Proxy & VPN Blocker

Description

Proxy & VPN Blocker In Brief

Using the proxycheck.io API this plugin will prevent Proxies, Tor, VPN’s, IP Addresses, Ranges or ASN’s & select Countries from accessing your WordPress Login, Registration pages, Select Pages and Posts (or the whole site!), and also prevent them from making comments on your pages and posts. This will also help to prevent spammers as many of them use Proxies to hide their true location.

Main Blocking Features

Below is a list of the main blocking features supported by this plugin.

  • Block Proxies, SOCKS4/5, The Onion Router (TOR), Web Proxies and Compromised Servers.
  • Optionally block VPN’s.
  • Support for Cloudflare.
  • TLS Support for communication with the API.
  • Block select Countries by selecting them in a list.
  • Caching of known good IP addresses for half an hour after the first check to save on repeat queries (and slowing down good visitors).

Note: By default blocking happens on Login, Registration, WP-Admin area, posting comments and pingbacks but you can extend this to blocking on any specified page or even on a specific Div class.

Added Extras

Proxy & VPN Blocker has gone much further than just providing the basic API features of proxycheck.io. It has country blocking baked right in, an API Key statistics page and proxycheck.io Whitelist and Blacklist manipulation right from your WordPress Dashboard for ease of use, providing the Dashboard API is enabled on your proxycheck.io account. This is so you can manage most things from within WordPress and don’t have to log in to proxycheck.io.

Customisation

  • You can specify a list of pages and postd to protect in addition to what is protected by default.
  • You can select a specific page on your site as the Blocked page rather than the default message page.
  • You can specify the blocked message shown if a custom Block page isn’t specified.
  • You can specify a custom tag text that will be shown instead of the url the query was made from, in your positive detection log.

The proxycheck.io API

This plugin can be used without a proxycheck.io API key, however it would be limited to 100 daily queries. You can get a free API key from proxycheck.io that allows for 1000 free daily queries, ideal for small WordPress sites!

There are paid higher query options available, Please see below how the free and paid API options work.

  • Free Users without an API Key = 100 Daily Queries.
  • Free Users with an API Key = 1,000 Daily Queries.
  • Paid Users with an API Key = 10,000 to 10.24 Million+ Daily Queries.

You are not limited to using your API key on one site or application.

Caching Plugin Notice

If your WordPress site is using a caching plugin (WP Rocket, WP Super Cache etc) Blocking on All Pages and Hiding Specific Div’s (Anti Click-bombing) will not function due to how caching plugins work.

Privacy Notice

This plugin is designed to work with the proxycheck.io API and by extension of this, the IP addresses of your site visitors are sent to the API to be checked. No other user identifiable information is transmitted. Please refer to the proxycheck.io privacy notice and GDPR Compliance for further information. The plugin developer does not have access to information that identifies your website users.

Disclaimer

This plugin is not made by proxycheck.io despite being recommended by the company, if you need support with the Proxy & VPN Blocker plugin please use the WordPress Support page for this plugin and not proxycheck.io support on their website, unless you have a query relating to the proxycheck.io API, service or your account. Likewise the plugin developer does not provide support for issues relating to your proxycheck.io account or the API. The plugin developer and proxycheck.io are not the same entity. Logo used with express permission.

Supporting The Plugin

Coding a plugin is a lot of hard work and any support from plugin users like you is very much welcomed. Contributions will help with encouragement to continually improve the plugin. Feedback and feature ideas are welcomed too!

Screenshots

  • Options UI.
  • Default Error message shown when a proxy or vpn is detected, this can be changed in the options.
  • Error message example if you opt to use a page within your site's theme.
  • API Key Stats page.
  • Whitelist manipulation page. The blacklist page looks similar to this.

Installation

Installing “Proxy & VPN Blocker” can be done either by searching for “Proxy & VPN Blocker” via the “Plugins > Add New” screen in your WordPress dashboard, or by using the following steps:

  1. Download the plugin via WordPress.org
  2. Upload the ZIP file through the ‘Plugins > Add New > Upload’ screen in your WordPress dashboard
  3. Activate the plugin through the ‘Plugins’ menu in WordPress

FAQ

What is proxycheck.io?

Proxycheck.io is a simple, accurate and reliable API for the detection and blocking of people using Proxies, Tor & VPN servers.

Blocking Proxies and VPN’s on all pages?

Although this plugin has an option to block Proxies & VPN’s on all pages, this option is not generally recommended due to significantly higher query usage, but was added on user request.

It is important to note that if you are using a WordPress caching plugin (eg WP Super Cache, WP Rocket, W3 Total Cache and many others), these will prevent the Proxy or VPN from being blocked if you are using ‘Block on all pages’ as the caching plugin will likely serve the visitor a static cached version of your website pages. As the cached pages are served by the caching plugin in static HTML, the code for proxy detection will not run on these cached pages. This won’t affect the normal protections this plugin provides for Log-in, Registration and commenting.

Restricting A section of a page?

Anti Click-Bombing is a rudimentary form of preventing clicking of ads while on a Proxy or VPN, the specific Div class you can use to hide these is ‘pvb-protect-div’. This will not work if a page caching plugin is used, just as Block on All Pages cannot.

