{"id":230633,"date":"2026-01-29T06:06:28","date_gmt":"2026-01-29T06:06:28","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/waf-rules-wizard-for-cloudflare\/"},"modified":"2026-03-30T03:58:35","modified_gmt":"2026-03-30T03:58:35","slug":"waf-security-suite-for-cloudflare","status":"publish","type":"plugin","link":"https:\/\/fa.wordpress.org\/plugins\/waf-security-suite-for-cloudflare\/","author":16841248,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.3.1","stable_tag":"1.3.1","tested":"6.9.4","requires":"6.0","requires_php":"7.4","requires_plugins":null,"header_name":"Cloud Maestro - WAF Security Suite for Cloudflare","header_author":"5 Star Plugins","header_description":"A plugin to bulk create and manage WAF rules within Cloudflare across multiple accounts.","assets_banners_color":"1c3554","last_updated":"2026-03-30 03:58:35","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/5starplugins.com\/cloud-maestro-cloudflare-waf-rules\/","header_author_uri":"https:\/\/5starplugins.com\/","rating":5,"author_block_rating":0,"active_installs":10,"downloads":981,"num_ratings":3,"support_threads":3,"support_threads_resolved":3,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0":{"tag":"1.0","author":"5starplugins","date":"2026-02-04 19:12:26"},"1.0.1":{"tag":"1.0.1","author":"5starplugins","date":"2026-02-04 19:12:26"},"1.0.2":{"tag":"1.0.2","author":"5starplugins","date":"2026-02-04 20:31:49"},"1.0.3":{"tag":"1.0.3","author":"5starplugins","date":"2026-02-05 04:30:28"},"1.0.4":{"tag":"1.0.4","author":"5starplugins","date":"2026-02-09 02:48:56"},"1.0.5":{"tag":"1.0.5","author":"5starplugins","date":"2026-02-11 07:55:02"},"1.0.6":{"tag":"1.0.6","author":"5starplugins","date":"2026-02-12 19:00:11"},"1.0.7":{"tag":"1.0.7","author":"5starplugins","date":"2026-02-12 22:48:00"},"1.0.8":{"tag":"1.0.8","author":"5starplugins","date":"2026-03-06 05:28:37"},"1.1":{"tag":"1.1","author":"5starplugins","date":"2026-03-17 20:37:40"},"1.2":{"tag":"1.2","author":"5starplugins","date":"2026-03-19 22:22:16"},"1.3":{"tag":"1.3","author":"5starplugins","date":"2026-03-27 06:58:31"},"1.3.1":{"tag":"1.3.1","author":"5starplugins","date":"2026-03-30 03:58:35"}},"upgrade_notice":{"":"<p>1.3.1: Fixes free-to-premium activation fatal errors by guarding shared functions; adjusts textdomain loading timing.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":3},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3456548,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3456548,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544-500.jpg":{"filename":"banner-1544-500.jpg","revision":3453434,"resolution":"1544x500","location":"assets","locale":""},"banner-772-250.jpg":{"filename":"banner-772-250.jpg","revision":3453434,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{"blueprint.json":{"filename":"blueprint.json","revision":3494179,"resolution":false,"location":"assets","locale":"","contents":"{\"$schema\":\"https:\\\/\\\/playground.wordpress.net\\\/blueprint-schema.json\",\"preferredVersions\":{\"php\":\"8.3\",\"wp\":\"latest\"},\"features\":{\"networking\":true},\"phpExtensionBundles\":[\"kitchen-sink\"],\"landingPage\":\"\\\/wp-admin\\\/admin.php?page=waf-security-suite-for-cf\",\"steps\":[{\"step\":\"login\",\"username\":\"admin\",\"password\":\"password\"},{\"step\":\"installPlugin\",\"options\":{\"activate\":true},\"pluginData\":{\"resource\":\"wordpress.org\\\/plugins\",\"slug\":\"waf-security-suite-for-cloudflare\"}}]}"}},"all_blocks":[],"tagged_versions":["1.