{"id":295733,"date":"2026-04-10T03:01:31","date_gmt":"2026-04-10T03:01:31","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/sentryowl-firewall\/"},"modified":"2026-05-03T17:53:16","modified_gmt":"2026-05-03T17:53:16","slug":"secure-owl-firewall","status":"publish","type":"plugin","link":"https:\/\/sq.wordpress.org\/plugins\/secure-owl-firewall\/","author":23473538,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.9","stable_tag":"1.0.9","tested":"6.9.4","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"Secure Owl Firewall","header_author":"Sajber Sove","header_description":"Secure Owl Firewall is a smart rule-based protection that blocks threats and secures your site from attacks.","assets_banners_color":"0f0f30","last_updated":"2026-05-03 17:53:16","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/sajbersove.rs","header_author_uri":"https:\/\/sajbersove.rs","rating":0,"author_block_rating":0,"active_installs":0,"downloads":571,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","changelog"],"tags":{"1.0.0":{"tag":"1.0.0","author":"sajbersove","date":"2026-04-10 05:03:32"},"1.0.1":{"tag":"1.0.1","author":"sajbersove","date":"2026-04-10 08:57:23"},"1.0.2":{"tag":"1.0.2","author":"sajbersove","date":"2026-04-11 05:17:33"},"1.0.3":{"tag":"1.0.3","author":"sajbersove","date":"2026-04-14 13:41:53"},"1.0.4":{"tag":"1.0.4","author":"sajbersove","date":"2026-04-17 04:06:00"},"1.0.5":{"tag":"1.0.5","author":"sajbersove","date":"2026-04-17 18:20:49"},"1.0.6":{"tag":"1.0.6","author":"sajbersove","date":"2026-04-20 06:26:55"},"1.0.7":{"tag":"1.0.7","author":"sajbersove","date":"2026-04-24 09:49:02"},"1.0.8":{"tag":"1.0.8","author":"sajbersove","date":"2026-04-25 19:52:45"},"1.0.9":{"tag":"1.0.9","author":"sajbersove","date":"2026-05-03 17:53:16"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3503274,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3503274,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3503274,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3503274,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.0.7","1.0.8","1.0.9"],"block_files":[],"assets_screenshots":[],"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1174,1178,600,18199],"plugin_category":[54],"plugin_contributors":[259872],"plugin_business_model":[],"class_list":["post-295733","plugin","type-plugin","status-publish","hentry","plugin_tags-firewall","plugin_tags-protection","plugin_tags-security","plugin_tags-waf","plugin_category-security-and-spam-protection","plugin_contributors-sajbersove","plugin_committers-sajbersove"],"banners":{"banner":"https:\/\/ps.w.org\/secure-owl-firewall\/assets\/banner-772x250.png?rev=3503274","banner_2x":"https:\/\/ps.w.org\/secure-owl-firewall\/assets\/banner-1544x500.png?rev=3503274","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/secure-owl-firewall\/assets\/icon-128x128.png?rev=3503274","icon_2x":"https:\/\/ps.w.org\/secure-owl-firewall\/assets\/icon-256x256.png?rev=3503274","generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>Secure Owl Firewall is a fast, lightweight firewall plugin with an advanced rule engine featuring PCRE pattern matching, a transformation pipeline, and JSON-based rule configuration.<\/p>\n\n<p>Key features:<\/p>\n\n<ul>\n<li>JSON-based rules \u2014 100+ default rules covering SQLi, XSS, RCE, LFI, SSRF, Log4Shell, and more<\/li>\n<li>Transformation pipeline \u2014 URL decode, lowercase, normalize path, remove whitespace, HTML entity decode, trim<\/li>\n<li>Inspection targets \u2014 REQUEST_URI, QUERY_STRING, USER_AGENT, REFERER, COOKIE, and POST<\/li>\n<li>MU-Plugin loader \u2014 runs before regular plugins for earliest protection<\/li>\n<li>Rate limiting \u2014 optional transient-based IP and subnet banning<\/li>\n<li>Login protection \u2014 PIN field and honeypot to block brute-force attacks<\/li>\n<li>IP whitelist \u2014 CIDR\/subnet support for both IPv4 and IPv6<\/li>\n<li>IP blacklist \u2014 CIDR\/subnet support for both IPv4 and IPv6<\/li>\n<li>Per-rule toggle \u2014 disable individual rules from the admin