IP & Country Blocker Lite
IP & Country Blocker Lite is a comprehensive WordPress security plugin that provides multiple layers of protection for your website. Block unwanted visitors based on IP addresses or countries, and add an extra layer of security with two-factor authentication (2FA).
Security Features: * IP Address Blocking: Block or allow specific IP addresses, IP ranges, or subnets * Country-Based Blocking: Restrict access based on visitors’ countries * Two-Factor Authentication: Secure admin logins with email-based 2FA or authenticator apps * Recovery Codes: Backup access codes for account recovery * Emergency Recovery: Generate secure recovery URLs to disable the plugin if locked out * Advanced Security Dashboard: Monitor blocked attempts and security events
Key Benefits: * Protect against spam, bots, and malicious traffic * Prevent brute force attacks on admin login * Block entire countries or regions * Easy-to-use admin interface with real-time monitoring * Lightweight and fast performance * No external dependencies for core functionality
Easy Management: * One-click blocking/unblocking * Intuitive admin panel with tabbed interface * Real-time activity logs * Bulk operations support * Custom blocked page templates
Monitoring & Analytics: * Track blocked IP attempts * View country-wise access statistics * Monitor security events * Export blocking rules
Privacy & Compliance: * Uses free IP-API.com service for geolocation * No personal data storage * GDPR compliant * Respects user privacy
Data Collection & Privacy
For transparency, here’s what data the plugin collects and why:
Essential Data Collection (Always Required for Functionality):
-
IP Addresses: Collected for security blocking and geolocation features
- Purpose: Enable IP/country blocking, security monitoring, and access control
- Storage: Temporary (not stored in database, only processed in memory)
- Third Parties: Sent to IP-API.com for country lookup (free service)
-
Country Information: Derived from IP addresses via geolocation
- Purpose: Enable country-based blocking and access statistics
- Storage: Not stored permanently (only used for blocking decisions)
- Third Parties: Retrieved from IP-API.com (free geolocation service)
Optional Data Collection (Only with User Consent):
-
Plugin Usage Statistics: Anonymous plugin performance data
- Purpose: Improve plugin quality and fix bugs
- Data Collected: Plugin version, WordPress version, PHP version, activation date
- Storage: Remote server (only if user consents)
- Privacy: Completely anonymous, no personal identifiers
-
User Feedback: Plugin reviews and feedback submissions
- Purpose: Understand user needs and improve features
- Data Collected: Feedback text, rating, plugin version, PHP version
- Storage: Remote server (only if user consents)
- Privacy: Anonymous feedback, no personal data required
- Privacy Policy: http://codecanvasbd/privacy-policy
Data Collection Controls:
- Consent Required: Optional data collection requires explicit user consent
- Easy Opt-out: Users can decline consent at any time
- No Automatic Collection: No data sent without user permission
- Transparent Process: Clear consent modal explains what data is collected
Third-Party Services:
-
IP-API.com: Free geolocation service for country detection
- Data sent: Visitor IP addresses
- Purpose: Determine visitor country for blocking features
- Privacy: IP-API.com privacy policy applies
-
Remote Analytics Server (optional, consent required):
- Data sent: Anonymous usage statistics
- Purpose: Plugin improvement and support
- Privacy: No personal data, fully anonymous
GDPR Compliance:
- ✅ No personal data storage without consent
- ✅ Clear consent mechanisms
- ✅ Easy opt-out options
- ✅ Transparent data practices
- ✅ Data minimization principles
Main Features
IP & Country Blocking: * Block specific IP addresses or ranges (CIDR notation supported) * Block entire countries or allow only specific countries * Whitelist important IPs for access * Real-time blocking with immediate effect
Two-Factor Authentication (2FA): * Email-based 2FA for easy setup * Authenticator app support (Google Authenticator, Authy, etc.) * Recovery codes for account access * Secure code generation and validation * Admin email verification
Emergency Recovery System: * Generate secure recovery URLs to disable plugin if locked out * Time-limited recovery hashes (24 hours expiration) * One-click plugin deactivation via recovery URL * Secure hash verification to prevent unauthorized access
Admin Interface: * Modern, responsive dashboard * Tabbed navigation for easy access * Real-time statistics and charts * Activity logs with filtering * Bulk operations for efficiency
Security Monitoring: * Track blocked access attempts * Country-wise visitor statistics * Failed login monitoring * Security event logging
Performance Optimized: * Lightweight codebase * Minimal database queries * Fast IP lookups * Caching support
External Services
This plugin uses the IP-API.com service to detect the user’s location based on their IP address. – Service: IP-API.com (http://ip-api.com) – Purpose: IP geolocation for country-based blocking – Data Sent: User’s IP address only – Privacy Policy: http://ip-api.com/docs/legal – Data Storage: No personal data is stored by this plugin
The plugin works without this service but country blocking features will be limited.
Support
For support, bug reports, or feature requests: – WordPress.org Support Forum: https://wordpress.org/support/plugin/ip-blocker-lite/ – GitHub Issues: Report bugs and request features – Email: Contact through WordPress.org profile
Contributing
Contributions are welcome! Please feel free to submit pull requests or open issues on GitHub.
Credits
- Developer: Nurul Islam (faqnurul)
- Icons: Dashicons (WordPress)
- Geolocation: IP-API.com (free tier)
- Charts: Chart.js library
License
This plugin is licensed under the GPLv2 or later. License URI: http://www.gnu.org/licenses/gpl-2.0.html
Take control of your website’s security and protect it from unwanted visitors with IP & Country Blocker Lite!