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.0.7","1.0.8","1.1","1.2","1.3","1.3.1"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":3451202,"resolution":"1","location":"assets","locale":""},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":3456562,"resolution":"2","location":"assets","locale":""},"screenshot-3.jpg":{"filename":"screenshot-3.jpg","revision":3456562,"resolution":"3","location":"assets","locale":""},"screenshot-4.jpg":{"filename":"screenshot-4.jpg","revision":3456562,"resolution":"4","location":"assets","locale":""},"screenshot-5.jpg":{"filename":"screenshot-5.jpg","revision":3456562,"resolution":"5","location":"assets","locale":""},"screenshot-6.jpg":{"filename":"screenshot-6.jpg","revision":3456562,"resolution":"6","location":"assets","locale":""},"screenshot-7.jpg":{"filename":"screenshot-7.jpg","revision":3456565,"resolution":"7","location":"assets","locale":""},"screenshot-8.jpg":{"filename":"screenshot-8.jpg","revision":3458726,"resolution":"8","location":"assets","locale":""}},"screenshots":{"1":"Main settings page with domain selection","2":"API Token field with easy Generate Token button","3":"API Settings encrypted with built-in expiration timer","4":"Premium Good Bot customization options","5":"Successfully deployed rules confirmation","6":"Cloudflare dashboard showing applied WAF rules","7":"Premium IP Rules Management screen","8":"New Preview Rules Section"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[166108,3882,1174,600,254876],"plugin_category":[54],"plugin_contributors":[168501],"plugin_business_model":[],"class_list":["post-230633","plugin","type-plugin","status-publish","hentry","plugin_tags-bot-protection","plugin_tags-cloudflare","plugin_tags-firewall","plugin_tags-security","plugin_tags-waf-rules","plugin_category-security-and-spam-protection","plugin_contributors-5starplugins","plugin_committers-5starplugins","plugin_committers-presswizards","plugin_support_reps-presswizards"],"banners":{"banner":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/banner-772-250.jpg?rev=3453434","banner_2x":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/banner-1544-500.jpg?rev=3453434","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/icon-128x128.png?rev=3456548","icon_2x":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/icon-256x256.png?rev=3456548","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-1.jpg?rev=3451202","caption":"Main settings page with domain selection"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-2.jpg?rev=3456562","caption":"API Token field with easy Generate Token button"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-3.jpg?rev=3456562","caption":"API Settings encrypted with built-in expiration timer"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-4.jpg?rev=3456562","caption":"Premium Good Bot customization options"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-5.jpg?rev=3456562","caption":"Successfully deployed rules confirmation"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-6.jpg?rev=3456562","caption":"Cloudflare dashboard showing applied WAF rules"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-7.jpg?rev=3456565","caption":"Premium IP Rules Management screen"},{"src":"https:\/\/ps.w.org\/waf-security-suite-for-cloudflare\/assets\/screenshot-8.jpg?rev=3458726","caption":"New Preview Rules Section"}],"raw_content":"<!--section=description-->\n<p>Cloud Maestro brings centralized Cloudflare Web Application Firewall (WAF) controls directly into WordPress.<\/p>\n\n<p><strong>Why would I use a plugin when I can create rules in Cloudflare?<\/strong>\nIf you manage multiple Cloudflare-connected sites, Cloud Maestro is a productivity tool that helps oversee several domains from a central dashboard using WordPress. If you only manage one domain in Cloudflare, you wouldn't benefit from this plugin.