{"id":24475510,"url":"https://github.com/itcssec/ProActiveSecuritySuite","last_synced_at":"2025-10-02T02:31:19.916Z","repository":{"id":265641442,"uuid":"895029385","full_name":"itcssec/ProActiveSecuritySuite","owner":"itcssec","description":"This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like Cloudflare, AbuseIPDB, Whatismybrowser.com, and now IPData.","archived":false,"fork":false,"pushed_at":"2025-01-20T21:57:45.000Z","size":2188,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-21T09:15:05.239Z","etag":null,"topics":["cloudflare","wordfence","wordpress","wordpress-plugin","wordpress-security"],"latest_commit_sha":null,"homepage":"https://itcs.services/product/proactive-security-suite/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/itcssec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-27T12:39:13.000Z","updated_at":"2025-01-20T21:57:48.000Z","dependencies_parsed_at":"2024-12-21T00:21:02.014Z","dependency_job_id":"ae4b3491-975c-49eb-a2f6-6ea3c4adbdbb","html_url":"https://github.com/itcssec/ProActiveSecuritySuite","commit_stats":null,"previous_names":["itcssec/proactivesecuritysuite","itcssec/wordfence2cloudflare"],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itcssec%2FProActiveSecuritySuite","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itcssec%2FProActiveSecuritySuite/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itcssec%2FProActiveSecuritySuite/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/itcssec%2FProActiveSecuritySuite/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/itcssec","download_url":"https://codeload.github.com/itcssec/ProActiveSecuritySuite/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234923803,"owners_count":18907858,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","wordfence","wordpress","wordpress-plugin","wordpress-security"],"created_at":"2025-01-21T09:15:03.872Z","updated_at":"2025-10-02T02:31:19.909Z","avatar_url":"https://github.com/itcssec.png","language":"PHP","readme":"\u003ch1\u003eWelcome to the \u003cem\u003eProActive Security Suite\u003c/em\u003e Plugin Wiki\u003c/h1\u003e\n\u003cimg width=\"120\" alt=\"pss-logo\" src=\"https://github.com/user-attachments/assets/b657ffe7-3010-4e1d-9e83-81eec2bcd552\"\u003e \n\u003cp\u003e\n    Enhance your WordPress website's security with the \u003cstrong\u003eProActive Security Suite\u003c/strong\u003e. This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like \u003cstrong\u003eCloudflare\u003c/strong\u003e, \u003cstrong\u003eAbuseIPDB\u003c/strong\u003e, \u003cstrong\u003eWhatismybrowser.com\u003c/strong\u003e, and now \u003cstrong\u003eIPData\u003c/strong\u003e. ProActive Security Suite provides proactive defense mechanisms to protect your site from malicious traffic and potential threats before they reach your server.\n\u003c/p\u003e\n\n\u003cdiv class=\"toc\"\u003e\n    \u003ch2\u003eTable of Contents\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#introduction\"\u003eIntroduction\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e\u003c/li\u003e\n        \u003cul\u003e\n            \u003cli\u003e\u003ca href=\"#free-features\"\u003eFree Features\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#premium-features\"\u003ePremium Features\u003c/a\u003e\u003c/li\u003e\n        \u003c/ul\u003e\n        \u003cli\u003e\u003ca href=\"#installation\"\u003eInstallation\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#configuration\"\u003eConfiguration\u003c/a\u003e\u003c/li\u003e\n        \u003cul\u003e\n            \u003cli\u003e\u003ca href=\"#cloudflare-settings\"\u003eCloudflare Settings\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#abuseipdb-integration\"\u003eAbuseIPDB Integration\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#whatismybrowsercom-integration\"\u003eWhatIsMyBrowser.com Integration\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#ipdata-integration\"\u003eIPData Integration\u003c/a\u003e\u003c/li\u003e\n        \u003c/ul\u003e\n        \u003cli\u003e\u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e\u003c/li\u003e\n        \u003cul\u003e\n            \u003cli\u003e\u003ca href=\"#automatic-ip-synchronization\"\u003eAutomatic IP Synchronization\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#manual-synchronization\"\u003eManual Synchronization\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#captured-traffic-data\"\u003eCaptured Traffic