InformatiQ/InformatiQ-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: initial InformatiQ Toolkit plugin

Browse Source 
Merges informatiq-wp-secure + informatiq-utils + HoneypotFields into
a single unified plugin with the following improvements:

- Fixed deactivation bug: all protection methods now guard themselves
  with their own option check so toggling off via AJAX takes effect
  immediately without any hook re-registration.
- Added rate-limiting for good/legitimate bots (Googlebot, Bingbot,
  DuckDuckBot, Yandex, etc.) via transient sliding-window counters;
  configurable per-bot limits in goodbots.conf (BotName|req/min);
  returns HTTP 429 with Retry-After: 60 when over limit.
- Unified MySQL-backed logging (itk_bot_log + itk_honeypot_log tables)
  replaces the old wp_options-based 100-entry cap.
- New Dashboard tab with terminal-style bot activity monitor: total
  blocked, today's count, rate-limited hits, top threat sources
  (bar chart), top IPs, top honeypot form types, active-module
  status panel.
- All optimizations from utils.php merged into Optimization tab as
  toggleable settings (was always-on before).
- Single admin page (Settings → InformatiQ Toolkit) with 8 tabs:
  Dashboard | Bot Blocker | Protection | Optimization | Honeypot |
  Bot Logs | Honeypot Logs | Config Files.
- Config file editor for badbots.conf, goodbots.conf, referrers.conf,
  networks.conf, allowed-ips.conf with AJAX save and transient flush.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Malin
2026-04-09 11:45:26 +02:00
commit 6d4349ff7b
17 changed files with 3739 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

254
config/networks.conf Normal file
View File

@@ -0,0 +1,254 @@
# IP addresses and networks to block extracted from .htaccess
# Aliyun
121.40.0.0/14
121.40.0.0/15
# Cyveillance subnets
38.100.19.8/29
38.100.21.0/24
38.100.41.64/26
38.105.71.0/25
38.105.83.0/27
38.112.21.140/30
38.118.42.32/29
65.213.208.128/27
65.222.176.96/27
65.222.185.72/29
# Poneytelecom subnets
62.4.0.0/19
62.210.0.0/16
195.154.0.0/16
212.47.224.0/19
212.83.128.0/19
212.83.160.0/19
212.129.0.0/18
# Ecatel & Leaseweb subnets
80.82.64.0/24
80.82.65.0/24
80.82.66.0/24
80.82.67.0/24
80.82.68.0/24
80.82.69.0/24
80.82.70.0/24
80.82.76.0/24
80.82.77.0/24
80.82.78.0/24
80.82.79.0/24
89.248.160.0/21
89.248.168.0/24
89.248.169.0/24
89.248.170.0/23
89.248.172.0/23
89.248.174.0/24
93.174.88.0/21
94.102.48.0/20
188.72.106.0/24
188.72.117.0/24
185.56.80.125
# Aboundex
173.192.34.95
# Bluecoat
8.21.4.254
65.46.48.192/30
65.160.238.176/28
85.92.222.0/24
206.51.36.0/22
216.52.23.0/24
# Cyberpatrol
38.103.17.160/27
# Internet Identity - Anti-Phishing
66.113.96.0/20
70.35.113.192/27
# Ironport
204.15.80.0/22
# Lightspeed Systems Security
66.17.15.128/26
69.84.207.32/27
69.84.207.128/25
# Layered Technologies
72.36.128.0/17
72.232.0.0/16
72.233.0.0/17
216.32.0.0/14
# M86
67.192.231.224/29
208.90.236.0/22
# Phish-Inspector.com
209.147.127.208/28
# Prescient Software, Inc. Phishmongers
198.186.190.0/23
198.186.192.0/23
198.186.194.0/24
# urlfilterdb
207.210.99.32/29
# websense-in.car1.sandiego1.level3.net
4.53.120.22
# Websense
66.194.6.0/24
67.117.201.128/28
69.67.32.0/20
131.191.87.0/24
204.15.64.0/21
208.80.192.0/21
212.62.26.64/27
213.168.226.0/24
213.168.241.0/30
213.168.242.0/30
213.236.150.16/28
# IP Strada & co.
162.211.104.0/22
162.218.56.0/21
198.89.232.0/21
199.15.232.0/21
199.15.232.0/24
199.15.233.0/24
199.15.234.0/24
199.15.235.0/24
199.15.237.0/24
199.15.238.0/24
199.15.239.0/24
# DigitalOcean
45.55.100.0/22
45.55.116.0/22
67.207.66.0/24
104.131.192.0/19
104.131.224.0/19
107.170.0.0/17
107.170.128.0/19
107.170.160.0/19
138.197.240.0/22
138.197.252.0/22
159.203.152.0/22
162.243.0.0/17
162.243.191.0/24
162.243.192.0/18
192.241.160.0/19
192.241.240.0/20
# vHoster Ukraine doing WP bruteforce
91.200.12.0/22
# Drake Holdings
192.92.196.0/24
204.79.180.0/24
# Hetzner Denies
193.47.99.0/24
188.40.0.0/16
185.12.64.0/22
178.63.0.0/16
176.9.0.0/16
213.239.192.0/18
213.133.96.0/19
88.198.0.0/16
85.10.192.0/18
78.46.0.0/15
5.9.0.0/17
5.9.0.0/16
46.4.0.0/16
88.99.0.0/16
91.220.49.0/24
91.233.8.0/22
94.130.0.0/16
95.216.0.0/16
95.217.0.0/16
136.243.0.0/16
138.201.0.0/16
144.76.0.0/16
148.251.0.0/16
176.102.168.0/21
185.50.120.0/23
185.107.52.0/22
185.126.28.0/22
185.136.140.0/23
185.141.200.0/24
185.141.202.0/24
185.171.224.0/22
185.185.26.0/23
185.189.228.0/24
185.189.230.0/24
185.189.231.0/24
185.209.124.0/22
185.216.237.0/24
185.228.8.0/22
193.25.170.0/23
193.110.6.0/23
193.223.77.0/24
194.42.180.0/22
194.42.184.0/22
194.145.226.0/24
195.60.226.0/24
195.248.224.0/24
197.242.84.0/22
# Seznam bot
77.75.72.0/23
77.75.74.0/24
77.75.75.0/24
77.75.76.0/23
77.75.78.0/23
185.66.188.0/22
# Quasi Networks - Spammers
145.249.104.0/22
185.216.140.0/23
188.72.103.0/24
188.72.106.0/24
188.72.117.0/24
196.16.0.0/14
213.184.105.0/24
213.184.113.0/24
213.184.115.0/24
213.184.117.0/24
# DataShack / Wholesale Internet / VPN Consumer Network / My Server Planet / VoIP DediNet & co.
63.141.224.0/19
69.30.192.0/24
69.30.204.0/24
69.30.220.0/24
69.30.228.0/24
69.30.235.0/24
69.30.237.0/24
69.197.148.0/24
69.197.152.0/24
69.197.170.0/24
69.197.171.0/24
69.197.173.0/24
69.197.178.0/24
74.91.16.0/20
104.37.30.0/24
107.150.32.0/19
142.54.160.0/19
173.46.91.0/24
173.46.93.0/24
192.151.144.0/20
192.187.96.0/19
198.204.224.0/19
199.168.96.0/21
204.12.199.0/24
204.12.200.0/24
204.12.203.0/24
204.12.205.0/24
204.12.245.0/24
208.67.0.0/24
208.67.1.0/24
208.110.85.0/24
208.110.87.0/24