Descrizione
Secure Owl Firewall is a fast, lightweight firewall plugin with an advanced rule engine featuring PCRE pattern matching, a transformation pipeline, and JSON-based rule configuration.
Key features:
- JSON-based rules — 100+ default rules covering SQLi, XSS, RCE, LFI, SSRF, Log4Shell, and more
- Transformation pipeline — URL decode, lowercase, normalize path, remove whitespace, HTML entity decode, trim
- Inspection targets — REQUEST_URI, QUERY_STRING, USER_AGENT, REFERER, COOKIE, and POST
- MU-Plugin loader — runs before regular plugins for earliest protection
- Rate limiting — optional transient-based IP and subnet banning
- Login protection — PIN field, speed limit and honeypot to block brute-force attacks
- IP whitelist — CIDR/subnet support for both IPv4 and IPv6
- IP blacklist — CIDR/subnet support for both IPv4 and IPv6
- Per-rule toggle — disable individual rules from the admin panel without editing files
- File-based logging — 64MB cap with auto-rotation and protected storage
- Log retention — configurable policy for GDPR compliance
- IP anonymization — masks user IP addresses for enhanced privacy and GDPR compliance
Filter Hooks
sswaf_ip_whitelist— array of IPs to bypass the firewallsswaf_ip_blacklist— array of IPs to block before any rules runsswaf_trusted_proxies— array of trusted proxy IPs for X-Forwarded-Forsswaf_post_scanning— enable POST data inspection (default: true)sswaf_rules_file— path to the rules JSON filesswaf_log_file— path to the log filesswaf_log_max_size— maximum log size in bytessswaf_header_status— HTTP status header for blocked requestssswaf_before_block— action hook fired before blocking a requestsswaf_rate_limit_ip_threshold— override IP hit thresholdsswaf_rate_limit_ip_duration— override IP ban durationsswaf_rate_limit_ip_window— override IP counting window
Installazione
- Upload the
secure-owl-firewallfolder to/wp-content/plugins/ - Activate through the Plugins menu
- The MU-Plugin loader is installed automatically for early execution
- Configure settings under Settings > Secure Owl Firewall
Recensioni
Non ci sono recensioni per questo plugin.
Contributi e sviluppo
“Secure Owl Firewall” è un software open source. Le persone che hanno contribuito allo sviluppo di questo plugin sono indicate di seguito.
Collaboratori
Traduci “Secure Owl Firewall” nella tua lingua.
Ti interessa lo sviluppo?
Esplora il codice segui il repository SVN, segui il log delle modifiche tramite RSS.
Changelog
1.0.0
- Initial release.
1.0.1
- Updated security rules.
- Updated log file cap to 24MB.
1.0.2
- Added IP whitelist with CIDR/subnet support (IPv4 + IPv6).
- File-based storage for zero database overhead.
- Settings UI with validation.
1.0.3
- Removed metadata from a JSON rules file.
- Small CSS admin tweak.
1.0.4
- Added configurable log retention policy to automatically purge old data for GDPR compliance.
- Added option to anonymize user IP addresses, enhancing privacy and GDPR compliance.
- Rework plugin update mechanism.
- Improved coding standards to align better with WordPress guidelines.
1.0.5
- Updated log file cap to 64MB.
- Fixed a small bug in admin panel log viewer.
1.0.6
- Added rate-limited PIN authentication to the login page to mitigate brute-force attacks.
- Added a honeypot trap to the login form to catch unsophisticated bots.
1.0.7
- Removed a few overly aggressive rules.
1.0.8
- Added IP blacklist with CIDR/subnet support (IPv4 + IPv6).
1.0.9
- Fixed a small bug in log viewer.
1.1.0
- Updated security rules.
- Added a speed limit protection layer to the login page.