The best application firewall for WP

  • Looking for a plug and play firewall? THIS IS the best around.
    Looking for a more complex, customizable, full firewall solution similar to mod_security (but easier) that let’s you include CIDR and IPv6? THIS IS the best and only around.
    Check this out:

    if (! empty($_SERVER["HTTP_CF_CONNECTING_IP"]) &&
   filter_var($_SERVER["HTTP_CF_CONNECTING_IP"], FILTER_VALIDATE_IP) ) {
   $_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}

// =======================================================
// Single IPv4 and IPv6:
$ip_array = array( '1.2.3.4', '2.3.4.5', '2001:4998:c:a06::2:4008' );
if ( in_array( $_SERVER["REMOTE_ADDR"], $ip_array ) ) {
   // Block it:
   return 'BLOCK';
}

// =======================================================
// CIDR (IPv4 **only**):
$cidr_array = array('1.1.1.1/12', '2.2.2.2/13', '3.3.3.3/14');
// Loop through the array:
foreach ( $cidr_array as $cidr ) {
   // Check IP vs CIDR:
   if ( ipCIDRCheck( $_SERVER['REMOTE_ADDR'], $cidr ) ) {
      // IP matches, block it:
      return 'BLOCK';
   }
}
function ipCIDRCheck( $IP, $CIDR ) {
   list ( $subnet, $bits ) = explode( '/', $CIDR );
   $ip = ip2long( $IP );
   $subnet = ip2long( $subnet );
   $mask = -1 << ( 32 - $bits );
   $subnet &= $mask;
   return ( $ip & $mask ) == $subnet;
}
// =======================================================
  • The topic ‘The best application firewall for WP’ is closed to new replies.