WordPress Firewall

Stop the bad guys before they even get to your site

Firewall Protection

Preventing bad visitors to even access your website is the best kind of protection.

Security Ninja uses different methods of protection - preventing bad guys from even visiting your website.

  • Block 600+ million of IPs

    A list of known bad IPs is updated twice daily - block them from even accessing your site.

  • Country Blocking

    Block visitors by countries you do not want to access your website.

  • Redirect blocked visitors

    Don't want blocked visitors to even see your website? Redirect them to any URL you wish.

  • Block SPAM

    The blocklist protects you from 100.000+ spammers.

  • Block Suspicious Requests

    Block requests from visitors that include malicious requests.

  • Bruteforce - Protect Login

    Block repeated attempts to log in with wrong passwords or unknown usernames. Prevent brute-force attacks from slowing down your website.

Protect your website from known hackers with a couple of clicks!

The Cloud Firewall is a dynamic, continuously changing database of bad IP addresses updated twice daily.

It contains roughly 600 million IPs that are known for distributing malware, performing brute force attacks on sites and doing other "bad" activities. The database is created by analyzing log files of millions of sites.

By using the cloud firewall, you will be one step ahead of the bad guys. They won't be able to login to your site or access it at all (if you enable that option).

The local firewall protects your login from brute force attacks. Anybody who fails to log in several times in a given period will be banned.

  • Ban 600 million bad IPs collected from millions of attacked sites.
  • The list auto-updates, no need for any maintenance or manual work
  • Protect login form from brute-force attacks.
  • Visitors who fail to login multiple times in a given timeframe get banned
  • Country blocking - block traffic from countries you do not want traffic from.
  • Secret access link is emailed during setup in case you lock yourself out.
  • Protect yourself against blacklisted spammers.

Protect your WordPress website

Fast and easy to use

Get started

Prevent hack attempts - Filter out bad requests

Protect yourself against malicious requests - filter out attempts to execute or inject programming to hack your website.

Hackers will attempt to inject malicious code into your website. Security Ninja scans all traffic and determines if the request has any dangerous code.

Checks all incoming traffic and blocks malicious requests. Blocks uploading executable files, SQL injection attacks and a lot more.

  • Protect against dangerous file uploads to your website.
  • Protects against SQL injection attacks.
  • Block dangerous and malicious requests.
  • Protect against directory traversal attacks.
Based on the excellent BBQ: Block Bad Queries plugin by Jeff Starr

Country Blocking

Block traffic from any country you do not want traffic from.

If you see a lot of unwanted traffic from a specific country you can ban that country from visiting your website.

This can help prevent unwanted traffic, hack attempts and reduce server resources.

  • Easy to choose countries to block from a dropdown list.
  • See which countries your traffic comes from and block unwanted visitors.
  • List downloads automatically and is updated every month.
Country Blocking in WordPress

This product includes IP2Location LITE data available from https://lite.ip2location.com.

Protect your WordPress website

Fast and easy to use

Get started

Login Form Protection

Some attackers use brute force attacks, simply trying a lot of login and password combinations trying to get in.

Protect your login form from repeated failed login attempts. If a user fails to enter a proper username and password combination too many times, they will get banned for a short period of time.

You can set the number of failed attempts by a single IP before being banned, as well as for how long they are banned.

Block multiple failed login attempts

p.s. You can help yourself a lot by using difficult unique passwords and use a secure password management application instead of reusing the same simple password. We can recommend 1Password by Agilebits. 

Warning on multiple mailed login attempts
How to prevent WordPress hackers?

A WordPess firewall can help protect against hackers. A firewall will identify malicious attempts from hackers to gain access and block them.

Another method is to regularly update a blacklist of bad IPs to block access for the many known automated bots reported by the community.

Installing a security plugin is recommended to keep your WordPress website secure.

How to stop non-stop login attempts on a WP site?

If your website is picked up by scanners and subsequently attacked with repeated login attempts you have several options. You can install a security plugin that automatically bans IPs after a few repeated failed logins.

Another option is to use community-powered lists of bad IPs. Many lists are updated continuously and can reduce the impact on your server significantly.

Changing the login page to a secret URL can also help reduce the impact on your WordPress website.

What does DDoS stand for?

DDoS stands for Distributed denial-of-service. It is a method where attackers can overwhelm a server with thousands or millions of simultaneous visitors. DDoS attacks are usually made by someone with control over a large network of remotely controlled computers and websites. Many websites that are infected with malicious code are often used as unwilling robots that help attack other websites.

How To Prevent Or Stop DDoS Attacks

A large enough DDoS attack can take down or disrupt basically any website. You can help reduce the impact by having an experienced and prepared WebHost and by installing security plugins that block identified malicious traffic.