<\/p>\n\n<p>It\u2019s useful for someone managing:\n- Their own sites and client sites\n- Multiple businesses\n- Separate Cloudflare accounts<\/p>\n\n<p>People like using Cloud Maestro because configuring security rules one domain at a time is inefficient and error-prone. It allows you to configure WAF rules once and deploy them consistently across all domains in your Cloudflare account \u2014 instantly.<\/p>\n\n<p>The free version supports one Cloudflare account with multiple domains.<\/p>\n\n<p>An optional premium version is available for managing unlimited domains across multiple Cloudflare accounts at once.<\/p>\n\n<h3>\ud83d\udee1\ufe0f Why Use Cloud Maestro - WAF Security Suite for Cloudflare?<\/h3>\n\n<p>Managing security rules across multiple Cloudflare domains is tedious and time-consuming. This plugin streamlines the process, allowing you to:<\/p>\n\n<ul>\n<li><strong>Deploy in One Click<\/strong> - Apply comprehensive WAF rules to multiple domains simultaneously<\/li>\n<li><strong>Save Time<\/strong> - No more manually configuring rules on each domain, one at a time<\/li>\n<li><strong>Enterprise Security<\/strong> - Protect against bots, aggressive crawlers, malicious IPs, and common threats<\/li>\n<li><strong>Reduce Mistakes<\/strong> - Maintain consistent security rules across domains<\/li>\n<\/ul>\n\n<h3>\u2705 Free Standard Features<\/h3>\n\n<ul>\n<li>One Cloudflare account<\/li>\n<li>Multiple domains<\/li>\n<li>One-click WAF rule deployment<\/li>\n<li>Centralized Cloudflare controls<\/li>\n<li>Secure API credential storage (AES-256-CBC encryption)<\/li>\n<li>Plugin updates\nThe free plugin does not require an upgrade.<\/li>\n<\/ul>\n\n<h3>\ud83d\udd25 What Gets Protected<\/h3>\n\n<p>The plugin deploys <strong>3 optimized trusted security rules<\/strong> (prior versions used 5) that work together to protect your sites:<\/p>\n\n<ul>\n<li><strong>Good Bot Allowlist<\/strong> - Ensures legitimate bots (Google, Bing, monitoring tools) can access your site<\/li>\n<li><strong>Managed Challenges for Suspicious Traffic<\/strong> - Automatically challenges requests from certain ASNs and non-US traffic<\/li>\n<li><strong>Aggressive Crawler Protection<\/strong> - Blocks unauthorized crawlers and bots (Yandex, Semrush, Ahrefs, etc.)<\/li>\n<li><strong>VPN &amp; Login Protection<\/strong> - Adds extra challenges for VPN traffic and WordPress login attempts<\/li>\n<li><strong>Block Known Threats<\/strong> - Automatically blocks web hosts, malicious IPs, TOR nodes, and attack vectors<\/li>\n<\/ul>\n\n<h3>\u2728 Premium Upgrade (Optional)<\/h3>\n\n<p>For agencies and professionals managing multiple Cloudflare accounts, a Premium version is available with expanded functionality and tech support. <strong><a href=\"https:\/\/5starplugins.com\/cloud-maestro-cloudflare-waf-rules\/\">Check out our free trial<\/a><\/strong> for these features:<\/p>\n\n<ul>\n<li><strong>Multi-Account Management<\/strong> - Automatically manage domains across ALL your Cloudflare accounts<\/li>\n<li><strong>Easy Bot Whitelisting<\/strong> - Built-in checkboxes for 50+ trusted services across 8 categories<\/li>\n<li><strong>Custom User Agents<\/strong> - Add your own user agent strings to the Good Bot Rule<\/li>\n<li><strong>Custom IP Whitelisting<\/strong> - Add trusted IP addresses to the Goot Bot Rule<\/li>\n<li><strong>IP Rules management<\/strong> - View and edit Cloudflare's IP Rules that block or allow access even before hitting WAF rules (and we are working on connecting to fail2ban and Wordfence blocks)<\/li>\n<li><strong>Bulk DNS Manager<\/strong> - Search and manage DNS records across all domains, bulk migrate IP addresses, CNAME targets, and convert A records to CNAME with a single action<\/li>\n<li><strong>Priority Support<\/strong> - Get expert help when you need it<\/li>\n<li><strong>Advanced Customization<\/strong> - Fine-tune rules to match your exact requirements<\/li>\n<li><strong>Multi-Account Management<\/strong> \u2013 Centrally manage unlimited domains across all your Cloudflare accounts<\/li>\n<\/ul>\n\n<h3>\ud83d\udccb Important Information<\/h3>\n\n<p><strong>Rule Replacement:<\/strong> This plugin replaces existing custom WAF rules on targeted domains. Make sure to back up any custom rules you want to keep.