A WordPress plugin that will block any spams, login attempts and malicious access to the admin area posted from outside your nation.
There are some cases of a site being infected. The first one is the case that contaminated files are uploaded via FTP or some kind of uploaders. In this case, scaning and verifing integrity of files in your site is useful to detect the infection.
The second one is cracking of the login username and password. In this case, the rule of right is to strengthen the password.
The third one is caused by malicious access to the core files. The major issue
in this case is that a plugin or theme in your site can potentially have some
vulnerability such as XSS, CSRF, SQLi, LFI and so on. For example, if a plugin
has vulnerability of Local File Inclusion (LFI), the attackers can easily
wp-config.php without knowing the username and password by
on their browser.
For these cases, the protection based on the IP address is not a perfect solution for everyone. But for some site owners or some certain cases such as 'zero-day attack', it can still reduce the risk of infection against the specific attacks.
That's why this plugin is here.
This plugin will examine a country code based on the IP address. If a comment, pingback or trackback comes from the specific country, it will be blocked before Akismet validate it.
With the same mechanism, it will fight against burst access of brute-force and reverse-brute-force attacks to the login form, XML-RPC and admin area.
Access to the basic and important entrances into the back-end such as
wp-admin/admin-post.php will be validated by
means of a country code based on IP address.
In order to prevent the invasion through the login form and XML-RPC against the brute-force and the reverse-brute-force attacks, the number of login attempts will be limited per IP address. This feature is independent of the country code.
Besides the country code, the original new feature 'Zero-day
Exploit Prevention for wp-admin' (WP-ZEP) is now available to block
malicious access to
wp-admin/admin-post.php. It will protect against certain types of attack
such as CSRF, SQLi and so on even if you have some
in your site. Because this is an experimental feature, please open an issue at
if you have any troubles. I'll be profoundly grateful your contribution to
improve this feature.
HTTP Response code can be selected as
403 Forbidden to deny access pages,
404 Not Found to hide pages or even
200 OK to redirect to the top page.
Referer silencer for external link. When you click an external hyperlink on admin screen, http referer will be suppressed to hide a footprint of your site.
Validation logs will be recorded into MySQL data table to analyze posting pattern under the specified condition.
Free IP Geolocation database and REST APIs are installed into this plugin to get a country code from an IP address. There are two types of API which support only IPv4 or both IPv4 and IPv6. This plugin will automatically select an appropriate API.
A cache mechanism with transient API for the fetched IP addresses has been equipped to reduce load on the server against the burst accesses with a short period of time.
MaxMind GeoLite free database for IPv4 and IPv6 will be downloaded and updated (once a month) automatically. And if you have correctly installed one of the IP2Location plugins ( IP2Location Tags, IP2Location Variables, IP2Location Country Blocker ), this plugin uses its local database prior to the REST APIs.
This plugin is simple and lite enough to be able to cooperate with other full spec security plugin such as Wordfence Security (because the function of country bloking is available only for premium users).
You can customize the basic behavior of this plugin via
pre-defined filter hook. See various use cases in
bundled within this package.
Also thanks for providing the following great services and REST APIs for free.
Development of this plugin is promoted on GitHub. All contributions will always be welcome.
Requires: 3.7 or higher
Compatible up to: 4.1.1
Last Updated: 2015-3-23
Active Installs: 800+
6 of 6 support threads in the last two months have been resolved.
Got something to say? Need help?