>Admin Panel Status Notice\u003C\u002Fstrong> – Optional notice in your dashboard, with refined styling and more robust status display.\u003C\u002Fp>\n\u003Ch3>🧠 Ideal For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Bloggers looking to protect login and admin access \u003Cstrong>with precision\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>WooCommerce stores wanting to secure checkout or specific product categories from risky traffic.\u003C\u002Fli>\n\u003Cli>Membership sites and online courses needing to protect premium content areas.\u003C\u002Fli>\n\u003Cli>Publishers battling fake traffic or content scrapers on high-value articles or sections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Any WordPress site that needs smarter, targeted access control against anonymized and potentially malicious traffic.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Why Choose VPN Guard?\u003C\u002Fh3>\n\u003Cp>While other security or VPN-blocking plugins lock core features or charge extra for flexibility, \u003Cstrong>VPN Guard gives you true freemium access with unparalleled control\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>✅ 100% free with generous API usage for detecting VPNs, Proxies, Tor, and Relays.\u003C\u002Fli>\n\u003Cli>🎯 \u003Cstrong>Powerful targeting rules at no extra cost!\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>🔓 Key features without nagging upsells.\u003C\u002Fli>\n\u003Cli>📈 Designed for performance, speed, and SEO safety. Enhanced stability and security in the latest update.\u003Cbr \u002F>\n> 💥 Use it standalone or alongside other security tools like Wordfence, iThemes Security, All In One WP Security, and more! VPN Guard’s targeting complements them perfectly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔌 Integrations & Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>✅ Fully compatible with \u003Cstrong>WooCommerce\u003C\u002Fstrong> (target cart, checkout, account pages)\u003C\u002Fli>\n\u003Cli>✅ Works with \u003Cstrong>popular caching plugins\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>✅ Integrates with \u003Cstrong>any WordPress theme or builder\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>✅ Safe for use with \u003Cstrong>CDNs and Cloudflare\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📦 API Details\u003C\u002Fh3>\n\u003Cp>VPN Guard uses \u003Ca href=\"https:\u002F\u002Fvpnapi.io\" rel=\"nofollow ugc\">vpnapi.io\u003C\u002Fa> — a modern and reliable IP intelligence service.\u003Cbr \u002F>\nThe API response includes flags for:\u003Cbr \u002F>\n– \u003Cstrong>VPN:\u003C\u002Fstrong> Is the IP a VPN?\u003Cbr \u002F>\n– \u003Cstrong>Proxy:\u003C\u002Fstrong> Is the IP a Proxy?\u003Cbr \u002F>\n– \u003Cstrong>Tor:\u003C\u002Fstrong> Is the IP a Tor exit node?\u003Cbr \u002F>\n– \u003Cstrong>Relay:\u003C\u002Fstrong> Is the IP part of a relay network?\u003Cbr \u002F>\n\u003Cem>(The API may also provide a “hosting” flag indicating a datacenter\u002Fhosting IP, which contributes to identifying non-residential traffic, though VPN Guard’s primary blocking is based on the above explicit flags).\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🆓 Free plan includes \u003Cstrong>1,000 requests per day\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>🚀 Easy upgrade options available (no commitment)\u003C\u002Fli>\n\u003Cli>🔐 GDPR compliant, fast response times, and global coverage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You’ll be prompted to add your free API key inside the plugin settings.\u003C\u002Fp>\n\u003Ch3>💬 Support\u003C\u002Fh3>\n\u003Cp>Got questions or feature requests? Reach out from the plugin’s built-in feedback form or at \u003Ca href=\"https:\u002F\u002Fvpndeals.com\u002Fwordpress-plugins\u002Fvpn-guard\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fvpndeals.com\u002Fwordpress-plugins\u002Fvpn-guard\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin utilizes the \u003Cstrong>vpnapi.io\u003C\u002Fstrong> service to perform real-time IP address analysis. This is essential for the plugin’s core functionality of detecting and blocking traffic from VPNs, proxies, Tor networks, and relays.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Provider:\u003C\u002Fstrong> vpnapi.io\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To identify the nature of a visitor’s IP address (VPN, proxy, Tor, relay) to enable blocking or restriction based on your plugin settings, thereby enhancing website security and integrity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> When a visitor accesses a page or area of your site that is actively protected by VPN Guard (and the result for their IP is not already cached locally or if the IP is not whitelisted), the visitor’s \u003Cstrong>IP address\u003C\u002Fstrong> is sent to the vpnapi.io service for analysis.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fvpnapi.io\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fvpnapi.io\u002Fterms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fvpnapi.io\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fvpnapi.io\u002Fprivacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Considerations\u003C\u002Fh3>\n\u003Cp>VPN Guard is designed with user and site visitor privacy in mind. Here’s how we handle data:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Visitor IP Addresses:\u003C\u002Fstrong> To protect your site, VPN Guard processes the IP addresses of your site visitors. As detailed in the “External Services” section, visitor IP addresses may be sent to the \u003Ccode>vpnapi.io\u003C\u002Fcode> service for analysis.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Logging:\u003C\u002Fstrong> If a visitor’s IP address is blocked, VPN Guard will store the following information in your local WordPress database: the visitor’s IP address, the date and time of the block, the detection reason (e.g., “VPN”), the URL the visitor attempted to access, their browser user agent, and the HTTP referer. This data is for your security logging and review purposes. You have an option in the plugin settings to delete all plugin data, including these logs, upon uninstallation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cookies:\u003C\u002Fstrong> VPN Guard’s core IP blocking functionality does not set any cookies on your website visitors’ browsers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Administrator Data (Feedback Form):\u003C\u002Fstrong> If you choose to send feedback to us via the plugin’s built-in feedback form, it will include your WordPress admin email, site URL, and technical details (plugin version, WP version, PHP version) to help us provide support. This is explicitly stated on the feedback form itself.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>* \u003Cstrong>Your Website’s Privacy Policy:\u003C\u002Fstrong> We recommend that you update your website’s privacy policy to inform your users about the data processing activities performed by VPN Guard, including the use of the \u003Ccode>vpnapi.io\u003C\u002Fcode> service and the local logging of blocked IP addresses.