Data\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#advanced-rule-builder\"\u003eAdvanced Rule Builder\u003c/a\u003e\u003c/li\u003e\n            \u003cli\u003e\u003ca href=\"#rule-details-in-blocked-ips\"\u003eRule Details in Blocked IPs\u003c/a\u003e\u003c/li\u003e\n        \u003c/ul\u003e\n        \u003cli\u003e\u003ca href=\"#advanced-settings\"\u003eAdvanced Settings\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#faq\"\u003eFrequently Asked Questions\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#support\"\u003eSupport and Contribution\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#license\"\u003eLicense\u003c/a\u003e\u003c/li\u003e\n    \u003c/ul\u003e\n\u003c/div\u003e\n\n\u003ch2 id=\"introduction\"\u003eIntroduction\u003c/h2\u003e\n\n\u003cp\u003e\n    Welcome to the \u003cstrong\u003eProActive Security Suite\u003c/strong\u003e plugin! This comprehensive security solution enhances your website's protection by combining advanced threat detection, automated rule-based actions, and integrations with services like \u003cstrong\u003eCloudflare\u003c/strong\u003e, \u003cstrong\u003eAbuseIPDB\u003c/strong\u003e, \u003cstrong\u003eWhatIsMyBrowser\u003c/strong\u003e, and \u003cstrong\u003eIPData\u003c/strong\u003e. By proactively analyzing traffic and applying custom security rules, ProActive Security Suite stops malicious traffic before it reaches your server, reducing load and enhancing performance.\n\u003c/p\u003e\n\n\u003ca href=\"https://github.com/itcssec/ProActiveSecuritySuite/releases\" class=\"button\" target=\"_blank\"\u003eDownload Latest Release\u003c/a\u003e\n\n\u003ch2 id=\"features\"\u003eFeatures\u003c/h2\u003e\n\n\u003ch3 id=\"free-features\"\u003eFree Features\u003c/h3\u003e\n\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eAutomatic IP Synchronization:\u003c/strong\u003e Effortlessly sync blocked IPs to Cloudflare's firewall.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eCustomizable Settings:\u003c/strong\u003e Tailor the plugin to your needs with adjustable settings:\n        \u003cul\u003e\n            \u003cli\u003eBlocked Hits Threshold\u003c/li\u003e\n            \u003cli\u003eBlock Scope (Domain or Account)\u003c/li\u003e\n            \u003cli\u003eBlock Mode (e.g., Block, Managed Challenge)\u003c/li\u003e\n            \u003cli\u003eCron Interval\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eManual Synchronization:\u003c/strong\u003e Trigger synchronization manually when immediate action is needed.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eAbuseIPDB Integration:\u003c/strong\u003e Optional integration to fetch detailed information about IPs:\n        \u003cul\u003e\n            \u003cli\u003eCountry Code\u003c/li\u003e\n            \u003cli\u003eUsage Type\u003c/li\u003e\n            \u003cli\u003eISP Information\u003c/li\u003e\n            \u003cli\u003eConfidence Score\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ul\u003e\n\n\u003ch3 id=\"premium-features\"\u003ePremium Features\u003c/h3\u003e\n\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eAdvanced Rule Builder:\u003c/strong\u003e Create custom security rules based on various criteria such as confidence score, whitelisted status, abusive status, IPData threat status, and more. Automate actions like blocking or challenging IPs based on these rules.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eIPData Integration:\u003c/strong\u003e Fetch threat intelligence from IPData, including tor usage, proxy, known attackers, and other threat indicators. Combine this data with AbuseIPDB and WhatIsMyBrowser data to build comprehensive multi-criteria rules for your traffic.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eRule Priorities:\u003c/strong\u003e Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first, allowing critical rules to take precedence.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eAutomatic Action Application:\u003c/strong\u003e The plugin automatically applies actions to IPs that match your defined rules immediately after capturing traffic data.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eRule Details in Blocked IPs:\u003c/strong\u003e View detailed information about which rules caused IPs to be blocked, including criteria and actions taken.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eCaptured Traffic Data:\u003c/strong\u003e Log and analyze incoming traffic for enhanced security insights, leveraging data from multiple APIs (AbuseIPDB, WhatIsMyBrowser, IPData).