Turbo Rate Limiter
·
Protect your WordPress site from brute force attacks, API abuse, and DDoS attacks with customizable rate limiting rules.
Turbo Rate Limiter is a powerful yet easy-to-use security plugin that helps protect your WordPress site from various types of abuse by limiting the rate at which visitors can make requests.
Features
- URI-based filtering — Set rate limits for specific URLs, paths, or patterns
- Multiple match types — Exact match, contains, starts with, ends with, or regex
- Flexible time windows — Configure rate limits per second, minute, or hour
- Multiple actions — Return HTTP 429, redirect to URL, or redirect to page
- Test mode — Preview rate limiting behavior without blocking visitors
- Debug panel — Visual debug panel for administrators
- Cloudflare support — Full IPv4 and IPv6 proxy detection
- Localization ready — Translations available for multiple languages
Use Cases
- API protection — Limit API calls to prevent abuse
- Login protection — Prevent brute force attacks on login pages
- Form spam prevention — Limit form submission rates
- Resource protection — Protect heavy database queries
- CDN compatibility — Works with Cloudflare and other proxies
Arbitrary section
Developer API
Turbo Rate Limiter provides hooks and filters for developers:
`php
// Add trusted proxy IPs add_filter(‘turbo_rate_limiter_trusted_proxies’, function() { return [ ‘173.245.48.0/20’, ‘2400:cb00::/32’, // More ranges… ]; });
// Access rate limiter instance $rate_limiter = TURBORL_Rate_Limiter::get_instance(); `
For full API documentation, see docs/developer-api.md.