\u003C\u002Fp>\n","Ultimate VPN\u002FProxy Shield Blocker! Real-time IP defense. Target Anything: Logins, Checkout, Post Types, URLs & more!. 1000 Free Daily API Checks!",300,1217,100,8,"2026-02-03T22:10:00.000Z","6.9.4","5.5","7.4",[20,21,22,23,24],"block","blocker","bots","proxy","vpn","https:\u002F\u002Fvpndeals.com\u002Fwordpress-plugins\u002Fvpn-guard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvpn-guard.zip",0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":13,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,350,30,94,"2026-05-20T04:47:05.780Z",[39,64,87,110,129],{"slug":40,"name":41,"version":42,"author":41,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":16,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":27,"last_vuln_date":63,"fetched_at":29},"proxy-vpn-blocker","Proxy & VPN Blocker","3.5.8","https:\u002F\u002Fprofiles.wordpress.org\u002Frickstermuk\u002F","\u003Ch4>Block VPNs, Proxies, Tor & Spam – Strengthen Your WordPress Security\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Proxy & VPN Blocker\u003C\u002Fstrong> is a complete \u003Cstrong>WordPress security plugin\u003C\u002Fstrong> designed to protect your site from anonymous and abusive traffic.\u003Cbr \u002F>\nIt functions as a powerful \u003Cstrong>VPN blocker\u003C\u002Fstrong>, \u003Cstrong>proxy blocker\u003C\u002Fstrong>, and \u003Cstrong>Tor blocker\u003C\u002Fstrong>, preventing unwanted visitors, spam bots, and fake users from accessing your site.\u003C\u002Fp>\n\u003Cp>Using the trusted \u003Ca href=\"https:\u002F\u002Fproxycheck.io\" rel=\"nofollow ugc\">proxycheck.io\u003C\u002Fa> API, it detects connections from VPNs, open proxies, Tor nodes, and compromised servers — giving you real-time protection without slowing down your site.\u003C\u002Fp>\n\u003Cp>Perfect for login, registration, comments, or any page you want to secure, Proxy & VPN Blocker also includes smart \u003Cstrong>spam protection\u003C\u002Fstrong>, geoblocking, and IP logging to help you stay in control of who can access your WordPress site.\u003C\u002Fp>\n\u003Cp>Whether you’re running a blog, store, or membership site, this plugin helps keep out fake users, block risky regions, and stop automated spam attempts before they start.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Powerful WordPress security plugin – blocks VPNs, proxies, Tor, Mysterium nodes, and compromised servers in real time  \u003C\u002Fli>\n\u003Cli>Country blocking & geoblocking – allow or deny traffic by country or region with flexible IP-based controls  \u003C\u002Fli>\n\u003Cli>Supports IP ranges, CIDRs, specific IPs, and ASNs for precise network-level blocking  \u003C\u002Fli>\n\u003Cli>Optionally use proxycheck.io’s Risk Score for smarter VPN and proxy detection decisions  \u003C\u002Fli>\n\u003Cli>Built-in API Key Statistics with live usage graphs and daily query totals  \u003C\u002Fli>\n\u003Cli>Visitor Action Log – view blocked IPs, detection reason, and plugin response directly in your dashboard  \u003C\u002Fli>\n\u003Cli>Caches known good IPs to reduce API usage and improve performance  \u003C\u002Fli>\n\u003Cli>Works seamlessly with both IPv4 and IPv6 addresses  \u003C\u002Fli>\n\u003Cli>Compatible with Cloudflare and other CDN headers for accurate IP detection  \u003C\u002Fli>\n\u003Cli>Block access to Login, Registration, Admin, Comments, or any page\u002Fpost easily  \u003C\u002Fli>\n\u003Cli>Customize the “Access Denied” message or redirect visitors to a specific page  \u003C\u002Fli>\n\u003Cli>Log registration and recent login IPs in the Users list and profile – linked to proxycheck.io’s Threats page  \u003C\u002Fli>\n\u003Cli>Manage proxycheck.io Whitelist and Blacklist directly from WordPress  \u003C\u002Fli>\n\u003Cli>Simple integration via WordPress Editor and Toolbar for page-level protection  \u003C\u002Fli>\n\u003Cli>Lightweight, fast, and built to complement other security plugins  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And much more available in \u003Ca href=\"https:\u002F\u002Fproxyvpnblocker.com\u002Fpremium\" rel=\"nofollow ugc\">Proxy & VPN Blocker Premium\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>The proxycheck.io API\u003C\u002Fh4>\n\u003Cp>This Plugin can be used without a proxycheck.io API key, but it will be limited to 100 daily queries to the API. To enhance the capabilities, you can obtain a free API key from proxycheck.io, which allows for 1,000 free daily queries, making it suitable for small WordPress sites.\u003C\u002Fp>\n\u003Cp>Here’s an overview of the free and paid API options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Without an API key (100 queries\u002Fday)\u003C\u002Fli>\n\u003Cli>With a free API key (1,000 queries\u002Fday – ideal for small sites)\u003C\u002Fli>\n\u003Cli>With a paid API key (10,000 to over 10 million queries\u002Fday)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Your API key can be used across all of your sites and apps, you only need a proxycheck.io plan that fits your overall needs.\u003C\u002Fp>\n\u003Ch4>User IP Logging Feature\u003C\u002Fh4>\n\u003Cp>Proxy & VPN Blocker allows for local logging of user registration IP addresses. The IP addresses are displayed next to each user in the Users list and on their profile pages, visible to administrators. The Plugin also logs the most recent login IP address for each user, which is also displayed in the User’s list and profile page, with the IP address linked to the proxycheck.io Threats page.\u003C\u002Fp>\n\u003Ch4>Caching Plugin Notice\u003C\u002Fh4>\n\u003Cp>If you’re using caching plugins (like WP Rocket or WP Super Cache), IP-based page blocking might not function correctly due to static caching. A DONOTCACHEPAGE option is available to help mitigate this issue.\u003C\u002Fp>\n\u003Ch4>Privacy & GDPR Compliance\u003C\u002Fh4>\n\u003Cp>To check IP addresses, the plugin sends them to the proxycheck.io API. No personally identifiable information (PII) beyond the IP is transmitted. For details, refer to proxycheck.io’s \u003Ca href=\"https:\u002F\u002Fproxycheck.io\u002Fprivacy\" rel=\"nofollow ugc\">privacy notice\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fproxycheck.io\u002Fgdpr\" rel=\"nofollow ugc\">GDPR Compliance\u003C\u002Fa> for further information.\u003C\u002Fp>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>This Plugin is \u003Cem>not developed by proxycheck.io\u003C\u002Fem> despite being recommended by them.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>For plugin-related support, please use the WordPress.org support forum.\u003C\u002Fli>\n\u003Cli>For API or account questions, contact proxycheck.io directly.\u003C\u002Fli>\n\u003Cli>The proxycheck.io logo is used with express permission.\u003C\u002Fli>\n\u003C\u002Ful>\n","Block VPNs, proxies, Tor, and spam on WordPress. Strengthen security and stop fake users with smart IP blocking via proxycheck.io.",1000,127937,74,32,"2026-03-05T20:02:00.000Z","4.9","7.2",[54,55,56,57,58],"proxy-blocker","security","spam-protection","tor-blocker","vpn-blocker","https:\u002F\u002Fproxyvpnblocker.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproxy-vpn-blocker.3.5.8.zip",99,1,"2026-01-09 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":16,"requires_at_least":77,"requires_php":18,"tags":78,"homepage":84,"download_link":85,"security_score":61,"vuln_count":33,"unpatched_count":27,"last_vuln_date":86,"fetched_at":29},"better-robots-txt","Better Robots.txt – AI-Ready Crawl Control & Bot Governance","3.0.1","Pagup","https:\u002F\u002Fprofiles.wordpress.org\u002Fpagup\u002F","\u003Cp>Better Robots.txt replaces the default WordPress robots.txt workflow with a smarter, structured version you can configure and preview before publishing.\u003C\u002Fp>\n\u003Cp>Instead of a blank textarea, you get a guided wizard with presets, plain-language explanations, and a final Review & Save step so you can inspect the generated robots.txt before it goes live.\u003C\u002Fp>\n\u003Cp>Built for beginners and advanced users alike, Better Robots.txt helps you control how search engines, AI crawlers, SEO tools, archive bots, bad bots, social preview bots, and other automated agents interact with your site.\u003C\u002Fp>\n\u003Cp>Trusted by thousands of WordPress sites, Better Robots.txt is designed for the AI era without resorting to hype, vague promises, or hidden rules.