FAIR

Federated and Independent Repositories

Geosec

Plugin Banner

Geosec

by rbonfil

Download
Description

Geosec is a lightweight security plugin designed to protect your WordPress administration panel (wp-admin). It works by detecting the visitor’s country using their IP address and allowing access only if they are in your “Allowed Countries” whitelist.

This significantly hardens your admin panel against brute-force attacks, bot login attempts, and unauthorized access from foreign countries.

Key Features

  • Whitelist-based Protection: Only allow access from specific countries.
  • Emergency Key: Create a unique URL to bypass the lock if you are traveling.
  • Cloudflare Compatible: Works seamlessly with Cloudflare and standard server setups.
  • Detailed Statistics: View logs of blocked attempts and valid logins, including Top Blocked Countries and IPs.
  • Lightweight: Optimized for performance, querying external APIs only when necessary and caching results.
  1. Upload the geosec folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Go to Settings -> Geosec to configure allowed countries.
  4. IMPORTANT: Add your CURRENT country to the allow list before activating the protection.
  1. <strong>Configuration Panel:</strong> Easily select allowed countries and enable protection.

    Configuration Panel: Easily select allowed countries and enable protection.

  2. <strong>Statistics Dashboard:</strong> View detailed logs of blocked activity.

    Statistics Dashboard: View detailed logs of blocked activity.

What happens if I lock myself out?

If you configured an Emergency Key, you can use the special URL (e.g., yoursite.com/?geosec_bypass=YOURKEY) to gain access. If you didn’t, you can manually rename the geosec folder in wp-content/plugins/ via FTP to disable the plugin.

Does this slow down my site?

No. Geosec caches IP geolocation results for 24 hours. Subsequent requests from the same IP are instant.

1.0.1

  • Fixed typos.

1.0.0

  • Initial release in WordPress repository.

0.3.1

  • Updated readme security claims to comply with WordPress guidelines.
  • Fixed typos in documentation.
  • Updated plugin description for consistency.

0.3

  • Added “Top Blocked IPs” statistics.
  • Added Internationalization (English, Spanish, French).
  • UI Improvements.

0.2

  • Added Statistics tab.
  • Added Credits section.

0.1

  • Initial release.
Back to top