WordPress.org

Plugin Directory

IP Geo Block

It blocks any spams, login attempts and malicious access to the admin area posted from outside your nation, and also prevents zero-day exploit.

Using The WordPress Dashboard

  1. Navigate to the 'Add New' in the plugins dashboard
  2. Search for 'IP Geo Block'
  3. Click 'Install Now'
  4. Activate the plugin on the Plugin dashboard

Geolocation API settings

  • API selection and key settings
    If you wish to use IPInfoDB, you should register at their site to get a free API key and set it into the textfield. And ip-api.com and Smart-IP.net require non-commercial use.

Validation settings

  • Comment post
    Validate post to wp-comment-post.php. Comment post and trackback will be validated.

  • XML-RPC
    Validate access to xmlrpc.php. Pingback and other remote command with username and password will be validated.

  • Login form
    Validate access to wp-login.php.

  • Admin area
    Validate access to wp-admin/*.php.

  • Admin ajax/post
    Validate access to wp-admin/admin-(ajax|post)*.php.

  • Plugins area
    Validate direct access to plugins. Typically wp-content/plugins/…/*.php.

  • Themes area
    Validate direct access to themes. Typically wp-content/themes/…/*.php.

  • $_SERVER keys for extra IPs
    Additional IP addresses will be validated if some of keys in $_SERVER variable are specified in this textfield. Typically HTTP_X_FORWARDED_FOR.

  • Matching rule
    Choose White list (recommended) or Black list to specify the countries from which you want to pass or block.

  • White list, Black list
    Specify the country code with two letters (see ISO 3166-1 alpha-2 ). Each of them should be separated by comma.

  • Response code
    Choose one of the response code to be sent when it blocks a comment. The 2xx code will lead to your top page, the 3xx code will redirect to Black Hole Server, the 4xx code will lead to WordPress error page, and the 5xx will pretend an server error.

Record settings

  • Record validation statistics
    If Enable, you can see Statistics of validation on Statistics tab.

  • Record validation logs
    If you choose anything but Disable, you can see Validation logs on Logs tab.

  • $_POST keys in logs
    Normally, you can see just keys at $_POST data: on Logs tab. If you put some of interested keys into this textfield, you can see the value of key like key=value.

Maxmind GeoLite settings

  • Auto updating (once a month) If Enable, Maxmind GeoLite database will be downloaded automatically by WordPress cron job.

Submission settings

  • Text position on comment form
    If you want to put some text message on your comment form, please choose Top or Bottom and put text into the Text message on comment form textfield.

Cache settings

  • Number of entries
    Maximum number of IPs to be cached.

  • Expiration time [sec]
    Maximum time in sec to keep cache.

Plugin settings

  • Remove settings at uninstallation
    If you checked this option, all settings will be removed when this plugin is uninstalled for clean uninstalling.

Requires: 3.7 or higher
Compatible up to: 4.3
Last Updated: 2015-8-20
Active Installs: 2,000+

Ratings

4.5 out of 5 stars

Support

6 of 7 support threads in the last two months have been resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

1 person says it works.
0 people say it's broken.

100,1,1
100,1,1