Breaking News
Home » Digital » WordPress Plugin: CloudFlare Threat Management
cloudflare-threat-management

WordPress Plugin: CloudFlare Threat Management

In less than 7 days, I’ve gone from nothing, to a full blown security plugin for WordPress. This plugin CloudFlare Threat Management allows WordPress users who take advantage of CloudFlare to better manage their website security.

Get it today! Click here to visit the plugin page on Wordpress.org

(Hippies' Note: If you enjoy reading our articles, you'll love our newsletter. Receive updates directly to your inbox. Subscribe now!)

CloudFlare Threat Management allows you to manage all banning, unbanning, and clearing of IP addresses at a CloudFlare level. CloudFlare Threat Management also integrates with popular WordPress security plugins such as WordFence.

Set up is easy. Enter the email which you use to login to CloudFlare.com & your API key found here. Once you save that information into CloudFlare Threat Management, you’ll be able to specify a list of IP address to blacklist (ban), whitelist (never ban) and clear (remove from CloudFlare completely).

It’s important to note that any changes you do while using CloudFlare Threat Management populate across your entire CloudFlare account. This means that if you have 50 domains registered under your CloudFlare account, and you ban a single IP address, that address is banned across all 50 domains. This is extremely helpful if you know the IP addresses are malicious and that you never want them to access your websites.

WordFence
screenshot CloudFlare Threat Management plays well with other plugins such as WordFence. For example, you can at your leisure, ban all currently locked out IP addresses from WordFence, or even ban all IP addresses which have ever been locked out via WordFence. This means that if you got hit with a brute force attack with bots trying to login to your admin control panel, you can in one click, ban all the IP addresses which were locked out by WordFence.

The advantage of this is two fold:

  1. First, WordFence only allows locking a user out for a maximum of 60 days, whereas a CloudFlare ban is permanent.
  2. Second, by doing it this way, you take a large load off of your server. If you are getting hit by dozens (or hundreds!) of bots per second, and you successfully ban these bots, they will never even hit your server. They will try, but get stopped by CloudFlare, thereby putting 0 additional load on your server.

Get it today! Click here to visit the plugin page on Wordpress.org

Support: The Digital Hippies Official Wordpress Plugin Support Forums

Subscribe to our mailing list

I'm interested in...

About Branndon

Branndon
I love to do websites and general web work. I also love to help and share my advice, so if you have any questions that you think I can help with, shoot me a message.

13 comments

  1. You guys Amaze Me 😀 I Week? What an Achievement! True Leaders in Your Field of Web Design and Management>>>

  2. You guys Amaze Me 😀 I Week? What an Achievement! True Leaders in Your Field of Web Design and Management>>>

  3. Thanks! I’m loving putting these out.

  4. Thanks! I’m loving putting these out.

  5. Cool, off to read this now. We opened a CF account after being hit pretty hard last month with ddos type traffic, then paused it for some troubleshooting after implementing tighter server-level security. But there are clearly some out there attacking domains with redirect schemes at the DNS level directly via CloudFlare. Annoying screen hijackers started on our domain when we paused the CF services while they were still managing the DNS, and stopped as soon as we deleted the account and pointed back to our DNS.

  6. Cool, off to read this now. We opened a CF account after being hit pretty hard last month with ddos type traffic, then paused it for some troubleshooting after implementing tighter server-level security. But there are clearly some out there attacking domains with redirect schemes at the DNS level directly via CloudFlare. Annoying screen hijackers started on our domain when we paused the CF services while they were still managing the DNS, and stopped as soon as we deleted the account and pointed back to our DNS.

  7. Nice work! Is it multisite friendly? And if so would it be network activated, or only on the main site? If the former, the admin screens would need to be hidden on sub-sites. And if the latter, control would have to affect all subdomains.

    I manage all the IP juju you mention at the server level, so I’m really just curious.
    Jim @LiveWorkDream recently posted…Remote Workamping Shop Local ChallengesMy Profile

    • Branndon

      Thanks Jim! This is only my second plugin, so I’ve not looked into making it multisite friendly yet. Is the conversion hard? I’ll look into it and if it’s not too bad, I’ll convert it. You know more than I do about multisite , so while converting it, I’ll shoot any questions to you.

      Are there any features missing from the screenshot here on this page that you think I should add (other than multisite)?
      Branndon recently posted…WordPress Plugin: CloudFlare Threat ManagementMy Profile

  8. Do you have any data or general experience with sites whose performance was affected by bots hitting the regular site pages or 404s? I have never seen this. With good hosting I would be surprised to see enough to significantly impact server load.

    My understanding is the bulk of the scripted attacks that can have a DDoS effect aim at the login screen, but they will only get there in force if your host sucks.

    The best practice to stop all spambots is to whitelist admin users or require two-factor authentication from users. If many non-admin users need to access WP and two-factor authentication s not used, then your approach may be helpful. It would be helpful to have some data from a case study to see how performance and security are improved relative to any cost in administrative overhead, false positive user lockouts, and other annoyances.

    • Branndon

      You bring up good points. And I agree that most attacks I hear of are brute force attacks on the login page.

      I’ve never heard of standard pages, or extreme 4o4’s being the cause of a sites performance degradation.

      The main idea of the plugin was for me to ban the offending IP addresses which attempted brute force attacks on my websites. I released it to the community for others who would like the same functionality. I have over 60 domains on cloudflare, so when I can blacklist a bad IP globally for all domains, that’s awesome!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

CommentLuv badge
css.php