Апісанне
Secure Owl Firewall is a fast, lightweight firewall plugin with an advanced rule engine featuring PCRE pattern matching, a transformation pipeline, and JSON-based rule configuration.
Key features:
- JSON-based rules — 100+ default rules covering SQLi, XSS, RCE, LFI, SSRF, Log4Shell, and more
- Transformation pipeline — URL decode, lowercase, normalize path, remove whitespace, HTML entity decode, trim
- Inspection targets — REQUEST_URI, QUERY_STRING, USER_AGENT, REFERER, COOKIE, and POST
- MU-Plugin loader — runs before regular plugins for earliest protection
- Rate limiting — optional transient-based IP and subnet banning
- Login protection — PIN field and honeypot to block brute-force attacks
- IP whitelist — CIDR/subnet support for both IPv4 and IPv6
- IP blacklist — CIDR/subnet support for both IPv4 and IPv6
- Per-rule toggle — disable individual rules from the admin panel without editing files
- File-based logging — 64MB cap with auto-rotation and protected storage
- Log retention — configurable policy for GDPR compliance
- IP anonymization — masks user IP addresses for enhanced privacy and GDPR compliance
Filter Hooks
sswaf_ip_whitelist— array of IPs to bypass the firewallsswaf_ip_blacklist— array of IPs to block before any rules runsswaf_trusted_proxies— array of trusted proxy IPs for X-Forwarded-Forsswaf_post_scanning— enable POST data inspection (default: true)sswaf_rules_file— path to the rules JSON filesswaf_log_file— path to the log filesswaf_log_max_size— maximum log size in bytessswaf_header_status— HTTP status header for blocked requestssswaf_before_block— action hook fired before blocking a requestsswaf_rate_limit_ip_threshold— override IP hit thresholdsswaf_rate_limit_ip_duration— override IP ban durationsswaf_rate_limit_ip_window— override IP counting window
Ўсталёўка
- Upload the
secure-owl-firewallfolder to/wp-content/plugins/ - Activate through the Plugins menu
- The MU-Plugin loader is installed automatically for early execution
- Configure settings under Settings > Secure Owl Firewall
Водгукі
На гэты плагін няма водгукаў.
Удзельнікі і распрацоўшчыкі
“Secure Owl Firewall” is open source software. The following people have contributed to this plugin.
Удзельнікі
Перакласці “Secure Owl Firewall” на вашу мову.
Зацікаўлены ў распрацоўцы?
Праглядзіце код, праверце SVN рэпазітарый, або падпішыцеся на журнал распрацоўкі па RSS.
Журнал змяненняў
1.0.0
- Initial release.
1.0.1
- Updated security rules.
- Updated log file cap to 24MB.
1.0.2
- Added IP whitelist with CIDR/subnet support (IPv4 + IPv6).
- File-based storage for zero database overhead.
- Settings UI with validation.
1.0.3
- Removed metadata from a JSON rules file.
- Small CSS admin tweak.
1.0.4
- Added configurable log retention policy to automatically purge old data for GDPR compliance.
- Added option to anonymize user IP addresses, enhancing privacy and GDPR compliance.
- Rework plugin update mechanism.
- Improved coding standards to align better with WordPress guidelines.
1.0.5
- Updated log file cap to 64MB.
- Fixed a small bug in admin panel log viewer.
1.0.6
- Added rate-limited PIN authentication to the login page to mitigate brute-force attacks.
- Added a honeypot trap to the login form to catch unsophisticated bots.
1.0.7
- Removed a few overly aggressive rules.
1.0.8
- Added IP blacklist with CIDR/subnet support (IPv4 + IPv6).
1.0.9
- Fixed a small bug in log viewer.