\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eExclude User Roles:\u003c/strong\u003e Exclude specific WordPress user roles from traffic logging.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eWhatIsMyBrowser.com API Integration:\u003c/strong\u003e Advanced user agent analysis and detection capabilities.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eEnhanced AbuseIPDB Integration:\u003c/strong\u003e Automatic updates for all entries with the same IP address.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003ePriority Support:\u003c/strong\u003e Access dedicated support for assistance and troubleshooting.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eCloudflare Custom WAF Rule \u0026amp; List Management:\u003c/strong\u003e Optionally create a Cloudflare custom list and associated WAF rule. Manage list entries directly from the plugin and receive notifications if Cloudflare reports errors such as a full list.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNEW - Traffic Insights:\u003c/strong\u003e View your traffic at a glance by aggregating and displaying each IP address only once. This tab provides:\n        \u003cul\u003e\n            \u003cli\u003e\u003cem\u003eAggregated IP Overview:\u003c/em\u003e See first/last seen timestamps, total requests, and threat data from IPData in a single row per IP.\u003c/li\u003e\n            \u003cli\u003e\u003cem\u003eOperating System \u0026 Browser Details:\u003c/em\u003e Includes the most recent OS and software information from WhatIsMyBrowser.\u003c/li\u003e\n            \u003cli\u003e\u003cem\u003eUser Agent:\u003c/em\u003e Quickly review the last user agent encountered for each IP.\u003c/li\u003e\n            \u003cli\u003e\u003cem\u003eProfessional Statistics:\u003c/em\u003e Real-time stats on total unique IPs, average confidence scores, top countries, and more, all on one page.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ul\u003e\n\u003cimg width=\"1163\" alt=\"Screenshot 2024-12-21 at 14 28 25\" src=\"https://github.com/user-attachments/assets/80ed56ce-cc95-441e-8490-6927153ffe9f\" /\u003e\n\n\u003cdiv class=\"note\"\u003e\n    \u003cstrong\u003eNote:\u003c/strong\u003e The premium features require an active premium license. Upgrade to access these advanced functionalities.\n\u003c/div\u003e\n\n\u003ch2 id=\"installation\"\u003eInstallation\u003c/h2\u003e\n\n\u003col\u003e\n    \u003cli\u003e\u003cstrong\u003eDownload the Plugin:\u003c/strong\u003e Clone the repository or \u003ca href=\"https://github.com/itcssec/ProActiveSecuritySuite/releases\" target=\"_blank\"\u003edownload the latest release\u003c/a\u003e.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eUpload to WordPress:\u003c/strong\u003e Upload the \u003ccode\u003eproactive-security-suite\u003c/code\u003e directory to \u003ccode\u003e/wp-content/plugins/\u003c/code\u003e.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eActivate the Plugin:\u003c/strong\u003e In your WordPress dashboard, navigate to \u003cem\u003ePlugins\u003c/em\u003e and activate \u003cem\u003eProActive Security Suite\u003c/em\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\n\u003ch2 id=\"configuration\"\u003eConfiguration\u003c/h2\u003e\n\n\u003ch3 id=\"cloudflare-settings\"\u003eCloudflare Settings\u003c/h3\u003e\n\n\u003col\u003e\n    \u003cli\u003e\u003cstrong\u003eObtain Cloudflare Credentials:\u003c/strong\u003e\n        \u003cul\u003e\n            \u003cli\u003e\u003cstrong\u003eEmail:\u003c/strong\u003e Your Cloudflare account email.\u003c/li\u003e\n            \u003cli\u003e\u003cstrong\u003eAPI Key:\u003c/strong\u003e Your Global API Key or an API Token with necessary permissions.\u003c/li\u003e\n            \u003cli\u003e\u003cstrong\u003eZone ID:\u003c/strong\u003e Found in your Cloudflare dashboard under the domain's overview.\u003c/li\u003e\n            \u003cli\u003e\u003cstrong\u003eAccount ID:\u003c/strong\u003e Located in your Cloudflare profile settings.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eConfigure Plugin Settings:\u003c/strong\u003e\n        \u003cul\u003e\n            \u003cli\u003eNavigate to \u003cem\u003eSettings \u0026gt; ProActive Security Suite\u003c/em\u003e.\u003c/li\u003e\n            \u003cli\u003eEnter your Cloudflare credentials securely.\u003c/li\u003e\n            \u003cli\u003eAdjust settings like Blocked Hits Threshold, Block Scope, and Block Mode.