Skildring
Secure Owl Firewall is a fast, lightweight firewall plugin with an advanced rule engine featuring PCRE pattern matching, a transformation pipeline, and JSON-based rule configuration.
Key features:
- JSON-based rules — 100+ default rules covering SQLi, XSS, RCE, LFI, SSRF, Log4Shell, and more
- Transformation pipeline — URL decode, lowercase, normalize path, remove whitespace, HTML entity decode, trim
- Inspection targets — REQUEST_URI, QUERY_STRING, USER_AGENT, REFERER, COOKIE, and POST
- MU-Plugin loader — runs before regular plugins for earliest protection
- Rate limiting — optional transient-based IP and subnet banning
- Login protection — PIN field and honeypot to block brute-force attacks
- IP whitelist — CIDR/subnet support for both IPv4 and IPv6
- IP blacklist — CIDR/subnet support for both IPv4 and IPv6
- Per-rule toggle — disable individual rules from the admin panel without editing files
- File-based logging — 64MB cap with auto-rotation and protected storage
- Log retention — configurable policy for GDPR compliance
- IP anonymization — masks user IP addresses for enhanced privacy and GDPR compliance
Filter Hooks
sswaf_ip_whitelist— array of IPs to bypass the firewallsswaf_ip_blacklist— array of IPs to block before any rules runsswaf_trusted_proxies— array of trusted proxy IPs for X-Forwarded-Forsswaf_post_scanning— enable POST data inspection (default: true)sswaf_rules_file— path to the rules JSON filesswaf_log_file— path to the log filesswaf_log_max_size— maximum log size in bytessswaf_header_status— HTTP status header for blocked requestssswaf_before_block— action hook fired before blocking a requestsswaf_rate_limit_ip_threshold— override IP hit thresholdsswaf_rate_limit_ip_duration— override IP ban durationsswaf_rate_limit_ip_window— override IP counting window
Installasjon
- Upload the
secure-owl-firewallfolder to/wp-content/plugins/ - Activate through the Plugins menu
- The MU-Plugin loader is installed automatically for early execution
- Configure settings under Settings > Secure Owl Firewall
Omtalar
There are no reviews for this plugin.
Bidragsytarar og utviklarar
“Secure Owl Firewall” is open source software. The following people have contributed to this plugin.
Contributors
Omset “Secure Owl Firewall” til ditt eige språk.
Interested in development?
Les kjeldekoden, sjekk SVN-lageret eller abonner på utviklingsloggen med RSS.
Endringslogg
1.0.0
- Initial release.
1.0.1
- Updated security rules.
- Updated log file cap to 24MB.
1.0.2
- Added IP whitelist with CIDR/subnet support (IPv4 + IPv6).
- File-based storage for zero database overhead.
- Settings UI with validation.
1.0.3
- Removed metadata from a JSON rules file.
- Small CSS admin tweak.
1.0.4
- Added configurable log retention policy to automatically purge old data for GDPR compliance.
- Added option to anonymize user IP addresses, enhancing privacy and GDPR compliance.
- Rework plugin update mechanism.
- Improved coding standards to align better with WordPress guidelines.
1.0.5
- Updated log file cap to 64MB.
- Fixed a small bug in admin panel log viewer.
1.0.6
- Added rate-limited PIN authentication to the login page to mitigate brute-force attacks.
- Added a honeypot trap to the login form to catch unsophisticated bots.
1.0.7
- Removed a few overly aggressive rules.
1.0.8
- Added IP blacklist with CIDR/subnet support (IPv4 + IPv6).
1.0.9
- Fixed a small bug in log viewer.