=== CIDRAM === Plugin Name: CIDRAM Contributors: maikuolan Tags: anti-spam, asn, blacklist, blocker, blocklist, cidr, cloud, firewall, subnet, subnets, gpl, ip, protection, routing, security, waf Requires at least: 3.0.1 Tested up to: 4.9.5 Stable tag: 1.5.1 License: GPLv2 License URI: http://www.gnu.org/licenses/gpl-2.0.html CIDRAM: A PHP-level CIDR/IP-based firewall solution. == Description == CIDRAM (Classless Inter-Domain Routing Access Manager) is a PHP script designed to protect websites by blocking requests originating from IP addresses regarded as being sources of undesirable traffic, including (but not limited to) traffic from non-human access endpoints, cloud services, spambots, scrapers, etc. It does this by calculating the possible CIDRs of the IP addresses supplied from inbound requests and then attempting to match these possible CIDRs against its signature files (these signature files contain lists of CIDRs of IP addresses regarded as being sources of undesirable traffic); If matches are found, the requests are blocked. == Installation == # Installing via the plugins dashboard. 1. Before you begin, ensure that you're logged in as an administrator with the necessary permissions to install, update and edit plugins (after activating the plugin but before modifying the plugin configuration file, do not log out from this account). 2. From the plugins dashboard, click the "Add New" button. From the page that appears, type "CIDRAM" into the "Search Plugins" text field, and press enter. A button to install CIDRAM should appear, and CIDRAM should automatically install when you click on that button. 3. Before activating the plugin, it is advisable to understand the various configuration directives available to the plugin, what they do, and how to change them. Go to `https://cidram.github.io/`, scroll the page until you reach the "Documentation" subheading; Choose your language, and read through "Section 5: Configuration Options"; The information presented relates to the configuration directives available to the plugin. 4. Please read through the "Frequently Asked Questions" before activating! 5. From the plugins dashboard, click the "Activate" button located directly below where you see "CIDRAM". 6. After you've activated the plugin, you'll be able to modify the CIDRAM configuration file directly from your plugins dashboard. Unfortunately, due to filetype restrictions, the CIDRAM configuration file can't be modified from the plugins dashboard while CIDRAM is deactivated/inactive, and won't appear in the files list. To modify the CIDRAM configuration (after CIDRAM has been activated), click the "Edit" button located directly below where you see "CIDRAM", and in the list that should appear to the right, look for "cidram/vault/config.ini". Click on that, and the CIDRAM configuration directives should appear. Edit as per your needs, and click "Update File". # Installing via manual upload. 1. Download the package onto your local machine, and extract its content to a directory convenient for editing. 2. Before activating the plugin, it is advisable to understand the various configuration directives available to the plugin, what they do, and how to change them. Go to `https://cidram.github.io/`, scroll the page until you reach the "Documentation" subheading; Choose your language, and read through "Section 5: Configuration Options"; The information presented relates to the configuration directives available to the plugin. 3. Please read through the "Frequently Asked Questions" before activating! 4. Modify the file `/vault/config.ini` as per your needs (this file contains the configuration directives available to the plugin), and make any other necessary changes to the package (e.g., installing custom signature files, if you need them). 5. Upload the plugin files to the `/wp-content/plugins/cidram` directory of your Wordpress installation. 6. From the plugins dashboard, click the "Activate" button located directly below where you see "CIDRAM". == Frequently Asked Questions == # What is the best way to receive support? The best way to receive support is by contacting the plugin developer via the CIDRAM issues page hosted at GitHub. # How can I report bugs or make suggestions for the plugin? See the answer to the previous question (the GitHub issues page is the preferred means). # Help! I've been blocked from my own website! What do I do?! CIDRAM may occasionally produce 'false positives' as a result of its signatures (e.g., when they become outdated, or when mistakes are made). If you lose front-end access to your Wordpress installation as a result of a false positive produced by this plugin, the best solution may depend on the nature of your IP address (specifically, whether it is static or dynamic); In either case though, you will likely need back-end access to your server or website (e.g., via FTP). If you don't have any back-end access to your server or website, you'll need to be able to contact someone that does (e.g., a server administrator or technical support assistant), and if that isn't possible, I would recommend caution in using this plugin, in case you find yourself in a situation where rectifying the problem of being blocked from your