外掛標籤
開發者團隊
原文外掛簡介
Secure Owl Firewall is a fast, lightweight firewall plugin with an advanced rule engine featuring PCRE pattern matching, a transformation pipeline, and JSON-based rule configuration.
Key features:
JSON-based rules — 100+ default rules covering SQLi, XSS, RCE, LFI, SSRF, Log4Shell, and more
Transformation pipeline — URL decode, lowercase, normalize path, remove whitespace, HTML entity decode, trim
Inspection targets — REQUEST_URI, QUERY_STRING, USER_AGENT, REFERER, COOKIE, and POST
MU-Plugin loader — runs before regular plugins for earliest protection
Rate limiting — optional transient-based IP and subnet banning
Login protection — PIN field and honeypot to block brute-force attacks
IP whitelist — CIDR/subnet support for both IPv4 and IPv6
IP blacklist — CIDR/subnet support for both IPv4 and IPv6
Per-rule toggle — disable individual rules from the admin panel without editing files
File-based logging — 64MB cap with auto-rotation and protected storage
Log retention — configurable policy for GDPR compliance
IP anonymization — masks user IP addresses for enhanced privacy and GDPR compliance
Filter Hooks
sswaf_ip_whitelist — array of IPs to bypass the firewall
sswaf_ip_blacklist — array of IPs to block before any rules run
sswaf_trusted_proxies — array of trusted proxy IPs for X-Forwarded-For
sswaf_post_scanning — enable POST data inspection (default: true)
sswaf_rules_file — path to the rules JSON file
sswaf_log_file — path to the log file
sswaf_log_max_size — maximum log size in bytes
sswaf_header_status — HTTP status header for blocked requests
sswaf_before_block — action hook fired before blocking a request
sswaf_rate_limit_ip_threshold — override IP hit threshold
sswaf_rate_limit_ip_duration — override IP ban duration
sswaf_rate_limit_ip_window — override IP counting window
