Web Application Firewall – website security


Easy way to block country and to block IP. Using this plugin admin can protect the website from unwanted traffic, bad bots. The firewall protects your website from different kind of attacks. And provides a security layer on your website.
GDPR Compliant

FREE Plugin Feature

  • HTAccess Level WAF: IPs blocked by admin will be blocked on the server only. These IPs won’t able to access the site.
  • Plugin Level Waf: IPs blocked by admin will be blocked on WordPress site load. It is less secure than HTAccess level WAF.
  • Rate Limiting: It helps to prevent DoS attacks on your site. You can set hit/min for each IP.
  • XSS, SQL Attack Detection and Blocking: Cyber attacks and suspicious activities will be get detected and access to the site for that IP will be blocked.
  • Advance Blocking: You can block country, IP range, Single IP, browser, HTTP referrers from gaining access to your site.
  • Email Notification: Admin can get a notification on email for any suspicious activity detected on site.
  • Report: Admin can see the login failed/success, attacks report in the report.
  • Recaptch Protection Google services are used to provide recaptch protection.

Premium Plugin Feature

  • Real Time IP Blocking: This feature protects your site from those IPs which are marked as spam by miniorange WAF users.
  • Rate Limiting for Crawler: Web crawler crawl your Website to increase ranking in the search engine. But sometimes they can make so many requests to the server that the service can get damaged. By enabling this feature you can provide a limit at which a crawler can visit your site.
  • Fake Web Crawler Protection: Web Crawler are used for scaning the Website and indexing it. Google, Bing, etc. are the top crawlers which increase your site’s indexing in the search engine. There are several fake crawler which can damage your site. By enabling this feature all fake google and bing crawler will be blocked.
  • Whitelist Crawler: You can whitelist the top crawler which increase indexing of your website in the search engine. By enabling this feature the whitelisted crawler will not get throttled/blocked by rate limiting.
  • BotNet Protection: BotNet is a network of robots or army of robots. The BotNet is used for Distributed denial of service attack. The attacker sends too many requests from multiple IPs to a service so that the legitimate traffic can not get the service. By enabling this your Website will be protected from such kind of attacks.
  • Remote File Inclusion Protection: It protects from adding files from remote server to your server.
  • Remote Code Execution Protection: It Protects from executing malicious commands in your server.

Customized solutions and Active support are available. Email us at info@xecurify.com or call us at +1 9786589387.


  • Web Application Firewall Dashboard

  • IP Blocking

  • Tracking

  • Email alert


From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.

  2. Search for Web Application Firewall.

  3. Install Web Application Firewall and Activate the plugin.

From WordPress.org

  1. Search for Web Application Firewall and download it.

  2. Unzip and upload the Web Application Firewall directory to your /wp-content/plugins/ directory.

  3. Activate Web Application Firewall from the Plugins tab of your admin dashboard.


Once Activated

  1. Select miniOrange Web Application Firewall from the left menu and follow the instructions.

  2. You can configure Web Application Firewall settings.


اپریل 28, 2021
While I just installed the WAF plug-in, I like the feature set and configuration flexibility. Only time will tell regarding effectiveness, but I have closed some gaps in my security. In the process of installing the plug-in there was an error when I was setting up the recaptcha option for logins and registrations, so I emailed the developer. Within 30 minutes or so, I got a reply and we set up a zoom meeting and remote access and in 15 minutes we had the problem resolved. Pradeep was very knowledgeable and helpful. Highly recommended!
جنوري 28, 2021
I was experiencing problems with some "crawlers", my page contains more than 5000 entries, with a lot of content (text, images, videos) ... the bots are indexing it again and they were saturating me to the point of having knocked the web down several times ... now I can control the request rate and free the server from so much load ... after having tried various applications, the only one that gave me good results was "Web Application Firewall" ... now I can control access attempts, block malicious users and control the way bots, spyders and crawlers access my page without saturating the server resources
Read all 3 reviews

Contributors & Developers

“Web Application Firewall – website security” is open source software. The following people have contributed to this plugin.




WordPress 5.8 version compatibility update, some minor fixes


WordPress 5.7 version compatibility update, typo corrections


WordPress 5.6 version compatibility update


WordPress 5.5 version compatibility update


The first version of WordPress Web Application Firewall Plugin with basic WordPress network security.