<\/p>\n\n<p><strong>Compatibility:<\/strong> Works with Cloudflare Free, Pro, and Business plans. Not compatible with Enterprise plans managed by hosting providers.<\/p>\n\n<p><strong>Service Monitoring:<\/strong> These rules might challenge some monitoring or uptime services. Check Cloudflare's Events log if services stop connecting, and add exceptions as needed.<\/p>\n\n<!--section=installation-->\n<h3>Automatic Installation<\/h3>\n\n<ol>\n<li>Log in to your WordPress admin panel<\/li>\n<li>Navigate to <strong>Plugins<\/strong> \u2192 <strong>Add New<\/strong><\/li>\n<li>Search for \"Cloud Maestro\"<\/li>\n<li>Click <strong>Install Now<\/strong> and then <strong>Activate<\/strong><\/li>\n<\/ol>\n\n<h3>Manual Installation<\/h3>\n\n<ol>\n<li>Download the plugin ZIP file<\/li>\n<li>Log in to your WordPress admin panel<\/li>\n<li>Navigate to <strong>Plugins<\/strong> \u2192 <strong>Add New<\/strong> \u2192 <strong>Upload Plugin<\/strong><\/li>\n<li>Choose the ZIP file and click <strong>Install Now<\/strong><\/li>\n<li>Click <strong>Activate Plugin<\/strong><\/li>\n<\/ol>\n\n<h3>Getting Started<\/h3>\n\n<ol>\n<li>After activation, navigate to <strong>Cloud Maestro<\/strong> in your WordPress admin menu<\/li>\n<li>Enter your Cloudflare API details:\n\n<ul>\n<li><strong>API Token<\/strong> - Paste in your existing API Token, or click the Generate New Token button.<\/li>\n<li><strong>Account ID<\/strong> - Choose your account ID from the drop-down.<\/li>\n<li>Global API Key is also supported but NOT recommended.<\/li>\n<\/ul><\/li>\n<li>Click <strong>Save Settings<\/strong> to retrieve your domains<\/li>\n<li>Select the domains you want to protect<\/li>\n<li>Click <strong>Create\/Overwrite All WAF Rules<\/strong><\/li>\n<li>Verify the rules in your Cloudflare account to ensure it's working as it should the first time.<\/li>\n<\/ol>\n\n<p>That's it! Your sites are now protected.<\/p>\n\n<p>The Premium version offers easy checkbox selection of common service user agents, and type in custom user agents or IPs.<\/p>\n\n<!--section=faq-->\n<dl>\n<dt id=\"how%20it%20works\"><h3>How It Works<\/h3><\/dt>\n<dd><p><strong>1. Install Once<\/strong> - You only need to install the plugin to one site to manage all of your Cloudflare-connected domains<\/p>\n\n<p><strong>2. Connect Your Cloudflare Account<\/strong> \u2013 Securely enter your API credentials (encrypted and stored safely)<\/p>\n\n<p><strong>3. Select Your Domains<\/strong> \u2013 View all domains in your account with convenient checkboxes<\/p>\n\n<p><strong>4. Deploy Rules<\/strong> \u2013 Click once to apply proven security rules across all selected domains<\/p>\n\n<p><strong>5. Stay Protected<\/strong> \u2013 Your sites are now shielded from thousands of common threats and malicious or resource-hungry traffic<\/p><\/dd>\n<dt id=\"will%20this%20affect%20my%20existing%20cloudflare%20rules%3F\"><h3>Will this affect my existing Cloudflare rules?<\/h3><\/dt>\n<dd><p>Yes, this plugin <strong>replaces<\/strong> the custom WAF rules in your Cloudflare configuration. Any existing custom rules will be overwritten. The plugin does not affect Cloudflare's managed rulesets or other settings\u2014only custom WAF rules.