Skip to content

Instantly share code, notes, and snippets.

@paulgoodchild
Last active March 27, 2021 10:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save paulgoodchild/cc7ea6abf5ce24e5377ce62daa2a3820 to your computer and use it in GitHub Desktop.
Save paulgoodchild/cc7ea6abf5ce24e5377ce62daa2a3820 to your computer and use it in GitHub Desktop.
Set Service Providers to be "untrusted" in Shield Security
<?php
/**
* Use this filter to tell Shield to NOT automatically whitelist certain providers.
*
* By default Shield will never block official service providers and web crawlers. You can turn off this behaviour on
* a per-service basis using this filter.
*
* Understand that Shield doesn't then "block" the provider, it simply no longer gives it a free pass. If it abuses your
* resources or performs requests that cause offenses, it may be then blocked by Shield.
*
* For example, you may find a particular webcrawler abuses your resources repeatedly. Let's say the web crawler in question
* is the Huawei / PetalBot crawler. This example demonstrates how to turn off automatic whitelisting for this crawler.
*
* To find the full list of recognised Crawlers, please see this URL:
* https://wphashes.com/api/apto-wphashes/v1/services/provider_ips
*
* From the JSON, use the "key" for each crawler/service provider in the filter function.
*
* We've provided a few here as examples, but please only specify the ones you want to "un-bypass".
*/
add_filter( 'shield/untrusted_service_providers', function ( $providers ) {
$providers[] = 'huawei';
$providers[] = 'bing';
$providers[] = 'baidu';
$providers[] = 'yandex';
// ALWAYS return $providers.
return $providers;
} );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment