GD Security Toolbox

A firewall is a core feature of GD Security Toolbox Pro, it is active as soon as the plugin is activated. The firewall consists of 5 modules or scanners that will scan every incoming request. Different parts of the firewall will scan URL and user agent.

You can enable or disable each firewall scanner, and you can configure ban conditions for each one. Currently available scanners/filters are:

• Request Script Scanner – check’s URL of the request and extract PHP/JS script name from the request if available. If that script matches any of the script names listed in the scanner settings, that request will be aborted and banned if conditions are met.
• SQL Injection Scanner – checks URL for strings that are commonly found in the URLs made for SQL injection. If any of these are found, requests will be aborted and banned if conditions are met.
• Request URI Scanner – URI portion of the URL is checked against regular expressions created to find requests that are suspicious or malicious. If any of these are matched, requests will be aborted and banned if conditions are met.
• Query Filter – checks the query portion of the URL against regular expressions created to find requests that are suspicious or malicious. If any of these are matched, the request will be aborted and banned if conditions are met.
• User-Agents Filter – checks user agent name against regular expressions based on the known malicious user agents. If any of these are matched, the request will be aborted and banned if conditions are met.

You can modify the list of strings for each filter.