Deny All Firewall

Deny All Firewall Install Statistics

0
100%
Today: 0 Yesterday: 0 All-time: 6,559 downloads
Deny All Firewall Icon

Try plugin: Deny All Firewall

We'll create fresh WordPress site with Deny All Firewall installed. You have 20 minutes to test the plugin after that site we'll be deleted.

Takes ~10 seconds to install.

About Deny All Firewall

Blocks access to everything except genuine site content using .htaccess

0


0


0


0


0

updated: 9 months ago
since: 5 years ago
author: Webd Ltd

Description

Deny All Firewall

This plugin examines your WordPress installation and injects rules into your .htaccess file which completely block access to everything except genuine site content.

Doing so reduces load on your server, prevents hackers from scanning your site for exploits and even reduces the carbon footprint of your site! We estimate that this plugin will reduce the amount of CO2 used by an average WordPress site by 100Kg per year which is equivalent to the carbon footprint of a flight from London to Ibiza!

Blocked requests can be logged and whitelisted to fine tune your firewall to your specific website.

Whitelisted requests can be 301 redirected to another web address.

The plugin monitors for content changes and will alert users if changes are detected and rules need to be refreshed.

There is a “Lock Down” feature which blocks all requests with Query Strings or POST data. This is how SQL / PHP injection, XSS and other attacks are implemented but it is also how some themes and plugins talk to your server so may require some requests to be whitelisted for your site.

There is a “Sitemap” feature which autmatically generates an XML sitemap and lets search engines find it through a robots.txt file. This sitemap is more detailed than the one automatically generated by WordPress.

There is an “Allow All Content” feature for sites with way too much content to list in the .htaccess file.

There is an “Allow All IPs” feature for sites with too many users to list all their IP addresses in the .htaccess file.

There is a “Force SSL” feature for sites with an SSL certificate to force visitors to use HTTPS rather than HTTP.

Prevents WordPress version from being shown in and /feed/ meta.

Currently we only support Apache servers but will be looking to include Nginx in the future.

Please contact us through the support forum to let us know immediately if the plugin blocks anything that it shouldn’t do!