own website isn't possible. Now, assuming that you and/or someone that you can contact has back-end access, if your IP address is static, generally, the best solution would be to whitelist your IP address address as to prevent any further unwanted blocking by way of your IP address, or, if your IP address is dynamic, generally, the best solution would be to establish an 'ignore' rule for the plugin as to prevent any further unwanted blocking by way of your ISP or by way of whichever set of signatures would normally be responsible of your being blocked in the first place. To learn how to whitelist an IP address and how to write ignore rules for CIDRAM, please refer 'Section 6: Signature Format' of the documentation. If you require assistance with this, direct support may be received via the CIDRAM issues page hosted at GitHub. If you do encounter any false positives, you are strongly encouraged to report these to the developer, as so that these problems may be rectified for future releases. # What is a "signature"? In the context of CIDRAM, a "signature" refers to data that acts as an indicator/identifier for something specific that we're looking for, usually an IP address or CIDR, and includes some instruction for CIDRAM, telling it the best way to respond when it encounters what we're looking for. A typical signature for CIDRAM looks something like this: `1.2.3.4/32 Deny Generic` Often (but not always), signatures will bundled together in groups, forming "signature sections", often accompanied by comments, markup, and/or related metadata that can be used to provide additional context for the signatures and/or further instruction. # Can CIDRAM block entire countries? Yes. The easiest way to achieve this would be to install some of the optional country blocklists provided by Macmathan. This can be done with a few simple clicks directly from the front-end updates page, or, if you'd prefer for the front-end to remain disabled, by downloading them directly from the optional blocklists download page, uploading them to the vault, and citing their names in the relevant configuration directives. # How frequently are signatures updated? Update frequency varies depending on the signature files in question. All maintainers for CIDRAM signature files generally try to keep their signatures as up-to-date as is possible, but as all of us have various other commitments, our lives outside the project, and as none of us are financially compensated (i.e., paid) for our efforts on the project, a precise update schedule can't be guaranteed. Generally, signatures are updated whenever there's enough time to update them, and generally, maintainers try to prioritise based on necessity and on how frequently changes occur among ranges. Assistance is always appreciated if you're willing to offer any. # I want to use CIDRAM with a PHP version older than 5.4.0; Can you help? No. PHP 5.4.0 reached official EoL ("End of Life") in 2014, and extended security support was terminated in 2015. As of writing this, it is 2017, and PHP 7.1.0 is already available. At this time, support is provided for using CIDRAM with PHP 5.4.0 and all available newer PHP versions, but if you try to use CIDRAM with any older PHP versions, support won't be provided. # Can I assist in any way? Can I write new translations? Can I add new features? All development for CIDRAM occurs at GitHub. Please refer to the project GitHub repository for contributing to the project. == Screenshots == 1. Screenshot of the CIDRAM "Access Denied" page. 2. Screenshot of CIDRAM running in CLI-mode. == Changelog == * Please refer to `https://github.com/CIDRAM/CIDRAM/blob/master/Changelog.txt`. == Requirements == CIDRAM requires that your installed version of PHP is >= 5.4.0 in order for it to run correctly. If your installed version of PHP is < 5.4.0, do not install this plugin, because it will not function as intended. PHP >= 7.0.0 is recommended due to improved performance, but is not necessary. All currently available versions of PHP >= 5.4.0 are compatible with this plugin. Additionally, CIDRAM requires that PCRE be included with your PHP installation (most PHP installations already have PCRE included by default, so this generally shouldn't be a problem). Absence of PCRE will prevent CIDRAM from functioning correctly. == Updating == Note: CIDRAM does not interact in any way with your database, and stores its own configuration settings, customisations, and related materials as flatfiles within its own directory. If you've not changed any of the default configuration settings and if you're not using any customisations for this plugin, updating normally via the plugins dashboard, without need for any additional steps, should be sufficient and shouldn't cause any problems. However, if you've modified the configuration settings for CIDRAM, or if you've made any customisations, I would recommend making backups of all of these prior to updating, due to that updating will likely overwrite these changes and customisations (after updating, you can then restore your customisations from your backups). Alternatively, if you update via the CIDRAM front-end updates page, configuration settings and customisations should all be preserved.