<\/p><\/dd>\n<dt id=\"are%20my%20cloudflare%20api%20credentials%20secure%3F\"><h3>Are my Cloudflare API credentials secure?<\/h3><\/dt>\n<dd><p>Yes. It uses API Tokens that are stored encrypted using AES-256-CBC (bank-level encryption) securely within WordPress. For additional security, it has a Settings Expiration timer that automatically deletes the API settings, or manually using the \"Delete Settings\" button when you're not actively managing rules.<\/p><\/dd>\n<dt id=\"does%20the%20free%20version%20require%20a%20premium%20upgrade%3F\"><h3>Does the free version require a Premium upgrade?<\/h3><\/dt>\n<dd><p>No. The free version works independently and includes centralized WAF rule deployment for one Cloudflare account with multiple domains.<\/p>\n\n<p>The free version is ideal for managing up to 25 domains under one Cloudflare account.<\/p>\n\n<p>Premium expands this to multiple Cloudflare accounts and unlimited domains for agencies and professionals. Additionally, powerful customization options are available, including built-in bot whitelisting, custom user agents, custom IP addresses, and the IP Rules Manager.<\/p><\/dd>\n<dt id=\"will%20this%20work%20with%20any%20cloudflare%20plan%3F\"><h3>Will this work with any Cloudflare plan?<\/h3><\/dt>\n<dd><p>This plugin is designed for Cloudflare Free, Pro, and Business plans. WAF features depend on Cloudflare\u2019s plan limitations.<\/p>\n\n<p>Enterprise plans typically have different WAF rule management and may be controlled by your hosting provider, so this plugin may not be compatible.<\/p><\/dd>\n<dt id=\"will%20this%20block%20legitimate%20bots%20like%20google%3F\"><h3>Will this block legitimate bots like Google?<\/h3><\/dt>\n<dd><p>No. The first rule explicitly allows verified bots from major search engines (Google, Bing), monitoring services, and other legitimate services. The Premium version offers even more control with 50+ built-in trusted services you can whitelist.<\/p><\/dd>\n<dt id=\"what%20happens%20if%20a%20monitoring%20service%20gets%20blocked%3F\"><h3>What happens if a monitoring service gets blocked?<\/h3><\/dt>\n<dd><p>If you notice a service can't connect after applying rules, check Cloudflare's Events log to see what was blocked. You can then add that service's user agent or IP to the allowlist. Premium users can do this directly in the plugin with custom user agents and IP fields.<\/p><\/dd>\n<dt id=\"can%20i%20customize%20or%20override%20the%20rule%20expressions%20with%20code%3F\"><h3>Can I customize or override the rule expressions with code?<\/h3><\/dt>\n<dd><p>Yes! Developers can use WordPress filter hooks to customize or completely replace each rule expression. The plugin provides three filters: <code>fivestar_cfwaf_good_bot_expression<\/code>, <code>fivestar_cfwaf_managed_challenge_expression<\/code>, and <code>fivestar_cfwaf_block_expression<\/code>. Add your custom code to your theme's functions.php, a code snippet, or a custom plugin. For <a href=\"https:\/\/support.5starplugins.com\/hc\/670402815\/191\/waf-rules-filters-to-customize-or-add-to-the-default-rule-expressions?category_id=48\">documentation and examples<\/a>, visit our support site.<\/p>\n\n<p>You can also more easily add 50+ pre-configured service user agents across 8 categories via the Premium version, which offers simple checkbox selection, and custom text fields to add your own user agents or IPs as desired, and saves those settings for repeated use.<\/p><\/dd>\n<dt id=\"fair%20use%20disclaimer%3A\"><h3>Fair Use Disclaimer:<\/h3><\/dt>\n<dd><p>This plugin is independent and not affiliated, endorsed, or sponsored by Cloudflare\u00ae. Trademarks are used under fair use for compatibility and functionality only. No endorsement is implied. This plugin was inspired in part by Troy Glancy\u2019s WAF Rules v3.