\u003C\u002Fp>\n\u003Cp>Better Robots.txt is available in Free, Pro, and Premium editions. The free plugin covers the guided workflow and essential crawl control features, while Pro and Premium unlock additional governance, protection, and AI-ready modules. Some screenshots on the plugin page show features from all three editions.\u003C\u002Fp>\n\u003Ch3>A quick overview\u003C\u002Fh3>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Better robots.txt Video — AI-Ready Crawl Control for WordPress\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F1169756981?dnt=1&app_id=122963\" width=\"750\" height=\"372\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch3>Why Better Robots.txt is different\u003C\u002Fh3>\n\u003Cp>Most robots.txt plugins fall into one of three categories:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple text editor\u003C\u002Fli>\n\u003Cli>Virtual robots.txt manager\u003C\u002Fli>\n\u003Cli>Single-purpose AI or policy add-on\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Better Robots.txt goes further.\u003C\u002Fp>\n\u003Cp>It gives you a complete, guided crawl control workflow so you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Choose a preset that matches your goals\u003C\u002Fli>\n\u003Cli>Control major crawler categories without writing everything by hand\u003C\u002Fli>\n\u003Cli>Keep core WordPress protection rules visible and editable\u003C\u002Fli>\n\u003Cli>Clean up low-value crawl paths that waste crawl budget\u003C\u002Fli>\n\u003Cli>Generate a cleaner robots.txt output\u003C\u002Fli>\n\u003Cli>Preview the final result before saving\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What you can control\u003C\u002Fh3>\n\u003Cp>Better Robots.txt helps you manage:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search engine visibility\u003C\u002Fli>\n\u003Cli>AI and LLM crawler behavior\u003C\u002Fli>\n\u003Cli>AI usage signals such as search, ai-input, and ai-train preferences\u003C\u002Fli>\n\u003Cli>SEO tool crawlers\u003C\u002Fli>\n\u003Cli>Bad bots and abusive crawlers\u003C\u002Fli>\n\u003Cli>Archive and Wayback access\u003C\u002Fli>\n\u003Cli>Feed crawlers and crawl traps\u003C\u002Fli>\n\u003Cli>WooCommerce crawl cleanup\u003C\u002Fli>\n\u003Cli>CSS, JavaScript, and image crawling rules\u003C\u002Fli>\n\u003Cli>Social media preview crawlers\u003C\u002Fli>\n\u003Cli>ads.txt and app-ads.txt allowance\u003C\u002Fli>\n\u003Cli>llms.txt generation\u003C\u002Fli>\n\u003Cli>Advanced directives such as crawl-delay and custom rules\u003C\u002Fli>\n\u003Cli>Final review before publishing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Editions\u003C\u002Fh3>\n\u003Cp>Better Robots.txt is available in three editions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Free – Includes the guided setup, the Essential preset, core crawl control features, and the final Review & Save workflow.\u003C\u002Fli>\n\u003Cli>Pro – Adds more advanced governance and protection modules, including additional AI, crawler, and cleanup controls.\u003C\u002Fli>\n\u003Cli>Premium – Unlocks the most restrictive and advanced protection options, including the Fortress preset and additional high-control modules.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some options shown in the interface are marked Free, Pro, or Premium so users can immediately understand which modules belong to each edition.\u003C\u002Fp>\n\u003Ch3>Presets\u003C\u002Fh3>\n\u003Cp>Setup starts with four modes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Essential – A clean, practical configuration for most websites that want a better robots.txt without complexity.\u003C\u002Fli>\n\u003Cli>AI-First – For publishers and content sites that want AI-ready governance without shutting down discovery.\u003C\u002Fli>\n\u003Cli>Fortress – For websites that want stronger protection against scraping, archive capture, and unnecessary crawl activity.\u003C\u002Fli>\n\u003Cli>Custom – For users who prefer to configure each module manually.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For many sites, one preset plus a quick review is enough.\u003C\u002Fp>\n\u003Ch3>Built for beginners and experts\u003C\u002Fh3>\n\u003Cp>Beginners get:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A guided setup instead of a raw robots.txt box\u003C\u002Fli>\n\u003Cli>Preset-based configuration\u003C\u002Fli>\n\u003Cli>Plain-language explanations for important choices\u003C\u002Fli>\n\u003Cli>A safer workflow with a final preview step\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Advanced users get:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Editable core WordPress protection rules\u003C\u002Fli>\n\u003Cli>Fine-grained crawler controls by category\u003C\u002Fli>\n\u003Cli>WooCommerce-oriented cleanup options\u003C\u002Fli>\n\u003Cli>Consolidated output options\u003C\u002Fli>\n\u003Cli>Advanced directives and custom rules\u003C\u002Fli>\n\u003Cli>A final output they can inspect before publishing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>AI-ready, without hype\u003C\u002Fh3>\n\u003Cp>Better Robots.txt includes features for modern AI-related crawl governance, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AI crawler handling\u003C\u002Fli>\n\u003Cli>Optional llms.txt support\u003C\u002Fli>\n\u003Cli>AI usage signals for compliant systems\u003C\u002Fli>\n\u003Cli>Optional machine-readable governance signals for advanced use cases\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These features help you express how you want automated systems to use your content.\u003C\u002Fp>\n\u003Cp>However, Better Robots.txt does not claim to control AI by force. Like robots.txt itself, these signals are most useful with compliant systems and good-faith crawlers.\u003C\u002Fp>\n\u003Ch3>What Better Robots.txt is\u003C\u002Fh3>\n\u003Cp>Better Robots.txt is:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A robots.txt governance plugin for WordPress\u003C\u002Fli>\n\u003Cli>A guided configuration workflow instead of a raw text editor\u003C\u002Fli>\n\u003Cli>A crawl control layer to reduce wasteful crawling\u003C\u002Fli>\n\u003Cli>A practical bridge between SEO, crawl hygiene, and AI-era policy signaling\u003C\u002Fli>\n\u003Cli>A way to keep your crawl policy clearer for humans and machines\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Technical reference for advanced users: Better Robots.txt also maintains a public \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FGautierDorval\u002Fbetter-robots-txt\" rel=\"nofollow noopener noreferrer ugc\">GitHub repository\u003C\u002Fa> with product definition, governance notes, and machine-readable artefacts.\u003C\u002Fp>\n\u003Ch3>What Better Robots.txt is not\u003C\u002Fh3>\n\u003Cp>Better Robots.txt is not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A firewall or Web Application Firewall (WAF)\u003C\u002Fli>\n\u003Cli>An anti-scraping enforcement engine\u003C\u002Fli>\n\u003Cli>A legal compliance engine\u003C\u002Fli>\n\u003Cli>A guarantee that every bot will obey your rules\u003C\u002Fli>\n\u003Cli>A replacement for server-level security or access control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It helps you publish a clearer crawl policy.\u003C\u002Fp>\n\u003Cp>It does not replace infrastructure-level protection.