CF7:
- Add wpcf7_spam filter registered before is_admin() early-return so
CF7 AJAX submissions (admin-ajax.php) are properly validated
- Exclude CF7 posts from generic catch-all (prevent double-checking)
Auto-flush:
- Add maybe_flush_overdue() with 5-min transient lock, hooked to
shutdown action so every PHP request can trigger a flush if overdue
- No longer depends solely on WP-Cron firing
Dashboard layout:
- Top Attackers moved into right column below live feed
- Viewport-fill layout: body/main use flex+overflow:hidden so content
stays in view; left col scrolls independently if needed
- Feed panel takes flex:1, attackers panel capped at 260px
Colors:
- --dim: #006600 → #44bb77 (legible secondary text, ~5:1 contrast)
- --dim2: #228844 added for slightly darker secondary use
- --muted kept dark for backgrounds only; border lightened slightly
IP geo (server-side, async, non-blocking):
- country + asn columns added to blocks table (migration-safe)
- enrichIP() calls ip-api.com free HTTP API per unique IP, cached 1h
- Background job enriches historic rows missing country (5 per 20s)
- Stats and live feed now include country code + ASN
- Dashboard shows country flag emoji in feed rows and attackers table
- Full AS name shown as tooltip on ASN column
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Malin
07b5025b0b