{"id":315366,"date":"2026-05-22T03:49:59","date_gmt":"2026-05-22T03:49:59","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/easy-url-blocker\/"},"modified":"2026-05-22T03:49:41","modified_gmt":"2026-05-22T03:49:41","slug":"pathguard-redirects","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/pathguard-redirects\/","author":23189174,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.0.0","stable_tag":"1.0.0","tested":"6.9.4","requires":"5.8","requires_php":"7.4","requires_plugins":null,"header_name":"PathGuard Redirects","header_author":"Samrat Hossen","header_description":"Block specific relative URLs and redirect visitors to a custom destination. Admins are never redirected.","assets_banners_color":"3b9aca","last_updated":"2026-05-22 03:49:41","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"","header_author_uri":"","rating":0,"author_block_rating":0,"active_installs":0,"downloads":30,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.0":{"tag":"1.0.0","author":"emily50","date":"2026-05-22 03:49:41"}},"upgrade_notice":{"1.0.0":"<p>Initial release \u2014 no upgrade steps required.<\/p>"},"ratings":[],"assets_icons":{"icon-256x256.png":{"filename":"icon-256x256.png","revision":3543071,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":3543071,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"The URL Blocker settings page showing the blocked URLs list, redirect action selector, and Exclude Admins option.","2":"The Settings action link on the WordPress Plugins list page."}},"plugin_section":[],"plugin_tags":[1912,263896,727,600,263895],"plugin_category":[54],"plugin_contributors":[254156],"plugin_business_model":[],"class_list":["post-315366","plugin","type-plugin","status-publish","hentry","plugin_tags-access-control","plugin_tags-block-pages","plugin_tags-redirect","plugin_tags-security","plugin_tags-url-blocker","plugin_category-security-and-spam-protection","plugin_contributors-emily50","plugin_committers-emily50"],"banners":{"banner":"https:\/\/ps.w.org\/pathguard-redirects\/assets\/banner-772x250.png?rev=3543071","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/pathguard-redirects\/assets\/icon-256x256.png?rev=3543071","icon_2x":"https:\/\/ps.w.org\/pathguard-redirects\/assets\/icon-256x256.png?rev=3543071","generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>URL Blocker is a lightweight, developer-friendly plugin that lets site administrators block any relative URL on their WordPress site and control exactly what happens when a visitor tries to access it.<\/p>\n\n<p><strong>How it works<\/strong><\/p>\n\n<p>Add the relative paths you want to block (one per line) and choose what should happen when someone visits them:<\/p>\n\n<ul>\n<li><strong>Custom URL redirect<\/strong> \u2014 send visitors to any destination URL with a 302 redirect.<\/li>\n<li><strong>404 Not Found<\/strong> \u2014 serve your theme's native 404 page with a proper HTTP 404 status header (no redirect, the URL stays the same).<\/li>\n<\/ul>\n\n<p><strong>Key features<\/strong><\/p>\n\n<ul>\n<li>Block any number of relative paths (e.g. <code>\/secret-page\/<\/code>, <code>\/members-only\/<\/code>).<\/li>\n<li>Choose the redirect action per-site: custom URL or 404 page.<\/li>\n<li><strong>Exclude Admins<\/strong> \u2014 logged-in administrators are bypassed by default so they always have access. The option can be unchecked to restrict admins too.<\/li>\n<li>One-click access via the <strong>Settings<\/strong> link on the Plugins list page.<\/li>\n<li>All plugin data is removed from the database automatically when the plugin is deactivated.<\/li>\n<li>Paths matched with and without trailing slash \u2014 <code>\/secret-page<\/code> and <code>\/secret-page\/<\/code> both work.<\/li>\n<li>URL-encoded paths are decoded before matching, preventing bypass attempts like <code>\/%73ecret-page\/<\/code>.<\/li>\n<\/ul>\n\n<p><strong>Security<\/strong><\/p>\n\n<ul>\n<li>CSRF protection on every save using WordPress nonces.<\/li>\n<li>Strict capability check (<code>manage_options<\/code>) before processing any form data.<\/li>\n<li>All input is sanitised (<code>sanitize_textarea_field<\/code>, <code>esc_url_raw<\/code>, <code>sanitize_key<\/code>).<\/li>\n<li>All output is escaped (<code>esc_textarea<\/code>, <code>esc_attr<\/code>, <code>esc_html_e<\/code>).<\/li>\n<li>Uses <code>wp_safe_redirect<\/code> to prevent open-redirect abuse.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>pathguard-redirects<\/code> folder to <code>\/wp-content\/plugins\/<\/code>.