\u003C\u002Fp>\n\u003Ch3>Typical use cases\u003C\u002Fh3>\n\u003Cp>Use Better Robots.txt if you want to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Clean up a weak or noisy default robots.txt\u003C\u002Fli>\n\u003Cli>Reduce crawl waste on WordPress or WooCommerce\u003C\u002Fli>\n\u003Cli>Keep major search engines allowed while restricting other bots\u003C\u002Fli>\n\u003Cli>Control whether archive bots can snapshot your site\u003C\u002Fli>\n\u003Cli>Publish AI usage preferences more clearly\u003C\u002Fli>\n\u003Cli>Keep social preview bots allowed while limiting scrapers\u003C\u002Fli>\n\u003Cli>Review the final file before making it live\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Guided step-by-step wizard\u003C\u002Fli>\n\u003Cli>Preset-based setup: Essential, AI-First, Fortress, Custom\u003C\u002Fli>\n\u003Cli>Search engine visibility controls\u003C\u002Fli>\n\u003Cli>AI and LLM crawler governance\u003C\u002Fli>\n\u003Cli>AI usage signals support\u003C\u002Fli>\n\u003Cli>SEO tool crawler controls\u003C\u002Fli>\n\u003Cli>Bad bot and abusive crawler options\u003C\u002Fli>\n\u003Cli>Archive and Wayback access controls\u003C\u002Fli>\n\u003Cli>Spam, feed, and crawl trap cleanup\u003C\u002Fli>\n\u003Cli>WooCommerce crawl cleanup options\u003C\u002Fli>\n\u003Cli>CSS, JavaScript, and image crawling rules\u003C\u002Fli>\n\u003Cli>Social media preview crawler controls\u003C\u002Fli>\n\u003Cli>ads.txt and app-ads.txt allowance\u003C\u002Fli>\n\u003Cli>Optional llms.txt generation\u003C\u002Fli>\n\u003Cli>Consolidated output option\u003C\u002Fli>\n\u003Cli>Core WordPress protection rules remain visible and editable\u003C\u002Fli>\n\u003Cli>Final Review & Save preview screen\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>About the publisher\u003C\u002Fh4>\n\u003Cp>Better Robots.txt is developed and maintained by \u003Ca href=\"https:\u002F\u002Fpagup.com\u002F\" rel=\"nofollow ugc\">Pagup\u003C\u002Fa>, a digital readability firm based in Quebec, Canada. Pagup helps organizations become correctly understood by search engines, generative AI systems, and autonomous agents.\u003C\u002Fp>\n\u003Cp>The robots.txt file is the first surface that AI crawlers read when they discover a site. A well-structured robots.txt that references governance files such as llms.txt, ai-manifest.json, and interpretation policies helps AI systems understand your site faster and more accurately.\u003C\u002Fp>\n\u003Cp>Better Robots.txt is one component of a broader digital readability practice that includes \u003Ca href=\"https:\u002F\u002Fpagup.com\u002Fen\u002Fservices\u002Fsemantic-content-architecture\u002F\" rel=\"nofollow ugc\">semantic content architecture\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fpagup.com\u002Fen\u002Fservices\u002Fai-governance-and-machine-readability\u002F\" rel=\"nofollow ugc\">AI governance and machine readability\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fpagup.com\u002Fen\u002Fglossary\u002Finterpretive-seo\u002F\" rel=\"nofollow ugc\">interpretive SEO\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Part of the Pagup ecosystem\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpagup.com\u002F\" rel=\"nofollow ugc\">pagup.com\u003C\u002Fa> — Digital readability firm. Diagnostic, semantic architecture, AI governance.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgautierdorval.com\u002F\" rel=\"nofollow ugc\">gautierdorval.com\u003C\u002Fa> — Doctrine, canonical definitions, interpretive governance research.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Finterpretive-governance.org\u002F\" rel=\"nofollow ugc\">interpretive-governance.org\u003C\u002Fa> — Formal versioned standard for interpretive governance.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbetter-robots.com\u002F\" rel=\"nofollow ugc\">better-robots.com\u003C\u002Fa> — Documentation and resources for Better Robots.txt.\u003C\u002Fli>\n\u003C\u002Ful>\n","Replace the default WordPress robots.txt workflow with a smarter, structured version you can preview before publishing, with Free, Pro, and Premium ed &hellip;",6000,309648,90,102,"2026-03-31T13:59:00.000Z","5.0",[79,80,81,82,83],"ai-crawlers","bot-blocker","llms-txt","robots-txt","seo","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-robots-txt.3.0.1.zip","2023-02-14 00:00:00",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":13,"num_ratings":97,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":101,"tags":102,"homepage":106,"download_link":107,"security_score":108,"vuln_count":62,"unpatched_count":27,"last_vuln_date":109,"fetched_at":29},"vigilantor","VigilanTor","1.3.12","drew010","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrew010\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.torproject.org\u002F\" title=\"Tor\" rel=\"nofollow ugc\">Tor\u003C\u002Fa> is an invaluable tool for protecting free-speech, privacy, and preventing surveillance but when abused it can protect the identity of malicious users and make tracking their activities more difficult.  “Hackers” might use Tor to run security scans on your website or spam websites with comments and fake registrations.\u003C\u002Fp>\n\u003Cp>The purpose of this plugin is to give you the power to block certain Tor activity from your WordPress site.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block Tor users from registering on your site\u003C\u002Fli>\n\u003Cli>Allow Tor registrations, but flag them for review\u003C\u002Fli>\n\u003Cli>Block logins from Tor (useful for preventing brute force attacks and securing your admin panel)\u003C\u002Fli>\n\u003Cli>Block Tor users from posting comments to your site\u003C\u002Fli>\n\u003Cli>Block spammy pingbacks & trackbacks from Tor IP addresses\u003C\u002Fli>\n\u003Cli>Block Tor users from your entire WordPress site\u003C\u002Fli>\n\u003Cli>Permit access after solving a CAPTCHA (requires hCaptcha for WordPress plugin)\u003C\u002Fli>\n\u003Cli>Real-time blocking using the Tor DNS exit list service\u003C\u002Fli>\n\u003Cli>Near real time blocking using a cached blocklist which can be updated every 10 minutes or more\u003C\u002Fli>\n\u003Cli>Custom blocklist support.  Block IP addresses or host networks.\u003C\u002Fli>\n\u003Cli>Statistics to show how many Tor actions have been blocked by this plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is compatible with BuddyPress, the popular Login With Ajax plugin, and hCaptcha.\u003C\u002Fp>\n\u003Cp>If there is a feature missing that you would like, request it!\u003C\u002Fp>\n\u003Cp>If you opt to use the real-time blocking, each IP address looked up is cached for 5 minutes for efficiency.\u003C\u002Fp>\n\u003Cp>The Tor IP lists that are downloaded only contain “exit node” IP addresses so it is relatively small and the list is searched using a binary search so the plugin is very fast!\u003C\u002Fp>\n\u003Cp>This plugin also adds two shortcodes which can be used to display specific content to Tor or non-Tor users. Shortcode usage:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[tor_users]Hi, I see you're using Tor.  I support privacy and free-speech too! Visitors not using Tor will not see this message.[\u002Ftor_users]\n[non_tor_users]Defend yourself against tracking and surveillance. Circumvent censorship. Visit torproject.org to learn more. Visitors already using Tor will not see this message.[\u002Fnon_tor_users]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Support Tor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Tor is a great thing.  If you agree, consider \u003Ca href=\"https:\u002F\u002Fwww.torproject.org\u002Fgetinvolved\u002Fvolunteer.html.en\" rel=\"nofollow ugc\">volunteering\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.torproject.org\u002Fdonate\u002Fdonate.html.en\" rel=\"nofollow ugc\">donating\u003C\u002Fa> to the Tor project, or expand the Tor network by \u003Ca href=\"https:\u002F\u002Fdrew-phillips.com\u002Ftor-nodes\u002F\" rel=\"nofollow ugc\">sponsoring a Tor relay\u003C\u002Fa> which will be maintained by the plugin author.