panel without editing files<\/li>\n<li>File-based logging \u2014 64MB cap with auto-rotation and protected storage<\/li>\n<li>Log retention \u2014 configurable policy for GDPR compliance<\/li>\n<li>IP anonymization \u2014 masks user IP addresses for enhanced privacy and GDPR compliance<\/li>\n<\/ul>\n\n<h3>Filter Hooks<\/h3>\n\n<ul>\n<li><code>sswaf_ip_whitelist<\/code> \u2014 array of IPs to bypass the firewall<\/li>\n<li><code>sswaf_ip_blacklist<\/code> \u2014 array of IPs to block before any rules run<\/li>\n<li><code>sswaf_trusted_proxies<\/code> \u2014 array of trusted proxy IPs for X-Forwarded-For<\/li>\n<li><code>sswaf_post_scanning<\/code> \u2014 enable POST data inspection (default: true)<\/li>\n<li><code>sswaf_rules_file<\/code> \u2014 path to the rules JSON file<\/li>\n<li><code>sswaf_log_file<\/code> \u2014 path to the log file<\/li>\n<li><code>sswaf_log_max_size<\/code> \u2014 maximum log size in bytes<\/li>\n<li><code>sswaf_header_status<\/code> \u2014 HTTP status header for blocked requests<\/li>\n<li><code>sswaf_before_block<\/code> \u2014 action hook fired before blocking a request<\/li>\n<li><code>sswaf_rate_limit_ip_threshold<\/code> \u2014 override IP hit threshold<\/li>\n<li><code>sswaf_rate_limit_ip_duration<\/code> \u2014 override IP ban duration<\/li>\n<li><code>sswaf_rate_limit_ip_window<\/code> \u2014 override IP counting window<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>secure-owl-firewall<\/code> folder to <code>\/wp-content\/plugins\/<\/code><\/li>\n<li>Activate through the Plugins menu<\/li>\n<li>The MU-Plugin loader is installed automatically for early execution<\/li>\n<li>Configure settings under Settings &gt; Secure Owl Firewall<\/li>\n<\/ol>\n\n<!--section=changelog-->\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<\/ul>\n\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Updated security rules.<\/li>\n<li>Updated log file cap to 24MB.<\/li>\n<\/ul>\n\n<h4>1.0.2<\/h4>\n\n<ul>\n<li>Added IP whitelist with CIDR\/subnet support (IPv4 + IPv6).<\/li>\n<li>File-based storage for zero database overhead.<\/li>\n<li>Settings UI with validation.<\/li>\n<\/ul>\n\n<h4>1.0.3<\/h4>\n\n<ul>\n<li>Removed metadata from a JSON rules file.<\/li>\n<li>Small CSS admin tweak.<\/li>\n<\/ul>\n\n<h4>1.0.4<\/h4>\n\n<ul>\n<li>Added configurable log retention policy to automatically purge old data for GDPR compliance.<\/li>\n<li>Added option to anonymize user IP addresses, enhancing privacy and GDPR compliance.<\/li>\n<li>Rework plugin update mechanism.<\/li>\n<li>Improved coding standards to align better with WordPress guidelines.<\/li>\n<\/ul>\n\n<h4>1.0.5<\/h4>\n\n<ul>\n<li>Updated log file cap to 64MB.<\/li>\n<li>Fixed a small bug in admin panel log viewer.<\/li>\n<\/ul>\n\n<h4>1.0.6<\/h4>\n\n<ul>\n<li>Added rate-limited PIN authentication to the login page to mitigate brute-force attacks.<\/li>\n<li>Added a honeypot trap to the login form to catch unsophisticated bots.<\/li>\n<\/ul>\n\n<h4>1.0.7<\/h4>\n\n<ul>\n<li>Removed a few overly aggressive rules.<\/li>\n<\/ul>\n\n<h4>1.0.8<\/h4>\n\n<ul>\n<li>Added IP blacklist with CIDR\/subnet support (IPv4 + IPv6).<\/li>\n<\/ul>\n\n<h4>1.0.9<\/h4>\n\n<ul>\n<li>Fixed a small bug in log viewer.<\/li>\n<\/ul>","raw_excerpt":"Secure Owl Firewall is a smart rule-based protection that blocks threats and secures your site from attacks.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/295733","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=295733"}],"author":[{"embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/sajbersove"}],"wp:attachment":[{"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=295733"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=295733"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=295733"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=295733"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=295733"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/sq.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=295733"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}