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.3.1 - 2026-03-30<\/h4>\n\n<ul>\n<li>\ud83d\udee1\ufe0f Fixed: Guarded all plugin functions to prevent redeclare fatals during free-to-premium activation.<\/li>\n<li>\ud83d\udd27 i18n: Moved textdomain loading to an <code>init<\/code> hook to avoid activation-time conflicts.<\/li>\n<\/ul>\n\n<h4>1.3 - 2026-03-26<\/h4>\n\n<ul>\n<li>\ud83d\udd27 Freemius SDK updated.<\/li>\n<li>\u26a1 WAF Rules now use JS to submit and track API calls in parallel to avoid timeouts and faster progress.<\/li>\n<li>\u2705 Premium: Added Managed Challenge country customization with live preview.<\/li>\n<li>\u2705 Premium: Added Block Rule custom URI path strings with live preview.<\/li>\n<li>\ud83d\udd04 Premium: Append action now updates Managed Challenge countries and appends missing Block URI clauses.<\/li>\n<\/ul>\n\n<h4>1.2 - 2026-03-19<\/h4>\n\n<ul>\n<li>\ud83d\udc1b Fixed: Zones loading logic optimized to avoid iterating accounts (reduces API calls and speeds up domain listing).<\/li>\n<li>\ud83d\udd27 UI: Account selection now reloads the settings page on change for immediate domain refresh.<\/li>\n<li>\u2699\ufe0f Internal: Minor refactor to zone retrieval to better respect account scope.<\/li>\n<li>\u2705 Premium: Added switchable Account dropdown (no encrypted save) so premium users can quickly switch accounts without re-saving API credentials.<\/li>\n<li>\u2705 Premium: \"All Accounts\" option now correctly fetches domains across all accounts only when selected; changing account selection now reloads to show only that account's domains.<\/li>\n<\/ul>\n\n<h4>1.1 - 2026-03-17<\/h4>\n\n<ul>\n<li>\ud83c\udf1f Premium: Added Bulk DNS Manager for viewing, searching, and bulk migrating DNS records across domains<\/li>\n<li>\ud83d\udd04 Support for bulk IP migrations, CNAME migrations, and A-record to CNAME conversions with parallel processing<\/li>\n<li>\u26a1 Intelligent cache management with 1-hour TTL, concurrent warmup (10 parallel requests), and per-domain cache purge controls<\/li>\n<li>\ud83d\udc1b Cache sync fix ensuring per-account transients update after all mutations (bulk migrations, edits, deletes)<\/li>\n<li>\ud83d\udc1b Fixed CNAME validation to support underscores in hostnames (required for DKIM, DMARC, SPF records)<\/li>\n<li>\ud83d\udcac i18n: Updated all language files via custom potomatic script<\/li>\n<\/ul>\n\n<h4>1.0.8 - 2026-03-05<\/h4>\n\n<ul>\n<li>\ud83c\udf1f Premium: Added \"Append To Existing Good Bot Rule\" action to append only missing Good Bot criteria instead of overwriting existing custom rule expressions<\/li>\n<li>\u2705 The append option validates the first custom rule action is \"skip\" before attempting updates<\/li>\n<li>\ud83c\udf1f Premium: Added PatchStack IP range to list of services<\/li>\n<li>\ud83d\udd27 Premium: Updated ManageWP Uptime Monitoring User Agent<\/li>\n<li>\ud83d\udc1b Fixed Good Bot preview so PatchStack selection renders as IP expression criteria instead of a literal <code>http.user_agent contains \"patchstack-ips\"<\/code> clause<\/li>\n<li>\ud83d\udd27 Updated custom allowed IP expression formatting to grouped <code>ip.src in { ... }<\/code> style in preview and applied rules<\/li>\n<\/ul>\n\n<h4>1.0.7 - 2026-02-12<\/h4>\n\n<ul>\n<li>\ud83c\udfa8 Expanded allowed characters in custom user agent field, now allows .