Web Application Firewall


Easy way to block country and to block IP. Using this plugin admin can protect the website from unwanted traffic, bad bots. The firewall protects your website from different kind of attacks. And provides a security layer on your website.

FREE Plugin Feature

  • HTAccess Level WAF: IPs blocked by admin will be blocked on the server only. These IPs won’t able to access the site.
  • Plugin Level Waf: IPs blocked by admin will be blocked on WordPress site load. It is less secure than HTAccess level WAF.
  • Rate Limiting: It helps to prevent DoS attacks on your site. You can set hit/min for each IP.
  • XSS, SQL Attack Detection and Blocking: Cyber attacks and suspicious activities will be get detected and access to the site for that IP will be blocked.
  • Advance Blocking: You can block country, IP range, Single IP, browser, HTTP referrers from gaining access to your site.
  • Email Notification: Admin can get a notification on email for any suspicious activity detected on site.
  • Report: Admin can see the login failed/success, attacks report in the report.
  • Recaptch Protection Google services are used to provide recaptch protection.

Premium Plugin Feature

  • Real Time IP Blocking: This feature protects your site from those IPs which are marked as spam by miniorange WAF users.
  • Rate Limiting for Crawlers: Web Crawlers can create DoS while crawling your site for high ranking. This feature protects from DoS by Web Crawlers.
  • Fake Web Crawler Protection: Blocks fake crawlers from damaging your site.
  • Whitelist Crawlers: Whitelisted crawler will not blocked by rate limiting for crawler feature.
  • BotNet Protection: It prevents DoS from BotNet.
  • Remote File Inclusion Protection: It protects from adding files from remote server to your server.
  • Remote Code Execution Protection: It Protects from executing malicious commands in your server.

Customized solutions and Active support are available. Email us at info@xecurify.com or call us at +1 9786589387.


From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.

  2. Search for Web Application Firewall.

  3. Install Web Application Firewall and Activate the plugin.

From WordPress.org

  1. Search for Web Application Firewall and download it.

  2. Unzip and upload the Web Application Firewall directory to your /wp-content/plugins/ directory.

  3. Activate Web Application Firewall from the Plugins tab of your admin dashboard.


Once Activated

  1. Select miniOrange Web Application Firewall from the left menu and follow the instructions.

  2. You can configure Web Application Firewall settings.


Read all 1 review

Contributors & Developers

“Web Application Firewall” is open source software. The following people have contributed to this plugin.




WordPress 5.5 version compatibility update


The first version of WordPress Web Application Firewall Plugin with basic WordPress network security.