<\/li>\n<li>Activate the plugin through the <strong>Plugins<\/strong> screen in WordPress.<\/li>\n<li>Go to <strong>Settings \u2192 URL Blocker<\/strong> (or click the <strong>Settings<\/strong> link on the Plugins page).<\/li>\n<li>Enter the relative URLs you want to block, choose a redirect action, and click <strong>Save Settings<\/strong>.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"what%20url%20format%20should%20i%20use%20in%20the%20blocked%20urls%20list%3F\"><h3>What URL format should I use in the blocked URLs list?<\/h3><\/dt>\n<dd><p>Enter relative paths starting with <code>\/<\/code>, one per line. Example:<\/p>\n\n<pre><code>\/secret-page\/\n\/members-only\/\n\/private-area\/\n<\/code><\/pre>\n\n<p>Do not include the domain name. Paths are matched with or without a trailing slash, so <code>\/secret-page<\/code> and <code>\/secret-page\/<\/code> are treated as the same rule.<\/p><\/dd>\n<dt id=\"will%20administrators%20be%20blocked%3F\"><h3>Will administrators be blocked?<\/h3><\/dt>\n<dd><p>No \u2014 by default the <strong>Exclude Admins<\/strong> option is enabled, which means logged-in users with the <code>manage_options<\/code> capability can always access blocked URLs. You can uncheck this option to apply blocking to administrators as well.<\/p><\/dd>\n<dt id=\"what%20is%20the%20difference%20between%20the%20two%20redirect%20actions%3F\"><h3>What is the difference between the two redirect actions?<\/h3><\/dt>\n<dd><ul>\n<li><strong>Custom URL (302 redirect)<\/strong> \u2014 the visitor's browser is redirected to the URL you specify. The blocked URL disappears from the address bar.<\/li>\n<li><strong>Not Found (404 page)<\/strong> \u2014 the browser stays on the blocked URL but receives an HTTP 404 status and sees your theme's 404 template. No redirect occurs.<\/li>\n<\/ul><\/dd>\n<dt id=\"what%20happens%20if%20i%20choose%20%22custom%20url%22%20but%20leave%20the%20destination%20field%20blank%3F\"><h3>What happens if I choose \"Custom URL\" but leave the destination field blank?<\/h3><\/dt>\n<dd><p>The plugin falls back to serving the 404 page so the blocked URL is never accidentally left accessible.<\/p><\/dd>\n<dt id=\"does%20this%20plugin%20affect%20rest%20api%20or%20admin%20requests%3F\"><h3>Does this plugin affect REST API or admin requests?<\/h3><\/dt>\n<dd><p>No. The block logic runs on the <code>template_redirect<\/code> hook which only fires for standard frontend page requests. REST API, WP-CLI, and admin requests are unaffected.<\/p><\/dd>\n<dt id=\"will%20my%20settings%20be%20lost%20if%20i%20deactivate%20the%20plugin%3F\"><h3>Will my settings be lost if I deactivate the plugin?<\/h3><\/dt>\n<dd><p>Yes. The plugin removes all its stored options from the database on deactivation. This keeps your database clean. If you need to keep your settings, do not deactivate \u2014 simply disable blocking by leaving the blocked URLs list empty.<\/p><\/dd>\n<dt id=\"does%20the%20plugin%20block%20query%20strings%3F\"><h3>Does the plugin block query strings?<\/h3><\/dt>\n<dd><p>No. Only the path portion of the URL is compared (e.g. <code>\/secret-page\/<\/code>). Query strings like <code>?preview=true<\/code> are ignored, which means <code>\/secret-page\/?anything=value<\/code> is still blocked by the rule <code>\/secret-page\/<\/code>.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<li>Block relative URLs with per-line textarea input.<\/li>\n<li>Redirect action: Custom URL (302) or 404 page.<\/li>\n<li>Exclude Admins option, pre-enabled on activation.<\/li>\n<li>Settings link on the Plugins list page.<\/li>\n<li>Automatic database cleanup on deactivation.<\/li>\n<li>URL-encoding bypass protection via <code>rawurldecode()<\/code>.<\/li>\n<li>CSRF, capability, and sanitisation hardening.<\/li>\n<\/ul>","raw_excerpt":"Block specific relative URLs on your site and redirect visitors to a custom destination or your theme&#039;s 404 page.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/315366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=315366"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/emily50"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=315366"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=315366"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=315366"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=315366"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=315366"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=315366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}