DawsonyWeb – Security Shield

Опис

DawsonyWeb Security Shield protects your WordPress site from comment spam and unauthorised API access.

Comment Protection

• Master switch to completely disable all comments (form, REST API, XML-RPC, feeds)
• Invisible honeypot field to trap bots
• Minimum comment length enforcement
• Block all links or cap links per comment
• Require login to comment
• Keyword/phrase blocklist

API & REST Hardening

• Disable XML-RPC entirely (removes X-Pingback header too)
• Hide /wp/v2/users endpoint to prevent username harvesting
• Require authentication for all REST API requests
• Optionally disable the REST API completely
• Block author enumeration via /?author=N

Spam Rules

• Per-IP comment rate limiting (configurable max and time window)
• IP address blocklist — blocked IPs receive a 403 on any front-end request
• Rolling activity log (last 200 events)