{"id":320,"date":"2010-10-29T04:03:49","date_gmt":"2010-10-29T04:03:49","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/wordpress-firewall-2\/"},"modified":"2010-10-29T05:22:59","modified_gmt":"2010-10-29T05:22:59","slug":"wordpress-firewall-2","status":"closed","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/wordpress-firewall-2\/","author":383995,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.3","stable_tag":"1.3","tested":"3.0.5","requires":"2.6.1","requires_php":"","requires_plugins":"","header_name":"Wordpress Firewall 2","header_author":"Matthew Pavkov","header_description":"","assets_banners_color":"","last_updated":"2017-11-28 06:31:27","external_support_url":"","external_repository_url":"","donate_link":"http:\/\/matthewpavkov.com\/wordpress-plugins\/","header_plugin_uri":"http:\/\/matthewpavkov.com\/wordpress-plugins\/wordpress-firewall-2.html","header_author_uri":"http:\/\/matthewpavkov.com","rating":4.8,"author_block_rating":0,"active_installs":1000,"downloads":132040,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":[],"upgrade_notice":{"1.3":"

The bugs reported for the original plugin have been fixed, a few modest features have been added.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":"1","5":"3"},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.3"],"block_files":[],"assets_screenshots":{"screenshot-1.gif":{"filename":"screenshot-1.gif","revision":"1776615","resolution":"1","location":"plugin","width":1088,"height":1365}},"screenshots":{"1":"Full screenshot of the plugin."}},"plugin_section":[],"plugin_tags":[1174,600],"plugin_category":[54],"plugin_contributors":[78014,78015],"plugin_business_model":[],"class_list":["post-320","plugin","type-plugin","status-closed","hentry","plugin_tags-firewall","plugin_tags-security","plugin_category-security-and-spam-protection","plugin_contributors-pavy","plugin_contributors-seoegghead","plugin_committers-pavy","plugin_committers-vlasky"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/wordpress-firewall-2.svg","icon_2x":false,"generated":true},"screenshots":[{"src":"https:\/\/ps.w.org\/wordpress-firewall-2\/trunk\/screenshot-1.gif?rev=1776615","caption":"Full screenshot of the plugin."}],"raw_content":"\n

This is an updated version of the popular WordPress Firewall<\/em> plugin, with fixes for all known bugs and a few new features!<\/p>\n\n

This WordPress plugin investigates web requests with simple, WordPress-specific heuristics, to identify and stop the most obvious attacks. There are a few powerful, generic modules that do this; but they're not always installed on web servers, and usually difficult to configure.<\/p>\n\n

This plugin intelligently whitelists and blacklists pathological-looking phrases, based on which field they appear within, in a page request (unknown\/numeric parameters vs. known post bodies, comment bodies, etc.). Its purpose is not to replace prompt and responsible upgrading, but rather to mitigate 0-day attacks and let bloggers sleep better at night.<\/p>\n\n

Originally developed by SEO Egghead and released as WordPress Firewall<\/em>.<\/p>\n\n\n

    \n
  1. Download the plugin.<\/li>\n
  2. Unzip the file that you downloaded.<\/li>\n
  3. Upload the contained program \"wordpress-firewall-2.php\" to your \"wp-content\/plugins\/\" folder.<\/li>\n<\/ol>\n\n\n
    \n
    Installation Instructions<\/dt>\n
      \n
    1. Download the plugin.<\/li>\n
    2. Unzip the file that you downloaded.<\/li>\n
    3. Upload the contained program \"wordpress-firewall-2.php\" to your \"wp-content\/plugins\/\" folder.<\/li>\n<\/ol><\/dd>\n
      Upgrading from WordPress Firewall v1.25<\/dt>\n
        \n
      1. Deactivate the plugin WordPress Firewall v1.25.<\/li>\n
      2. Delete the plugin from your plugins folder.<\/li>\n
      3. Install WordPress Firewall 2 (see installation instructions).<\/li>\n
      4. Your previous settings will be restored and used.<\/li>\n<\/ol><\/dd>\n
        What does this thing actually do?<\/dt>\n

        Lots of stuff - here's the list:<\/p>\n\n

          \n
        • Detect, intecept, and log suspicious-looking parameters \u2014 and prevent them compromising WordPress.<\/li>\n
        • Also protect most WordPress plugins from the same attacks.<\/li>\n
        • Respond with an innocuous-looking 404, or a home page redirect.<\/li>\n
        • Optionally send an email to you with a useful dump of information upon blocking a potential attack.<\/li>\n
        • Turn on or off directory traversal attack detection.<\/li>\n
        • Turn on or off SQL injection attack detection.<\/li>\n
        • Turn on or off WordPress-specific SQL injection attack detection.<\/li>\n
        • Turn on or off blocking executable file uploads.<\/li>\n
        • Turn on or off remote arbitrary code injection detection.<\/li>\n
        • Add whitelisted IPs.<\/li>\n
        • Add additional whitelisted pages and\/or fields to allow pages\/plugins\/etc to get through when desirable.<\/li>\n
        • Optionally configure as the first plugin to load for maximum security.<\/li>\n<\/ul><\/dd>\n\n<\/dl>\n\n\n

          1.3<\/h4>\n\n
            \n
          • Fixed known bugs<\/li>\n
          • Added plain text email option<\/li>\n
          • IP of plugin activator added by default<\/li>\n
          • Other small, miscellaneous updates.<\/li>\n
          • Now maintained by Matthew Pavkov<\/li>\n<\/ul>\n\n

            1.25<\/h4>\n\n
              \n
            • First release.<\/li>\n
            • Developed by SEO Egghead<\/li>\n<\/ul>\n\n

              0.5<\/h4>\n\n
                \n
              • Unreleased.<\/li>\n<\/ul>","raw_excerpt":"This WordPress plugin monitors web requests to identify and stop the most obvious attacks.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/320","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=320"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/pavy"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=320"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=320"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=320"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=320"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=320"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=320"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}