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support this plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The author of this plugin values Tor as well as the security of your website.  Considerable effort went into the development of this plugin as well as the code and infrastructure that provides you with the up-to-date exit lists.\u003C\u002Fp>\n\u003Cp>You can support this plugin by installing it, rating it positively, \u003Ca href=\"https:\u002F\u002Fdrew-phillips.com\u002Fdonate\u002F\" title=\"Donating\" rel=\"nofollow ugc\">donating\u003C\u002Fa> to the author, or \u003Ca href=\"https:\u002F\u002Fdrew-phillips.com\u002Ftor-nodes\u002F\" rel=\"nofollow ugc\">sponsoring a Tor relay\u003C\u002Fa> which will be operated by the plugin developer in your honor.\u003C\u002Fp>\n","Add a layer of security to your WordPress site with the ability to block Tor users from commenting, registering, logging in and more.",400,12034,12,"2023-10-19T19:59:00.000Z","6.3.8","4.0","5.6",[103,23,104,105,57],"comments","spam","tor","https:\u002F\u002Fdrew-phillips.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvigilantor.1.3.12.zip",85,"2023-03-21 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":62,"last_updated":121,"tested_up_to":16,"requires_at_least":101,"requires_php":18,"tags":122,"homepage":126,"download_link":127,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":128},"block-website-access-by-region-lite","Country Blocker and Geoblocker FREE","1.1.0","Simple Tools","https:\u002F\u002Fprofiles.wordpress.org\u002Fjimmyredline80\u002F","\u003Cp>\u003Cstrong>Country Blocker\u003C\u002Fstrong> is the easiest way to block website visitors by country, region, or IP address. No API keys required, no complicated setup – just activate, select countries to block, and protect your site instantly.\u003C\u002Fp>\n\u003Cp>Perfect for compliance, security, and content licensing:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>GDPR compliance\u003C\u002Fstrong> – Block EU countries to avoid cookie consent requirements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CCPA compliance\u003C\u002Fstrong> – Block California traffic if you can’t meet data privacy requirements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gambling & gaming sites\u003C\u002Fstrong> – Restrict access from prohibited jurisdictions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Streaming & licensed content\u003C\u002Fstrong> – Enforce geographic licensing restrictions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Financial services\u003C\u002Fstrong> – Block countries you’re not licensed to operate in\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce spam & attacks\u003C\u002Fstrong> – Block high-risk countries and VPN traffic\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Choose Country Blocker?\u003C\u002Fh3>\n\u003Cp>✅ \u003Cstrong>One-click setup\u003C\u002Fstrong> – No API keys or database downloads required\u003Cbr \u002F>\n✅ \u003Cstrong>Actually works\u003C\u002Fstrong> – Powered by our reliable geolocation server infrastructure\u003Cbr \u002F>\n✅ \u003Cstrong>VPN & proxy detection\u003C\u002Fstrong> – Optional blocking of VPNs, proxies, data centers, and hosting providers\u003Cbr \u002F>\n✅ \u003Cstrong>SEO friendly\u003C\u002Fstrong> – Automatically allows Google, Bing, and other search engine crawlers\u003Cbr \u002F>\n✅ \u003Cstrong>Won’t lock you out\u003C\u002Fstrong> – WordPress admin and login pages always remain accessible\u003Cbr \u002F>\n✅ \u003Cstrong>Privacy focused\u003C\u002Fstrong> – Minimal data storage with IP hashing for security\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Blocking & Access Control:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Block visitors from any country with a simple checkbox (250+ countries)\u003Cbr \u002F>\n* Optional VPN, proxy, and datacenter detection and blocking\u003Cbr \u002F>\n* Search engine crawler bypass (Google, Bing, DuckDuckGo, etc.)\u003Cbr \u002F>\n* Choose to allow or block visitors when country cannot be determined\u003Cbr \u002F>\n* Emergency bypass URL parameter for troubleshooting\u003Cbr \u002F>\n* WordPress admin and login pages are never blocked\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Geolocation:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Works instantly without API keys or configuration\u003Cbr \u002F>\n* Powered by our managed geolocation server (no setup required)\u003Cbr \u002F>\n* Cloudflare IP detection support\u003Cbr \u002F>\n* Supports proxy headers (X-Forwarded-For, X-Real-IP, CF-Connecting-IP)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Logging & Monitoring:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Track all blocked and allowed access attempts\u003Cbr \u002F>\n* View visitor country codes and decision reasons\u003Cbr \u002F>\n* Automatic log cleanup (configurable retention period)\u003Cbr \u002F>\n* Rate limiting to prevent log spam\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy & Security:\u003C\u002Fstrong>\u003Cbr \u002F>\n* IP addresses are hashed by default for privacy\u003Cbr \u002F>\n* GDPR and CCPA friendly minimal data storage\u003Cbr \u002F>\n* Configurable data retention policies\u003Cbr \u002F>\n* No tracking scripts or external cookies\u003C\u002Fp>\n\u003Ch3>Pro Version\u003C\u002Fh3>\n\u003Cp>Need more granular control? \u003Cstrong>Country Blocker Pro\u003C\u002Fstrong> includes:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Region-Level Blocking:\u003C\u002Fstrong>\u003Cbr \u002F>\n* 🇺🇸 Block specific US states (all 50 states + DC, Puerto Rico, Guam, US Virgin Islands)\u003Cbr \u002F>\n* 🇨🇦 Block Canadian provinces and territories\u003Cbr \u002F>\n* 🇬🇧 Block UK regions (England, Scotland, Wales, Northern Ireland)\u003Cbr \u002F>\n* 🇦🇺 Block Australian states and territories\u003Cbr \u002F>\n* 🇩🇪 Block German states (Bundesländer)\u003Cbr \u002F>\n* 🇮🇳 Block Indian states and union territories\u003Cbr \u002F>\n* 🇨🇳 Block Chinese provinces and municipalities\u003Cbr \u002F>\n* 🌍 Block entire continents with one click\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* IP whitelist – Never block specific IPs (supports CIDR notation)\u003Cbr \u002F>\n* IP blacklist – Always block specific IPs regardless of location\u003Cbr \u002F>\n* Custom block page with full color customization\u003Cbr \u002F>\n* Custom CSS editor for complete design control\u003Cbr \u002F>\n* Redirect blocked visitors to any URL\u003Cbr \u002F>\n* Advanced logging with CSV export\u003Cbr \u002F>\n* Smart log retention and database optimization\u003Cbr \u002F>\n* Priority email support\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.plugins-for-wp.com\u002Fproduct\u002Fcountry-blocker-and-geoblocker-pro\u002F\" rel=\"nofollow ugc\">Get Country Blocker Pro \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services for geolocation functionality and anonymous usage reporting. By using this plugin, you acknowledge that data will be sent to these third-party services.