Automatically Ban for IP's via Cloudflare API

Defender is pretty good at spotting bad behavior. But there needs to be a more proactive approach. For example, for login attempts, it would be cool if defender could communicate with CloudFlare through an API call and automatically block the offending IP on all websites
using the firewall.

  • Tony G

    I think we could go wild with integration of Defender with other environments. Rather than trying to solve every one-off problem, how about adding an API to Defender which will both export and import events via hooks. To restate, if I want a slack notification, or an SMS, or IFTTT with something else, it makes no sense to ask "can WPMU DEV add Slack notices?", "can WPMU DEV add SMS notices?", "can WPMU DEV add IFTTT notices?" How about exposing hooks so that when something of interest happens we can let other plugins handle the interfaces?

    This would be especially valuable now that Defender is available to the public. Build an ecosystem around the platform and it will be much more valuable compared to the individual features that WPMU DEV alone can build in.

    Going the other way? I came here just now wondering if Defender could subscribe to hooks. I have other plugins that detect Lots of site activity. I'd like to wire them all into Defender. For example, I have IP Geo Block that does a great job of identifying bad traffic, and Ban Hammer, Fast Secure reCAPTCHA, WP Statistics, and others. You guys can take a hundred requests to build features from all of these into Defender, but why add this stuff to the roadmap when it's already out there nd done quite well by other plugins? My preference would be that when one of these other plugins detects something of interest, they can do_action() and Defender can handle the blocking and reporting.

    The next question would be about how to get those other plugins to provide and fire those hooks. Any of us can create forks and pull requests, or create our own plugins that identify events of interest, and add do_action() at strategic points. You guys just need to provide us with an API that we can use ourselves and pass on to other plugin developers.

    From a Marketing perspective this is good for WPMU DEV and for other plugin developers where they can post updates that include "Now Supports WPMU DEV Defender".

    So please guys, stop taking every one-off request like it's some totally new concept to be considered and added to the roadmap. Look at the big picture and make better use of the WordPress tools that are already built in. THEN you can get Defender to do more so that can link into its awesomeness.


    I posted similar notes in this other thread on Defender.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.