GranTech IP Firewall For AbuseIPDB Wordpress Plugin - Rating, Reviews, Demo & Download
Plugin Description
GranTech IP Firewall for AbuseIPDB connects your WordPress installation to the community-driven AbuseIPDB database to automatically detect, block, and report abusive IP addresses before they can cause damage.
Key Features
- Real-time IP checks — Queries the AbuseIPDB API on sensitive endpoints (login, XML-RPC, comments).
- Automatic blocking — IPs exceeding the configured abuse score threshold are blocked instantly.
- Brute-force protection — Detects brute-force attacks on wp-login.php and XML-RPC and blocks the offending IP after N failed attempts.
- Automatic reporting — Reports aggressive IPs to AbuseIPDB (Brute-Force category) to contribute back to the community database.
- Smart caching — Caches API responses to minimise daily quota consumption.
- Whitelist support — Exempt individual IPs or CIDR ranges from checks.
- Admin dashboard — 30-day statistics, activity chart, and top offending IPs at a glance.
- Event log — Full history of all events, filterable by IP and event type.
- Manual blocklist — Block and unblock IPs manually from the admin panel.
- Automatic cleanup — Hourly cron job purges expired blocks and logs older than 90 days.
- Cloudflare support — Automatically reads the CF-Connecting-IP header to get the real visitor IP.
How It Works
- When an IP accesses a sensitive endpoint (login, XML-RPC, comment submission), the plugin queries the AbuseIPDB API.
- If the abuse confidence score meets or exceeds the configured threshold (default 50/100), the IP is blocked automatically.
- If multiple failed login attempts are detected from the same IP, it is blocked and reported to AbuseIPDB as a brute-force attack.
- All events are recorded in the admin dashboard.
API Requirements
A free account at abuseipdb.com is required.
The free plan includes 1,000 checks per day, which is sufficient for most sites when combined with the built-in caching system.
External Services
This plugin connects to the AbuseIPDB API (https://api.abuseipdb.com/api/v2/) to check and report IP addresses.
What is AbuseIPDB?
AbuseIPDB is a community-driven project that maintains a database of IP addresses reported for abusive behavior (spam, hacking, brute-force attacks, etc.). This plugin uses their public API to protect your WordPress site.
What data is sent and when?
- IP address check: When a visitor accesses a sensitive endpoint (wp-login.php, xmlrpc.php, comment submission), the visitor’s IP address is sent to AbuseIPDB to retrieve its abuse confidence score. This only happens when the endpoint is accessed — not on regular page visits.
- IP address report: When a brute-force attack is detected (configurable number of failed login attempts), the offending IP address is reported to AbuseIPDB along with a description of the attack and your site’s URL. Reporting can be disabled in the plugin settings.
No personal data other than IP addresses is ever transmitted to AbuseIPDB.
- AbuseIPDB Terms of Service and Privacy Policy: https://www.abuseipdb.com/legal
Privacy Policy
This plugin stores visitor IP addresses in the local WordPress database for the purpose of security logging and blocking. IP addresses are personal data under GDPR.
- What is stored: IP addresses, associated ISP, country, and event type (e.g. blocked, failed login).
- Why: To protect the site from malicious activity and brute-force attacks.
- How long: Log entries are automatically deleted after 90 days. Block entries expire based on the configured duration.
- Third parties: IP addresses may be sent to AbuseIPDB (https://www.abuseipdb.com) for reputation checks and reporting. See the External Services section for details.
- User rights: Site administrators can view and delete all stored data from the plugin’s admin panel or by uninstalling the plugin.
Screenshots
No screenshots provided