I accidently locked myself out by blocking my own country, what do I do?

The fix is simple, upload a .txt file called disablepvb.txt to your wordpress root directory, PVB looks for this file when the proxy and VPN checks are made, if the file exists it will prevent the plugin from contacting the proxycheck.io API. You will now be able to log in and remove your country in the PVB Settings.

Remember: If you ever have to do this, delete the disablepvb.txt file after you are done! If you don’t remove it, the plugin wont be protecting your site.

Reviews

So far so good

I am using a VPN and immediately got blocked. What's awesome is that the plugin seems to be able to handle Cloudflare and caching in general. It's my first day, I might add to this review.

Thanks for the plugin

For me this plugin has worked wonders as I really needed to block some notorious people. I even donated to the author a small amount to encourage him keep the good work going. Best of luck to the author

Worthless

Completely and totally worthless. Install it, set it up to block all pages, Google up Proxy and every single one of them still works. Don't waste your time.
Read all 6 reviews

Contributors & Developers

“Proxy & VPN Blocker” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Proxy & VPN Blocker” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.5.1

  • 2019-04-13
  • Bug fix for PHP Error on statistics page if API key is not specified.
  • Updated readme and some text on the plugin settings page.

1.5.0

  • 2019-03-31
  • Added ability to block on specified posts.
  • Updated text descriptions for some settings to make it more clear as to what the setting does.
  • Improved performance of API Key Statistics Page and new statistics table with pagination.
  • Code cleanup and refinements.

1.4.0

  • 2018-08-15
  • added option to allow blocking on specified pages (in addition to the core protection of wordpress, registration, login, admin area, commenting etc).
  • added proxycheck.io blacklist & whitelist control to the plugin settings
  • added option to redirect blocked users to your own custom page.
  • Added a rudimentary Anti Click-Bombing feature to enable the protection of ads or other content if you wrap it in the html div class ‘pvb-protect-div’. Not compatible with Block on all pages or if a page caching plugin is used.
  • Fixed an issue where WordPress cron tasks could potentially be blocked from running on certain hosts which are detected as a Proxy or VPN.
  • Removed the Custom Tag Switch (Checkbox) from the plugin options page, status of custom tagging is now determined by whether the Custom Tag field contains any text.
  • Updated Plugin logo and admin panel UI.

1.3.2

  • 2018-06-27
  • Fixed an issue where the Cloudflare option was the reverse on servers that don’t support X-Forwarded-For headers used by Cloudflare – If you had the plugin Cloudflare switch set to “on” on such servers it was doing the opposite and not supporting Cloudflare and “off” was the Cloudflare supporting state. If you had the Cloudflare option set to “off” to fix this issue while using Cloudflare, please set it back to “on” after this update.

1.3.1

  • 2018-05-16
  • fixed an issue where the plugin was not setting its new version number to the database on update.
  • fixed a minor issue with percentages not being rounded on the information page.

1.3.0

  • 2018-05-15
  • Added the ability to block entire countries if desired, this uses the proxycheck.io data to determine location of the visitor, but note that this will not show up in your statistics due to this check being done within the plugin.
  • Altered the API Key Information page to display key, proxycheck.io plan, Queries remaining today, and 30 days stats in a line graph.
  • Fixed a minor issue effecting PHP versions prior to v5.6 on the API key Information page, although the plugin is made for PHP v5.6+ this fixes the bug on prior versions on this page.

1.2.1

  • 2018-05-01
  • Known good IP addresses will now get cached for 30 minutes this is to reduce API Queries and site latency on rechecks for legitimate users. Proxy and VPN IP’s will not get cached and will be rechecked every time they attempt to visit protected pages.
  • Fixed caching issue where Denied pages could potentially be served to other people using the site when ‘block on all pages’ is enabled while using a Cache Plugin.
  • Added warning about Block On All Pages and the use of page caching plugins, please see the FAQ.
  • Improved the styling of the settings pages further.

1.2.0

  • 2018-04-17
  • Added IP country to stats page
  • Extended stats page to show positive detections from the last 100 queries instead of 50
  • Added toggle to block Proxies/VPN’s on all pages (Note this is at the expense of significantly higher query usage)
  • Added slider that enables setting the amount of days from 1 to 60 (default 7) that an IP will be checked for Proxy/VPN history so that you can set your level of security.

1.1.0

  • 2018-01-12
  • Updated plugin to support the new proxycheck.io v2 API
  • Fixed a bug that caused an error when enabling the Cloudflare option but not having Cloudflare enabled for the domain
  • Improved plugin options panel UI
  • Added a toggle to disable querying the proxycheck.io API without having to deactivate the plugin
  • Added a API Key statistics page that uses data from the proxycheck.io dashboard API if you specify an API Key (This does not use your queries!)

1.0.2

  • 2017-12-28
  • Added support for WooCommerce Login Forms for aesthetic reasons
  • improved access denied page
  • removed unnecessary scripts

1.0.1

  • 2017-12-25
  • Fixed an issue with site login
  • Switched from cURL to official WordPress HTTP API for querying the proxycheck.io API

1.0

  • 2017-12-22
  • Initial release