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>1. Geolocation Service\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>To determine a visitor’s country, the plugin sends the visitor’s IP address to our geolocation server:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simple Tools for WP Geolocation API\u003C\u002Fstrong>\u003Cbr \u002F>\n* Service: IP geolocation lookup\u003Cbr \u002F>\n* Data sent: Visitor IP address, your site URL\u003Cbr \u002F>\n* When: On each unique visitor’s first page load (cached for 24 hours)\u003Cbr \u002F>\n* Endpoint: https:\u002F\u002Fplugins-for-wp.com\u002Fwp-json\u002Fssp-geo\u002Fv1\u002Flookup\u003Cbr \u002F>\n* Privacy: IP addresses are processed only for geolocation purposes and are not stored permanently on our servers\u003Cbr \u002F>\n* Terms: https:\u002F\u002Fplugins-for-wp.com\u002Fterms\u002F\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fplugins-for-wp.com\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Anonymous Usage Statistics\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Twice daily the plugin sends aggregated blocking event statistics to our servers to help us monitor plugin health, improve geolocation accuracy, and understand how the plugin is being used:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simple Tools for WP Reporting API\u003C\u002Fstrong>\u003Cbr \u002F>\n* Service: Anonymous blocking event reporting\u003Cbr \u002F>\n* Data sent: Hashed visitor IP addresses (SHA-256, non-reversible), country codes, block\u002Fallow decisions, plugin version, WordPress version, PHP version, your site URL\u003Cbr \u002F>\n* When: Sent in batches twice daily (8 AM and 8 PM server time)\u003Cbr \u002F>\n* Endpoint: https:\u002F\u002Fplugins-for-wp.com\u002Fwp-json\u002Fssp-geo\u002Fv1\u002Freport-batch\u003Cbr \u002F>\n* Privacy: Hashed IPs cannot be reversed to identify individuals. No personally identifiable information is transmitted.\u003Cbr \u002F>\n* Terms: https:\u002F\u002Fplugins-for-wp.com\u002Fterms\u002F\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fplugins-for-wp.com\u002Fprivacy\u002F\u003Cbr \u002F>\n* Opt-out: To disable usage reporting for your site, contact support@plugins-for-wp.com\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Retention:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin stores minimal data on your WordPress database: hashed IP addresses (for rate limiting), country codes, access decisions (blocked\u002Fallowed), and timestamps. You can configure automatic log cleanup in settings. The plugin does not track individual visitors or create profiles.\u003C\u002Fp>\n\u003Ch3>Service Terms & Future Pricing\u003C\u002Fh3>\n\u003Cp>The geolocation service is currently provided free of charge. We are covering the server and infrastructure costs during this introductory period.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Future pricing may apply:\u003C\u002Fstrong> We reserve the right to introduce usage-based pricing for the geolocation service in the future. If pricing is introduced, it would be based on the number of geolocation requests your site makes to our servers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why this is permitted:\u003C\u002Fstrong> This plugin operates under a Software-as-a-Service (SaaS) model where the core functionality depends on our external geolocation servers. Under standard software licensing practices and the GPL license, while the plugin code itself is free and open source, external services that the plugin connects to may have their own terms, conditions, and pricing structures. This is similar to how many WordPress plugins offer free plugins that connect to paid external services (email marketing, backup storage, CDN services, etc.).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What this means for you:\u003C\u002Fstrong>\u003Cbr \u002F>\n* The plugin will continue to function as described\u003Cbr \u002F>\n* You will be notified in advance of any pricing changes\u003Cbr \u002F>\n* You are not obligated to continue using the service if pricing is introduced\u003Cbr \u002F>\n* Alternative geolocation solutions can be implemented if you choose not to use our service\u003C\u002Fp>\n\u003Cp>By installing and using this plugin, you acknowledge and accept these terms.\u003C\u002Fp>\n\u003Ch3>Privacy & Data Usage\u003C\u002Fh3>\n\u003Cp>This plugin is designed with privacy in mind:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>IP addresses are hashed by default before storage\u003C\u002Fli>\n\u003Cli>Only country codes and access decisions are logged, not full visitor profiles\u003C\u002Fli>\n\u003Cli>Logs can be automatically cleaned up after a configurable retention period\u003C\u002Fli>\n\u003Cli>No cookies are set on the visitor’s browser\u003C\u002Fli>\n\u003Cli>No tracking scripts are loaded\u003C\u002Fli>\n\u003Cli>Geolocation lookups are cached for 24 hours to minimize server requests\u003C\u002Fli>\n\u003Cli>Anonymous blocking statistics are sent twice daily using non-reversible hashed IPs\u003C\u002Fli>\n\u003Cli>To opt out of anonymous reporting, contact support@plugins-for-wp.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For GDPR compliance, the plugin blocks visitors from specified countries, which may reduce your data collection obligations. However, you should still review your complete privacy obligations with a legal professional.\u003C\u002Fp>\n","Block visitors by country in one click. Geo blocker with VPN detection, IP blocking & country restrictions. GDPR & CCPA compliance made easy.",80,1786,20,"2026-04-05T22:42:00.000Z",[123,124,125,55,58],"country-blocker","gdpr","geo-blocking","https:\u002F\u002Fplugins-for-wp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-website-access-by-region-lite.zip","2026-04-06T09:54:40.288Z",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":118,"downloaded":137,"rating":13,"num_ratings":62,"last_updated":138,"tested_up_to":139,"requires_at_least":51,"requires_php":18,"tags":140,"homepage":144,"download_link":145,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"fense-block-vpn-proxy","Fense Proxy & VPN Blocker","2.9.0","Devozon","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevozon\u002F","\u003Ch4>Fense Proxy & VPN Blocker In Brief\u003C\u002Fh4>\n\u003Cp>Using the \u003Ca href=\"https:\u002F\u002FFense.in\u002F\" rel=\"nofollow ugc\">Fense\u003C\u002Fa> API this plugin will prevent Proxies, Tor, VPN’s select Countries from accessing your WordPress Website (or the whole site!), and also prevent them from making comments on your pages and posts. This will also help to prevent spammers as many of them use Proxies to hide their true location.\u003C\u002Fp>\n\u003Ch4>Main Blocking Features\u003C\u002Fh4>\n\u003Cp>Below is a list of the main blocking features supported by this plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block Proxies, SOCKS4\u002F4a & SOCKS5\u002F5h, The Onion Router (TOR), Web Proxies and Compromised Servers.\u003C\u002Fli>\n\u003Cli>Support for Cloudflare.\u003C\u002Fli>\n\u003Cli>Optionally block VPN’s.\u003C\u002Fli>\n\u003Cli>TLS Support for secure communication with the Fense.in API.\u003C\u002Fli>\n\u003Cli>Block select Countries and\u002For Continents by selecting them in a list.\u003C\u002Fli>\n\u003Cli>Both IPv4 and IPv6 supported.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Added Extras\u003C\u002Fh4>\n\u003Cp>Fense Proxy & VPN Blocker has gone much further than just providing the basic API features of Fense.in. It has country blocking baked right in, an API Key statistics page for ease of use, providing the Dashboard API is enabled on your Fense.in account. This is so you can manage most things from within WordPress and don’t have to log in to Fense.in.\u003C\u002Fp>\n\u003Ch4>Customisation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can specify the blocked message shown if a custom Block page isn’t specified.\u003C\u002Fli>\n\u003Cli>You can specify a custom tag text that will be shown instead of the url the query was made from, in your positive detection log.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>The Fense.in API\u003C\u002Fh4>\n\u003Cp>This plugin can be used with a \u003Ca href=\"https:\u002F\u002FFense.in\" rel=\"nofollow ugc\">Fense.in\u003C\u002Fa> API key, however it would be limited to 1000 daily queries. You can get a free API key from Fense.in that allows for 1000 free daily queries, ideal for small WordPress sites!