It blocks any spams, login attempts and malicious access to the admin area posted from outside your nation, and also prevents zero-day exploit.
rewrite.phpfor the advanced use case.
This is a maintenance release.
block by country (register, lost password). In this release, the login-fail-counter works correctly.
Admin ajax/postwere influential with each other. Now each of those works individually.
IP_GEO_BLOCK_DEBUGto reduce 1 query on admin screen.
PHP Fatal error: Call to undefined functionin
IP2Location.phpwhen IPv6 is specified.
Block by country (register, lost password)at
Settingstab in order to accept the registered users as membership from anywhere but block the request of new user ragistration and lost password by the country code. Is't suitable for BuddyPress and bbPress.
403.phpin the theme template directory or in the child theme directory is used if it exists. And new filter hooks
ip-geo-block-(comment|xmlrpc|login|admin)-(status|reason)are available to customize the response code and reason for human.
ip-geo-block-(admin-actions|admin-pages|wp-content). Alternatively new filter hooks
ip-geo-block-bypass-(admins|plugins|themes)are added to bypass WP-ZEP.
ip-geo-block-backup-dirdid not work correctly because the order of argument was mismatched.
init) than this plugin (previously
get_geolocation()method at a time of when the cache of IP address is cleared.
ip-geo-block-admin-actionsfor safe actions on back-end.
wp-admin/admin-post.phpas a validation target in the
Admin area. This feature is to protect against a vulnerability such as Analysis of the Fancybox-For-WordPress Vulnerability on Sucuri Blog.
*(masked password) which is logged into the database.
xmlrpc.phpand admin area. This is an experimental function and can be enabled on
Settingstab. Malicious access can try to login only 5 times per IP address. This retry counter can be reset to zero by
$_SERVER keys for extra IPsinto options to validate additional IP addresses.
xmlrpc.phpand new option to validate all the IP addresses in HTTP_X_FORWARDED_FOR.
login.phpand admin area will be also validated for security purpose.
Save statisticsis enabled.
ip-geo-block-validatewas discontinued. Instead of it, the new filter hook
WordPress/3.9.2; http://example.com/) becomes to its own (
WordPress/3.9.2; ip-geo-block 1.1.0).
apply_filters()to be able to change headers.
Requires: 3.7 or higher
Compatible up to: 4.3.1
Last Updated: 2015-10-7
Active Installs: 3,000+
5 of 6 support threads in the last two months have been resolved.
Got something to say? Need help?