\u003c/li\u003e\n            \u003cli\u003eEnable \u003cem\u003eCustom WAF Rule\u003c/em\u003e and provide a rule name to let the plugin create and maintain a Cloudflare custom list and corresponding WAF rule. You can view, add, or remove IPs from the list within the plugin.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ol\u003e\n\n\u003cimg width=\"1245\" alt=\"390847194-2b70c58b-6889-44b6-8f72-377f415b12a2\" src=\"https://github.com/user-attachments/assets/f01a1ad4-b708-4c18-9959-9e80891406b9\"\u003e\n\n\u003ch3 id=\"abuseipdb-integration\"\u003eAbuseIPDB Integration\u003c/h3\u003e\n\n\u003col\u003e\n    \u003cli\u003e\u003cstrong\u003eSign Up for AbuseIPDB:\u003c/strong\u003e Visit \u003ca href=\"https://www.abuseipdb.com/\"\u003eAbuseIPDB\u003c/a\u003e and sign up for an API key.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eEnable Integration:\u003c/strong\u003e\n        \u003cul\u003e\n            \u003cli\u003eIn the plugin settings, enter your AbuseIPDB API key.\u003c/li\u003e\n            \u003cli\u003eEnable the \u003cem\u003eAbuseIPDB Lookup\u003c/em\u003e option.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ol\u003e\n\n\u003cimg width=\"1242\" alt=\"390847364-124d8ae7-91ba-4493-afb3-30e19a369a0b\" src=\"https://github.com/user-attachments/assets/3bf0628e-582f-4a75-9e71-20726cc4c5b6\"\u003e\n\n\n\u003ch3 id=\"whatismybrowsercom-integration\"\u003eWhatIsMyBrowser.com Integration (Premium)\u003c/h3\u003e\n\n\u003col\u003e\n    \u003cli\u003e\u003cstrong\u003eObtain API Key:\u003c/strong\u003e Register at \u003ca href=\"https://developers.whatismybrowser.com/api/\"\u003eWhatIsMyBrowser.com\u003c/a\u003e for an API key.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eConfigure Integration:\u003c/strong\u003e\n        \u003cul\u003e\n            \u003cli\u003eEnter the API key in the plugin's settings under \u003cem\u003eWhatIsMyBrowser API Key\u003c/em\u003e.\u003c/li\u003e\n            \u003cli\u003eEnable the integration features as desired.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ol\u003e\n\n\u003ch3 id=\"ipdata-integration\"\u003eIPData Integration (Premium)\u003c/h3\u003e\n\n\u003col\u003e\n    \u003cli\u003e\u003cstrong\u003eObtain API Key:\u003c/strong\u003e Sign up at \u003ca href=\"https://ipdata.co/\"\u003eIPData\u003c/a\u003e for an API key.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eEnable Integration:\u003c/strong\u003e\n        \u003cul\u003e\n            \u003cli\u003eEnter your IPData API key in the plugin's settings.\u003c/li\u003e\n            \u003cli\u003eEnable the \u003cem\u003eIPData Lookup\u003c/em\u003e option.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ol\u003e\n\n\u003cp\u003e\n    With IPData integration, the plugin fetches comprehensive threat intelligence for each IP, including indicators like:\n\u003c/p\u003e\n\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eTor\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eiCloud Relay\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eProxy\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eDatacenter\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eAnonymous User\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eKnown Attacker\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eKnown Abuser\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eGeneral Threat\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eBogon\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003e\n    These fields can be combined with AbuseIPDB and WhatIsMyBrowser data in the rule builder. If an IP has previously been queried, subsequent visits reuse the stored IPData information without making additional API requests, ensuring efficient lookups.\n\u003c/p\u003e\n\n\u003ch2 id=\"usage\"\u003eUsage\u003c/h2\u003e\n\n\u003ch3 id=\"automatic-ip-synchronization\"\u003eAutomatic IP Synchronization\u003c/h3\u003e\n\n\u003cp\u003e\n    The plugin automatically syncs blocked IPs based on your configured cron interval. IPs exceeding the Blocked Hits Threshold are added to Cloudflare's firewall or acted upon based on your defined rules.\n\u003c/p\u003e\n\n\u003ch3 id=\"manual-synchronization\"\u003eManual Synchronization\u003c/h3\u003e\n\n\u003cp\u003e\n    Navigate to \u003cem\u003eSettings \u0026gt; ProActive Security Suite\u003c/em\u003e and click the \u003cstrong\u003eRun Process\u003c/strong\u003e button to trigger synchronization and rule evaluation immediately.