\u003C\u002Fp>\n\u003Cp>There are paid higher query options available, Please see below how the free and paid API options work.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Free Users with an API Key = 1,000 Daily Queries.\u003C\u002Fli>\n\u003Cli>Paid Users with an API Key = 10,000 to 10.24 Million+ Daily Queries.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy Notice\u003C\u002Fh4>\n\u003Cp>This plugin is designed to work with the Fense.in API and by extension of this, the IP addresses of your site visitors are sent to the API to be checked. No other user identifiable information is transmitted. Please refer to the Fense.in \u003Ca href=\"https:\u002F\u002FFense.in\u002Fprivacy-policy\" rel=\"nofollow ugc\">privacy notice\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002FFense.in\u002Fgdpr\" rel=\"nofollow ugc\">GDPR Compliance\u003C\u002Fa> for further information. The plugin developer does not have access to information that identifies your website users.\u003C\u002Fp>\n\u003Cp>This plugin Also can serve flag svg Images for example https:\u002F\u002Ffense.in\u002Fflags\u002F4×3\u002Fus.svg from domain fense.in and also inorder for our service plugin to work you need a free account from fense.in website to get an api key .Fense designed to block proxy, VPN, and secure websites. Users should be aware of the following information regarding the use of this service:\u003C\u002Fp>\n\u003Ch3>External Service Details\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name:\u003C\u002Fstrong> fense\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Ffense.in\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Ffense.in\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Ffense.in\u002Fterms-of-service\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Ffense.in\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>our Api Will look like\u003Cbr \u002F>\nhttps:\u002F\u002Fapi.fense.in\u002F[API KEY]\u002F[IP address]\u003Cbr \u002F>\nhttps:\u002F\u002Ffense.in\u002Fwp\u002F[API KEY]\u003C\u002Fp>\n\u003Cp>our Images look like\u003Cbr \u002F>\nhttps:\u002F\u002Ffense.in\u002Fflags\u002F4×3\u002Fus.svg\u003C\u002Fp>\n\u003Ch3>Usage Conditions\u003C\u002Fh3>\n\u003Cp>This Plugin utilizes the “fense” service in the following conditions:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Proactive Proxies, VPNs, … :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fense employs advanced algorithms to detect and block access attempts from proxies, VPNs, and Tor networks. By doing so, it stops malicious actors in their tracks, making your website a less appealing target for nefarious activities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Geolocation Blocking:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ability to block entire countries from accessing your website. This can be a game-changer for businesses that want to limit their online presence to specific geographic regions while safeguarding their data from potential threats in other areas.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Referrer-Based Blocking:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fense allows you to filter visitors based on the websites they’re coming from. If your analytics show that your website is receiving visits from harmful sources, you can quickly block traffic originating from those domains, reducing the risk of malicious activities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Real-Time Threat Analysis:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fense is constantly updated to keep up with the ever-evolving landscape of online threats. This means you’re always protected against the latest proxy, VPN, Tor, and other harmful traffic sources.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User-Friendly WordPress Integration:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>For many website owners, the heart of their online presence lies within WordPress. Fense recognizes this and offers a seamless integration through a dedicated plugin, ensuring that users can set up and manage their website’s security effortlessly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>This plugin is made by Fense.in d, if you need support with the Fense Proxy & VPN Blocker plugin please use the WordPress Support page\u003C\u002Fp>\n\u003Ch4>Supporting The Plugin\u003C\u002Fh4>\n\u003Cp>Coding a plugin is a lot of hard work and any support from plugin users like you is very much welcomed. Contributions will help with encouragement to continually improve the plugin. Feedback and feature ideas are welcomed too!\u003C\u002Fp>\n","Blocks Proxies, VPN's, IP's, Ranges & ASN's accessing your site login or commenting on pages & posts using the Fense.in API.",3060,"2025-08-15T14:47:00.000Z","6.8.5",[141,142,143,23,54],"adsense","devozon","fense","https:\u002F\u002Ffense.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffense-block-vpn-proxy.2.9.0.zip",{"attackSurface":147,"codeSignals":188,"taintFlows":407,"riskAssessment":434,"analyzedAt":441},{"hooks":148,"ajaxHandlers":184,"restRoutes":185,"shortcodes":186,"cronEvents":187,"entryPointCount":27,"unprotectedCount":27},[149,155,159,164,167,170,173,177,181],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","admin_notices","show_badge_or_status_notice","includes\\class-vpn-admin-badge.php",28,{"type":150,"name":156,"callback":157,"file":153,"line":158},"admin_enqueue_scripts","enqueue_admin_assets",31,{"type":150,"name":160,"callback":161,"file":162,"line":163},"admin_menu","register_menu","includes\\class-vpn-admin.php",11,{"type":150,"name":165,"callback":166,"file":162,"line":97},"admin_init","register_settings",{"type":150,"name":156,"callback":168,"file":162,"line":169},"enqueue_assets",13,{"type":150,"name":165,"callback":171,"file":162,"line":172},"redirect_to_settings",18,{"type":150,"name":174,"callback":175,"file":162,"line":176},"wp_footer","maybe_render_footer_badge",19,{"type":150,"name":151,"callback":178,"file":179,"line":180},"maybe_show_badge_prompt","includes\\class-vpn-footer-badge-nudge.php",68,{"type":150,"name":151,"callback":182,"file":183,"line":169},"maybe_show_review_prompt","includes\\class-vpn-review-nudge.php",[],[],[],[],{"dangerousFunctions":189,"sqlUsage":190,"outputEscaping":200,"fileOperations":62,"externalRequests":27,"nonceChecks":405,"capabilityChecks":405,"bundledLibraries":406},[],{"prepared":191,"raw":33,"locations":192},23,[193,197],{"file":194,"line":195,"context":196},"includes\\class-vpn-activator.php",196,"$wpdb->query() with variable interpolation",{"file":198,"line":199,"context":196},"includes\\class-vpn-logger.php",220,{"escaped":201,"rawEcho":202,"locations":203},36,105,[204,207,209,211,213,215,216,217,219,221,223,225,227,229,231,233,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,329,330,332,334,336,338,339,341,343,345,347,349,351,352,354,356,358,360,362,364,366,367,369,371,372,374,376,377,378,380,383,385,387,389,391,393,395,397,399,401,403],{"file":162,"line":205,"context":206},258,"raw