\/;:+()_-@= characters<\/li>\n<li>\ud83c\udf1f Premium: Added Accessibility and AI service user agent categories and choices<\/li>\n<li>\ud83d\udd27 Updated ManageWP uptime user agent to match their new value, resolves false downtime alerts<\/li>\n<\/ul>\n\n<h4>1.0.6 - 2026-02-12<\/h4>\n\n<ul>\n<li>\ud83d\udc1b Fixed Cloudflare ruleset updates when rule filters are enabled<\/li>\n<li>\ud83d\udc1b Removed local-only rule metadata from API payload to prevent JSON errors<\/li>\n<li>\ud83d\udd27 Improved API error messaging for faster troubleshooting<\/li>\n<\/ul>\n\n<h4>1.0.5 - 2026-02-10<\/h4>\n\n<ul>\n<li>\ud83c\udf1f Added Preview Rules section showing expandable rule expressions on WAF Rules page<\/li>\n<li>\u2728 Premium: Live preview updates when customizing Good Bot rules via checkboxes\/textareas<\/li>\n<li>\ud83d\udd27 Added 3 developer filter hooks for customizing rule expressions via code snippets<\/li>\n<li>\ud83d\udc1b Fixed FreeScout support widget loading and initialization<\/li>\n<li>\ud83d\udcda Added code documentation and KB article link for filter hooks with usage examples<\/li>\n<\/ul>\n\n<h4>1.0.4 - 2026-02-08<\/h4>\n\n<ul>\n<li>\ud83c\udf1f Boosted security with API Token authentication flow and a convenient Generate Token button (hat tip to Jordan Trask)<\/li>\n<li>\u2705 Auto-fetch and encrypt Cloudflare account ID for API Token users<\/li>\n<li>\u2705 Added API settings expiration timer with WP timezone display<\/li>\n<li>\ud83c\udfa8 Updated authentication UI and Good Bot gating behavior<\/li>\n<\/ul>\n\n<h4>1.0.3 - 2026-02-04<\/h4>\n\n<ul>\n<li>\ud83c\udf1f Now optimized to 3 pre-configured security rules (Skip, Challenge, Block)<\/li>\n<li>\u2705 Fixed pagination of IP Rules to display more than 1,000 rules<\/li>\n<li>\ud83c\udfa8 Tweak the IP Rules Manager page and sections display<\/li>\n<\/ul>\n\n<h4>1.0.2 - 2026-02-03<\/h4>\n\n<ul>\n<li>\ud83c\udf1f Premium: Added IP allow\/block Rules management<\/li>\n<li>\u2705 New header design and UX refinements<\/li>\n<li>\ud83c\udfa8 Add logo to plugin header<\/li>\n<\/ul>\n\n<h4>1.0.1 - 2026-01-31<\/h4>\n\n<ul>\n<li>\ud83d\udc1b Fixed display issue with literal characters appearing in section headings<\/li>\n<li>\u2705 Added confirmation dialog for Delete Settings button to prevent accidental deletion<\/li>\n<li>\ud83d\udd12 Enhanced security with additional escaping and code compliance improvements<\/li>\n<li>\ud83c\udfa8 Minor UI refinements for better user experience<\/li>\n<\/ul>\n\n<h4>1.0.0 - 2026-01-29<\/h4>\n\n<ul>\n<li>\ud83c\udf89 Initial release<\/li>\n<li>\u2705 Bulk WAF rule deployment across multiple domains<\/li>\n<li>\ud83d\udd10 AES-256-CBC encryption for API credentials<\/li>\n<li>\ud83c\udf1f 5 pre-configured security rules<\/li>\n<li>\ud83d\ude80 Premium version with multi-account support<\/li>\n<li>\u2728 Premium: 50+ built-in trusted bot checkboxes<\/li>\n<li>\ud83c\udfaf Premium: Custom user agent whitelisting<\/li>\n<li>\ud83c\udf0d Premium: Custom IP address whitelisting<\/li>\n<li>\ud83d\udcac Premium: Priority support<\/li>\n<li>\ud83d\udcf1 Responsive admin interface<\/li>\n<li>\ud83c\udfa8 Modern UI with dark header design<\/li>\n<\/ul>","raw_excerpt":"Bulk deploy powerful WAF security rules to multiple Cloudflare domains with one click. Protect your sites from bots, malicious traffic, and threats.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/230633","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=230633"}],"author":[{"embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/5starplugins"}],"wp:attachment":[{"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=230633"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=230633"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=230633"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=230633"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=230633"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/fa.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=230633"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}