⚠️ Status: untested. This extension is provided as-is and has not been tested in production. Please feel free to fork, modify, improve, and open pull requests.Licensed under GNU GPLv3 (see LICENSE).
WooCommerce plugin that screens storefront visitors against the ip-block.com service and blocks flagged IP addresses — with an extra check at checkout so a freshly-flagged IP cannot place an order.
WooCommerce → Settings → IP Block
| Field | Purpose |
|---|---|
| Enable IP Protection | Master on/off switch |
| Site ID | Your 12-character ip-block.com site identifier |
| API Key | Your 48-character key |
| API Endpoint URL | Defaults to https://api.ip-block.com/v1/check |
| If service is unreachable | Fail open (allow) or closed (block) |
| Decision Cache Lifetime | Seconds a decision is cached; 0 = check every request |
| Behind a proxy / CDN | Read the real IP from CF-Connecting-IP / X-Forwarded-For |
| When a visitor is blocked | Redirect to ip-block.com, or show a local 403 |
| Block Message | Local 403 text |
| Allowlisted IPs | One IP per line — never blocked |
- Requires WooCommerce active (declared via
Requires Plugins: woocommerce). - Copy the
ip-block-woocommercefolder intowp-content/plugins/. - Plugins → Activate "IP Block for WooCommerce".
- Configure under WooCommerce → Settings → IP Block and tick Enable.
- Hooks
plugins_loaded(priority 1) to stop flagged IPs before heavy work. - Also hooks
woocommerce_checkout_processto re-check at order placement. - Admin, cron, WP-CLI and AJAX requests are never screened.
- HPOS (custom order tables) compatibility is declared.
IPBlock_WC_Clientspeaks the ip-block.com API (POST /v1/check→{"action":...}).
- Allowlist your own IP before enabling so you cannot lock yourself out of the store.
- Settings are stored as
ipblock_wc_*options (standard WooCommerce settings API).