內容簡介
Tornevall Networks DNSBL Implementation 外掛提供 WordPress 的反垃圾郵件和反濫用保護,能有效阻擋來自 Tornevall Networks DNSBL 和 FraudBL 標記的地址的評論活動和帳號註冊,提升網站安全性。
【主要功能】
• 阻擋垃圾評論和註冊
• 支援本地快取以減少查詢負擔
• 提供手動 DNS 查詢工具
• 訪客統計功能
• 安全的 IP 白名單管理
• Cloudflare Turnstile 支援
外掛標籤
開發者團隊
② 後台搜尋「Tornevall Networks DNSBL Implementation」→ 直接安裝(推薦)
📦 歷史版本下載
原文外掛簡介
Tornevall Networks DNSBL and FraudBL protection for WordPress. The plugin helps block comment activity, account registrations and other unwanted submissions from addresses flagged by Tornevall Networks DNSBL and FraudBL.
FraudBL is part of the protection layer used by the plugin and is available at fraudbl.org. For general discovery, broader search terms like fraud, blacklist, comment spam and user registration are usually easier to find than niche technical acronyms alone.
The plugin is intended to provide a lightweight anti-spam and anti-abuse layer for WordPress, with support for local caching to reduce repeated lookups and unnecessary load against blacklist services.
Current admin features include manual DNS lookup tools, self-check tools, visitor statistics, safe IP whitelisting, frontend dry-run support for administrators, Cloudflare Turnstile for comments, DNSBL plus Turnstile protection for new WordPress account registrations, and a separate opt-in Turnstile toggle for the public delisting/removal flow. Tools integration now uses one visible DNSBL / Tools API token field in the plugin UI. The live Check token permissions flow always asks Tools directly, warns clearly when the token exists on the other Tools environment (tools.tornevall.com vs tools.tornevall.net), and reports the effective DNSBL permissions for the configured token. Active admin-owned Tools tokens are shown as having automatic DNSBL access through the same X-Dnsbl-Token transport. The plugin now also warns on the WordPress dashboard and settings page when the current token cannot perform live delete / delist operations yet, with a direct link to the active Tools access page. The token status area shows current add/delete/update capability instead of only saying that a token exists, and delisting-page controls stay read-only until delete / delist permission has been confirmed. Internal delist slug routing now uses a dedicated rewrite/query-var path and refreshes rewrite rules on activation and slug changes to avoid /delist 404 cases. The managed public delist page now runs as a checker-style IP-only flow (checks listing first, then submits delist), while custom shortcode pages still support the broader permission-aware operations. The plugin also ships a shortcode delisting/removal form ([dnsbl_removal_form]) with AJAX backend proxy and optional API dry-run acknowledgement, plus a built-in primary removal-page template that is only activated when the configured token has live delete permission. Advanced CIDR delist now follows the delegated Tools guardrail delete_min_cidr_prefix, so non-admin tokens can be limited to /25../32, /26../32, or /32 only instead of always exposing /24. Tools-backed DNSBL write/check calls now also include additive site identity metadata so Tools-side delist audits can show which WordPress site submitted the request. The admin UI also now shows a small dismissible reminder with a direct link to the WordPress.org review form.
Report issues and feedback: GitHub issues
Plugin URL: WordPress.org plugin page
Documentation: DNSBL API documentation
Support and feedback
Bug reports and feedback can currently be submitted via GitHub issues.
Full Documentation: DNSBL API documentation
Translations can be contributed via translate.wordpress.org.
