lo & co marketing logo, emblem only with accent

WordPress IP Cloaking Plugin Documentation

Introduction

The WordPress IP Cloaking plugin is meant to protect your website against unwanted bot and spam traffic. It is a WordPress plugin that allows you to serve different content to specific IP addresses. This plugin is useful for:

  • Managing access to content based on IP addresses
  • Serving different content to different visitors
  • Implementing IP-based content restrictions

Requirements

  • WordPress 5.0 or higher
  • PHP 7.2 or higher
  • MySQL 5.6 or higher

Installation

Manual Installation

  1. Download the plugin ZIP file
  2. Log in to your WordPress admin panel
  3. Navigate to Plugins → Add New
  4. Click the “Upload Plugin” button
  5. Choose the downloaded ZIP file
  6. Click “Install Now”
  7. After installation, click “Activate Plugin”

Directory Structure

ip-content-manager/
├── css/
│   └── seo-checker.css
├── ip-content-manager.php
└── README.txt

Getting Started

After installation, you’ll find a new menu item in your WordPress admin panel:
Settings → IP Content Manager

Initial Setup

  1. Navigate to the IP Content Manager settings page
  2. Add your first IP address
  3. Select a default alternate page for blocked IPs
  4. Save your settings

Configuration

General Settings

Adding IP Addresses

  1. Go to Settings → IP Content Manager
  2. In the “IP Management” section, enter the IP address
  3. Click “Add IP”
  4. The IP will appear in the list below

Selecting Alternate Content

  1. Use the dropdown menu to select any published page
  2. This page will be shown to visitors from blacklisted IPs
  3. Click “Save Changes”

Advanced Configuration

Managing Multiple IPs

  • Use the bulk import feature for multiple IPs
  • Each IP can be individually deleted using the “Delete” button
  • IPs are automatically validated before being added

Usage

Basic Usage

Adding a Single IP

// Example format for adding IPs
123.45.67.89    // Single IP
192.168.1.1     // Local IP

Removing an IP

  1. Find the IP in the list
  2. Click the “Delete” button next to it
  3. Confirm the deletion

Content Management

Selecting Content

  1. Choose any published page from the dropdown
  2. The selected page will be shown to blacklisted IPs
  3. Regular visitors will see normal content

Testing Configuration

  1. Add your own IP for testing
  2. Visit your site in an incognito window
  3. Verify that you see the alternate content
  4. Remove your IP when testing is complete

Advanced Features

IP Validation

The plugin automatically validates IP addresses for:

  • Correct format
  • Valid ranges
  • Proper syntax

Security Features

  • IP addresses are sanitized before storage
  • Database queries are prepared and escaped
  • WordPress nonces are used for form submissions

Troubleshooting

Common Issues

Plugin Not Working

  1. Verify plugin activation
  2. Check IP format is correct
  3. Ensure alternate page is published
  4. Verify WordPress permissions

IPs Not Being Blocked

  1. Check IP format
  2. Clear site cache
  3. Disable other security plugins temporarily
  4. Verify server configuration

Error Messages

“Invalid IP Address”

  • Ensure IP format is correct (xxx.xxx.xxx.xxx)
  • Check for typos
  • Verify IP is valid

“Could Not Save Settings”

  • Check WordPress permissions
  • Verify database connection
  • Ensure WordPress is up to date

FAQ

General Questions

Q: Can I block IP ranges?
A: Currently, the plugin supports individual IP addresses only.

Q: Will this affect my site’s performance?
A: The plugin is lightweight and optimized for performance with minimal impact.

Q: Can I block multiple IPs at once?
A: Yes, using the bulk import feature.

Technical Questions

Q: Does this work with caching plugins?
A: Yes, but you may need to configure cache exclusions.

Q: Can I programmatically add IPs?
A: Yes, using the plugin’s PHP functions or WordPress hooks.

Technical Reference

Functions

// Check if an IP is blacklisted
isBotIP($ip)

// Add an IP to blacklist
ajax_add_blacklist_ip()

// Remove an IP from blacklist
ajax_delete_blacklist_ip()

// Modify content for blacklisted IPs
modify_content($content)

Hooks and Filters

// Filter content for blacklisted IPs
add_filter('the_content', array($this, 'modify_content'));

// Action for IP management
add_action('wp_ajax_add_blacklist_ip', array($this, 'ajax_add_blacklist_ip'));
add_action('wp_ajax_delete_blacklist_ip', array($this, 'ajax_delete_blacklist_ip'));

Database

The plugin uses WordPress options API:

  • icm_blacklisted_ips: Array of blocked IPs
  • icm_alternate_page_id: ID of page shown to blocked IPs

Security Considerations

1. Input Validation

  • All IP addresses are validated
  • Form submissions use nonces
  • Data is sanitized before storage

2. Output Escaping

  • All output is escaped using WordPress functions
  • HTML is properly sanitized
  • SQL queries are prepared

3. Permissions

  • Only administrators can manage settings
  • Capabilities are checked for all admin actions