🛡️ IP Filter (Firewall) with Anti‑Hacker

Protect your nopCommerce store from unwanted visitors, bots, and hacking attempts. Block or allow by country, IP address, or IP range — with optional automatic bot protection. No coding required.

Why Store Owners Love It

• Reduce unwanted traffic and fake sign‑ups instantly.
• Prevent brute‑force and spam attacks automatically.
• Save server resources and keep your store fast.
• Full visibility: see who was blocked, when, and why.

Key Features

• Country‑based blocking — Restrict access using ISO country codes (e.g., CN, VN, RU).
• IP & range filtering — Add single IPs or entire IP ranges to block/allow lists.
• Smart Anti‑Hacker — Detects and blocks suspicious requests and common attack patterns.
• Automatic IP Ban Rules — Auto‑ban attackers using configurable rules (URL pattern matches or error‑log spikes).
• Custom block messages — Show a friendly message or redirect blocked visitors.
• Detailed activity logs — Track requests and audit decisions.
• GeoLite2 integration — Accurate country detection by MaxMind.
• IPv4 & IPv6 support — Modern, future‑proof networking.

Quick Start

1. Install the plugin in Admin → Configuration → Local Plugins.
2. Open the settings, enable the plugin, and choose your block/allow strategy.
3. Add rules by country, IP, or IP range. Optionally turn on Anti‑Hacker protection.
4. (Optional) Configure Automatic IP Ban Rules to proactively block attackers.

Screenshots & What You Can Do on Each Page

1) Main Configuration

Enable the plugin, set admin‑area allowed IPs, and receive notifications about blocked IPs. Choose Country Filter and Region Filter modes, turn on Anti‑Hacker (block non‑ASCII, static‑file probes, and custom hacker patterns), configure a custom Access Denied page, and update GeoLite2 databases.

2) IP Addresses Tab

Add or edit individual IP rules (allow or block), assign to a specific store if needed, and leave comments for auditing. Use Import from CSV / Export to CSV for bulk operations; quickly edit or delete entries from the grid.

3) Region (IP Networks) Tab

Define IP ranges by specifying From and To addresses to allowlist or block entire network segments at once. Bulk‑manage ranges with CSV import/export, and scope rules per store when required.

4) Countries Tab

Maintain your block/allow list by country. Choose a country code from the dropdown, add an optional comment, and save to apply. Rules can be scoped per store if you run a multi‑store setup.

5) Automatic IP Ban Rules — List

Create, enable/disable, and manage automatic ban rules. Use this page to add new rules or edit existing ones that will automatically block an IP when the rule conditions are met.

6) Automatic IP Ban Rule — Request URL Match Rule

Auto‑ban an IP if a request URL contains (or exactly matches) a specific substring. Configure the rule name, store scope, set the URL substring, choose case‑sensitive matching, and pick Contains or Exact match mode.

7) Automatic IP Ban Rule — Error Log Frequency Rule

Auto‑ban an IP when your store’s error log shows repeated issues containing a chosen keyword within a short timeframe. Configure the keyword (substring), the minimum count, and the time window in minutes.