WP AntiDDOS can offer protection against classic HTTP flooding attacks and brute-force password cracking attempts.
It does this by sniffing out the origin of all HTTP requests and passing the IP against a set of filters.
If it does not pass these simple filters, the IP is marked as an "attacker" and all future requests will be dropped until a desired period of time has passed since the last request.
These filtering rules can be configured from a special page in the WordPress administration panel, where an overview of recently dropped IPs and IP ranges can be viewed at the bottom.
Individual protection limits can be setup for GET, POST, XHR, and login requests, and all dropped connections will get a 503 server error.
The plugin also doesn't prevent search engine indexing, the plugin permitting search crawlers to index the site and make frequent requests without being blocked, providing a 502 server error in case they get dropped.
Installation:
Unpack and upload it to the /wp-content/plugins/ directory.
Activate the plugin through the 'Plugins' menu in WordPress.
PS: - the plugin also comes with a few instructions on how to optimize its installation beyond these simple steps. This technique increases the detection speed, but will also require you to do some manual coding in the platform's files.
What is new in this release:
- Initial public release.
Requirements:
- WordPress 3 or higher
- PHP 5.2 or higher
Comments not found