output",{"file":162,"line":208,"context":206},262,{"file":162,"line":210,"context":206},293,{"file":162,"line":212,"context":206},324,{"file":162,"line":214,"context":206},325,{"file":162,"line":214,"context":206},{"file":162,"line":214,"context":206},{"file":162,"line":218,"context":206},326,{"file":162,"line":220,"context":206},327,{"file":162,"line":222,"context":206},330,{"file":162,"line":224,"context":206},334,{"file":162,"line":226,"context":206},335,{"file":162,"line":228,"context":206},336,{"file":162,"line":230,"context":206},339,{"file":162,"line":232,"context":206},341,{"file":162,"line":232,"context":206},{"file":162,"line":235,"context":206},352,{"file":162,"line":237,"context":206},354,{"file":162,"line":239,"context":206},359,{"file":162,"line":241,"context":206},561,{"file":162,"line":243,"context":206},565,{"file":162,"line":245,"context":206},566,{"file":162,"line":247,"context":206},570,{"file":162,"line":249,"context":206},609,{"file":162,"line":251,"context":206},616,{"file":162,"line":253,"context":206},618,{"file":162,"line":255,"context":206},669,{"file":162,"line":257,"context":206},670,{"file":162,"line":259,"context":206},677,{"file":162,"line":261,"context":206},735,{"file":162,"line":263,"context":206},743,{"file":162,"line":265,"context":206},751,{"file":162,"line":267,"context":206},756,{"file":162,"line":269,"context":206},764,{"file":162,"line":271,"context":206},772,{"file":162,"line":273,"context":206},777,{"file":162,"line":275,"context":206},801,{"file":162,"line":277,"context":206},813,{"file":162,"line":279,"context":206},834,{"file":162,"line":281,"context":206},850,{"file":162,"line":283,"context":206},865,{"file":162,"line":285,"context":206},881,{"file":162,"line":287,"context":206},888,{"file":162,"line":289,"context":206},895,{"file":162,"line":291,"context":206},898,{"file":162,"line":293,"context":206},901,{"file":162,"line":295,"context":206},902,{"file":162,"line":297,"context":206},906,{"file":162,"line":299,"context":206},916,{"file":162,"line":301,"context":206},918,{"file":162,"line":303,"context":206},920,{"file":162,"line":305,"context":206},921,{"file":162,"line":307,"context":206},924,{"file":162,"line":309,"context":206},927,{"file":162,"line":311,"context":206},928,{"file":162,"line":313,"context":206},929,{"file":162,"line":315,"context":206},930,{"file":162,"line":317,"context":206},949,{"file":162,"line":319,"context":206},955,{"file":162,"line":321,"context":206},972,{"file":162,"line":323,"context":206},973,{"file":162,"line":325,"context":206},974,{"file":162,"line":327,"context":206},975,{"file":162,"line":327,"context":206},{"file":162,"line":327,"context":206},{"file":162,"line":331,"context":206},976,{"file":162,"line":333,"context":206},977,{"file":162,"line":335,"context":206},978,{"file":162,"line":337,"context":206},980,{"file":162,"line":337,"context":206},{"file":162,"line":340,"context":206},982,{"file":162,"line":342,"context":206},983,{"file":162,"line":344,"context":206},1001,{"file":162,"line":346,"context":206},1011,{"file":162,"line":348,"context":206},1013,{"file":162,"line":350,"context":206},1026,{"file":162,"line":350,"context":206},{"file":162,"line":353,"context":206},1093,{"file":162,"line":355,"context":206},1131,{"file":179,"line":357,"context":206},197,{"file":179,"line":359,"context":206},198,{"file":179,"line":361,"context":206},205,{"file":179,"line":363,"context":206},210,{"file":179,"line":365,"context":206},211,{"file":179,"line":365,"context":206},{"file":179,"line":368,"context":206},212,{"file":179,"line":370,"context":206},215,{"file":179,"line":370,"context":206},{"file":179,"line":373,"context":206},216,{"file":179,"line":375,"context":206},219,{"file":179,"line":199,"context":206},{"file":179,"line":199,"context":206},{"file":179,"line":379,"context":206},221,{"file":381,"line":382,"context":206},"templates\\vpn-block-page.php",62,{"file":381,"line":384,"context":206},67,{"file":381,"line":386,"context":206},76,{"file":381,"line":388,"context":206},77,{"file":381,"line":390,"context":206},81,{"file":381,"line":392,"context":206},86,{"file":381,"line":394,"context":206},122,{"file":381,"line":396,"context":206},135,{"file":381,"line":398,"context":206},139,{"file":381,"line":400,"context":206},155,{"file":381,"line":402,"context":206},156,{"file":381,"line":404,"context":206},160,3,[],[408,426],{"entryPoint":409,"graph":410,"unsanitizedCount":27,"severity":425},"render_settings_page (includes\\class-vpn-admin.php:673)",{"nodes":411,"edges":422},[412,417],{"id":413,"type":414,"label":415,"file":162,"line":416},"n0","source","$_GET (x4)",728,{"id":418,"type":419,"label":420,"file":162,"line":261,"wp_function":421},"n1","sink","echo() [XSS]","echo",[423],{"from":413,"to":418,"sanitized":424},true,"low",{"entryPoint":427,"graph":428,"unsanitizedCount":27,"severity":425},"\u003Cclass-vpn-admin> (includes\\class-vpn-admin.php:0)",{"nodes":429,"edges":432},[430,431],{"id":413,"type":414,"label":415,"file":162,"line":416},{"id":418,"type":419,"label":420,"file":162,"line":261,"wp_function":421},[433],{"from":413,"to":418,"sanitized":424},{"summary":435,"deductions":436},"The \"vpn-guard\" v1.0.5 plugin demonstrates a generally good security posture, with no known vulnerabilities or critical issues identified in the static analysis. The absence of CVEs in its history and the low severity of taint flows are positive indicators. The plugin also shows good practice in using prepared statements for most SQL queries and includes nonce and capability checks on its limited entry points. However, a significant concern lies in the low percentage of properly escaped output (26%). This suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data could be injected into the output without proper sanitization, potentially leading to malicious code execution in the user's browser. The presence of file operations, while only one instance, warrants scrutiny to ensure it's not susceptible to arbitrary file read or write vulnerabilities. The small attack surface and limited entry points are strengths, but the output escaping issue overshadows these.",[437,439],{"reason":438,"points":14},"Low percentage of properly escaped output",{"reason":440,"points":405},"Presence of file operations","2026-03-16T20:06:22.896Z",{"wat":443,"direct":467},{"assetPaths":444,"generatorPatterns":459,"scriptPaths":460,"versionParams":461},[445,446,447,448,449,450,451,452,453,454,455,456,457,458],"\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fcache\u002Fclass-vpn-cache-handler.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fapi\u002Fproviders\u002Fip-detection-api.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fapi\u002Fproviders\u002Fvpnapiio-api.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-activator.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-admin-badge.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-admin.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-detector.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-footer-badge-nudge.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-logger.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-review-nudge.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-security.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fclass-vpn-scheduler.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fvpn-functions.php","\u002Fwp-content\u002Fplugins\u002Fvpn-guard\u002Fincludes\u002Fvpn-targeting-functions.php",[],[],[462,463,464,465,466],"vpn-guard\u002Fstyle.css?ver=","vpn-guard\u002Fassets\u002Fcss\u002Fadmin-style.css?ver=","vpn-guard\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","vpn-guard\u002Fassets\u002Fjs\u002Fadmin-script.js?ver=","vpn-guard\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":468,"htmlComments":470,"htmlAttributes":471,"restEndpoints":473,"jsGlobals":477,"shortcodeOutput":480},[469],"vpngd-admin-menu-icon",[],[472],"data-vpngd-action",[474,475,476],"\u002Fwp-json\u002Fvpngd\u002Fv1\u002Fupdate-settings","\u002Fwp-json\u002Fvpngd\u002Fv1\u002Fget-settings","\u002Fwp-json\u002Fvpngd\u002Fv1\u002Fcheck-ip",[478,479],"vpngd_settings","vpngd_ajax_object",[],{"error":424,"url":482,"statusCode":483,"statusMessage":484,"message":484},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fvpn-guard\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":486},[]]