\n\u003c/p\u003e\n\n\u003ch3 id=\"captured-traffic-data\"\u003eCaptured Traffic Data (Premium)\u003c/h3\u003e\n\n\u003cp\u003e\n    Access detailed logs under the \u003cem\u003eCaptured Traffic Data\u003c/em\u003e tab. Analyze user agents, request methods, threat intelligence from IPData, and more. Exclude specific user roles from logging in the settings.\n\u003c/p\u003e\n\n\u003cp\u003e\n    \u003cstrong\u003eNote on Caching:\u003c/strong\u003e If full-page caching or a CDN is serving cached responses, some traffic may not be captured because WordPress (and thus this plugin) may not run on every request. Consider adjusting your caching strategy or using a JavaScript-driven approach (e.g., a small script that calls a logged endpoint) if capturing all traffic is critical.\n\u003c/p\u003e\n\n\u003ch3 id=\"advanced-rule-builder\"\u003eAdvanced Rule Builder (Premium)\u003c/h3\u003e\n\n\u003cp\u003e\n    The plugin features a powerful \u003cstrong\u003eRule Builder\u003c/strong\u003e that allows you to create custom security rules based on various criteria. You can define rules using conditions such as:\n\u003c/p\u003e\n\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eConfidence Score (AbuseIPDB)\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eIs Whitelisted (AbuseIPDB)\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eIs Abusive (WhatIsMyBrowser)\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eIPData Threat Indicators (Tor, Proxy, Known Attacker, etc.)\u003c/strong\u003e\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eCustom Criteria:\u003c/strong\u003e Combine fields from multiple APIs to create complex, multi-dimensional rules.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003e\n    Each rule can be assigned an \u003cstrong\u003eAction\u003c/strong\u003e (e.g., Block, Managed Challenge) that will be applied to IPs matching the rule. You can also assign a \u003cstrong\u003ePriority\u003c/strong\u003e to control the order in which rules are evaluated.\n\u003c/p\u003e\n\n\u003cimg width=\"1240\" alt=\"390848297-7c3c405b-7a5f-4e86-ad35-f0128c288fcf\" src=\"https://github.com/user-attachments/assets/52dcb275-3d70-4ff8-ab8a-3483dc581b94\"\u003e\n\u003cimg width=\"1223\" alt=\"Screenshot 2024-12-07 at 16 00 16\" src=\"https://github.com/user-attachments/assets/4b3e4843-9e56-4249-adc0-cee8c0464aa1\"\u003e\n\n\u003ch3 id=\"rule-details-in-blocked-ips\"\u003eRule Details in Blocked IPs (Premium)\u003c/h3\u003e\n\n\u003cp\u003e\n    The \u003cstrong\u003eBlocked IPs\u003c/strong\u003e tab now includes a \u003cem\u003eRule Details\u003c/em\u003e column that displays comprehensive information about the rules that caused IPs to be blocked. This includes:\n\u003c/p\u003e\n\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eCriteria:\u003c/strong\u003e Specific conditions from AbuseIPDB, WhatIsMyBrowser, and IPData threat fields that were met.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eAction:\u003c/strong\u003e The action taken by the rule (e.g., Block, Managed Challenge).\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003e\n    This enhancement allows administrators to easily identify which rules are triggering blocks and understand the reasons behind each IP being blocked. It provides greater transparency and aids in fine-tuning security settings.\n\u003c/p\u003e\n\n\u003ch2 id=\"advanced-settings\"\u003eAdvanced Settings\u003c/h2\u003e\n\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eBlocked Hits Threshold:\u003c/strong\u003e Define the minimum number of blocked hits before an IP is synchronized or evaluated by rules.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eBlock Scope:\u003c/strong\u003e Choose between domain-specific or account-wide blocking.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eBlock Mode:\u003c/strong\u003e Select the action for Cloudflare to take (e.g., Block, Challenge).\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eCron Interval:\u003c/strong\u003e Set how frequently the plugin checks for new blocked IPs and evaluates rules.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eRule Priorities:\u003c/strong\u003e Assign priorities to your rules to control the order of evaluation. Higher priority numbers are evaluated first.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eUser Role Exclusions:\u003c/strong\u003e Exclude specific WordPress user roles from traffic logging and rule evaluation.