Core Features:

Firewall

Firewall: Request Script Scan
Firewall: Request Script Scan

Firewall is a core feature of GD Security Toolbox Pro, it is active as soon as the plugin is activated. Firewall consist of 5 modules or scanners that will scan every incoming request. Different parts of firewall will scan URL and user agent.

You can enable or disable each firewall scanner, and you can configure ban conditions for each one. Currently available scanners/filters are:

  • Request Script Scanner – check’s URL of the request and extracts PHP/JS script name from the request if available. If that script matches any of the script names listed in the scnanner settings, that request will be aborted and banned if conditions are met.
  • SQL Injection Scanner – checks URL for strings that are commonly found in the URL’s made for SQL injection. If any of these are found, request will be aborted and banned if conditions are met.
  • Request URI Scanner – URI portion of the URL is check against regular expressions created to find requests that are suspicious or malicious. If any of these are matched, request will be aborted and banned if conditions are met.
  • Query Filter – checks query portion of the URL against regular expressions created to find requests that are suspicious or malicious. If any of these are matched, request will be aborted and banned if conditions are met.
  • User Agents Filter – checks user agent name against regular expressions based on the known malicious user agents. If any of these are matched, request will be aborted and banned if conditions are met.

You can modify list of strings for each filter.