IP Geo Block

IP Geo Block is a security plugin that restricts access to your site based on the visitor's country of origin. It is designed for site owners who want to reduce spam, block brute-force login attempts, and prevent malicious access to the admin area and sensitive files. The plugin uses IP geolocation to validate requests to key entry points such as the login page, comment form, XML-RPC, and admin pages.

Key features include:

• Country-based access control: Whitelist or blacklist entire countries for specific actions like commenting, logging in, or accessing the admin panel. You can also set exceptions for registered users.

• Zero-day exploit prevention: Unlike signature-based firewalls, this feature blocks malicious requests by analyzing patterns common to vulnerabilities. It protects against attacks like CSRF, LFI, SQLi, and XSS even if you have vulnerable plugins or themes installed.

• Login attempt limiting: Restricts the number of failed login attempts per IP address to defend against brute-force and reverse-brute-force attacks. This applies to both the standard login form and XML-RPC.

• Force load WP core: Optionally configures the plugin to load before other plugins via a must-use (MU) plugin file. This reduces server load during attacks and ensures blocking rules are applied early.

• Privacy-focused design: IP addresses are encrypted in logs and cache by default. You can anonymize IP addresses and restrict data sent to third-party geolocation services to comply with privacy regulations like GDPR.

• Validation logs and statistics: Review detailed logs of blocked and allowed requests. Use the statistics tab to analyze attack patterns and identify repeat offenders.