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003ch2 id=\"faq\"\u003eFrequently Asked Questions\u003c/h2\u003e\n\n\u003ch3\u003eHow do I obtain my Cloudflare Zone ID and Account ID?\u003c/h3\u003e\n\n\u003cp\u003e\n    \u003cstrong\u003eZone ID:\u003c/strong\u003e Log into Cloudflare, select your domain, and find the Zone ID on the Overview page.\u003cbr /\u003e\n    \u003cstrong\u003eAccount ID:\u003c/strong\u003e Click on your profile in Cloudflare; the Account ID is listed there.\n\u003c/p\u003e\n\n\u003ch3\u003eCan I use an API Token instead of the Global API Key?\u003c/h3\u003e\n\n\u003cp\u003e\n    Yes, ensure the API Token has the necessary permissions for firewall access.\n\u003c/p\u003e\n\n\u003ch3\u003eIs the plugin compatible with IPv6 addresses?\u003c/h3\u003e\n\n\u003cp\u003e\n    Absolutely, the plugin supports both IPv4 and IPv6 addresses.\n\u003c/p\u003e\n\n\u003ch3\u003eHow does the plugin handle my API keys?\u003c/h3\u003e\n\n\u003cp\u003e\n    All API keys are securely stored using WordPress's options API and are never exposed in plain text.\n\u003c/p\u003e\n\n\u003ch3\u003eHow do rule priorities work?\u003c/h3\u003e\n\n\u003cp\u003e\n    Rule priorities determine the order in which your rules are evaluated. Rules with higher priority numbers are evaluated first. If traffic data matches a rule, the corresponding action is applied, and no further rules are evaluated for that IP address.\n\u003c/p\u003e\n\n\u003ch3\u003eCan I see which rule blocked an IP?\u003c/h3\u003e\n\n\u003cp\u003e\n    Yes, with the \u003cstrong\u003eRule Details in Blocked IPs\u003c/strong\u003e feature, you can view the exact rule criteria and action that caused an IP to be blocked. This information is displayed in the Blocked IPs tab under the Rule Details column.\n\u003c/p\u003e\n\n\u003ch3\u003eHow does the automatic action application work?\u003c/h3\u003e\n\n\u003cp\u003e\n    When traffic data is captured, the plugin immediately evaluates it against your defined rules. If a rule matches, the specified action is applied to the IP address without any manual intervention.\n\u003c/p\u003e\n\n\u003ch2 id=\"support\"\u003eExternal Services\u003c/h2\u003e\n\n\u003cp\u003e\n    \n**Cloudflare**  \n- **Usage**: We send visitor IPs (and optionally country/ISP data) to create Firewall rules.  \n- **Data Sent**: IP address, associated rule details.  \n- [Cloudflare Terms of Service](https://www.cloudflare.com/terms/) | [Cloudflare Privacy Policy](https://www.cloudflare.com/privacypolicy/)\n\n**AbuseIPDB**  \n- **Usage**: We check IP reputation, fetching country code, ISP, and confidence score.  \n- **Data Sent**: IP address.  \n- [AbuseIPDB Terms of Service](https://www.abuseipdb.com/legal) | [Privacy Policy](https://www.abuseipdb.com/privacy)\n\n**WhatIsMyBrowser**  \n- **Usage**: We send user agent strings to detect software (browser), OS, and if it’s abusive.  \n- **Data Sent**: User agent strings.  \n- [WhatIsMyBrowser Terms of Service](https://developers.whatismybrowser.com/api/about/legal/) |\n  [Legal](https://developers.whatismybrowser.com/api/about/legal/)\n\n**IPData**  \n- **Usage**: We fetch detailed threat intelligence (Tor, proxy, known attacker, etc.).  \n- **Data Sent**: IP address.  \n- [IPData Terms](https://ipdata.co/terms-of-service.html) |\n  [Privacy Policy](https://ipdata.co/privacy.html)\n\u003c/p\u003e\n\n\u003ch2 id=\"support\"\u003eSupport and Contribution\u003c/h2\u003e\n\n\u003cp\u003e\n    \u003cstrong\u003eSupport:\u003c/strong\u003e For assistance, please open an issue on our \u003ca href=\"https://github.com/itcssec/ProActiveSecuritySuite/issues\"\u003eGitHub Issues\u003c/a\u003e page or contact us at \u003ca href=\"mailto:info@itcs.services\"\u003einfo@itcs.services\u003c/a\u003e.\n\u003c/p\u003e\n\n\u003ch2 id=\"license\"\u003eLicense\u003c/h2\u003e\n\n\u003cp\u003e\n    This project is licensed under the \u003ca href=\"https://www.gnu.org/licenses/gpl-3.0.html\"\u003eGNU General Public License v3.0\u003c/a\u003e.\n\u003c/p\u003e\n\n\u003chr /\u003e\n\n\u003cp\u003e\n    \u003cem\u003eThank you for using ProActive Security Suite!\u003c/em\u003e \n\u003c/p\u003e\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fitcssec%2FProActiveSecuritySuite","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fitcssec%2FProActiveSecuritySuite","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fitcssec%2FProActiveSecuritySuite/lists"}