I would like to officially introduce BotBlocker Security, a WordPress plugin designed to provide an early layer of protection against bots, botnets, and automated attacks.
This project grew out of real-world experience: constant brute-force attacks, vulnerability scanners, fake search robots, and overloaded log files. The goal is to provide protection that works before WordPress starts consuming resources.
BotBlocker is a WAF and anti-bot system for WordPress with a focus on:
early filtering of incoming traffic, reducing server load,
blocking automated attacks, transparent monitoring, and logging.
Key features
- Early launch
Filtering requests before WordPress is fully loaded (via MU-mechanics), which allows you to:
save CPU and memory
block junk traffic as early as possible - Firewall / WAF
analysis of incoming requests
checking for suspicious patterns
blocking malicious signatures - Anti-Bot protection
detection of automated behavior
botnet filtering
blocking of fake User-Agents - Login protection
admin panel protection
wp-login.php protection
brute-force attempt control - IP analysis
Working with blacklists
Dynamic blocking
IPv4 and IPv6 support - Monitoring and logging
Security event log
Display of blocked requests
Activity analysis - Performance
Minimal load in normal mode
Load reduction during attacks
Compatibility with caching and CDN
Thank you to everyone who tests, suggests ideas, and helps improve BotBlocker!