GD Security Toolbox Pro 2.2 is a major update that brings another new addon, various updates to Content Security Policy and few more things, including some fixes.
The new addon added in this release is called Plugins Bridge. It is made to connect or listen to information coming from supported plugins and log security-related events, and if needed, ban offending IP’s.
Right now, Plugins Bridge supports only GD Rating System plugin, and it hooks into AJAX error handling in GD Rating System, and it can log various error or security-related AJAX events. And, if the IP generates a lot of similar errors in a period of time, it can temporarily or permanently ban that IP. Because GD Rating System is rising in popularity, some bots are trying to find some security issues, and they are targetting AJAX endpoint. The plugin detects a lot of request issues, and first the action with request issue information.
In the future, the plan is to add more plugins to this addon, starting with all Dev4Press plugins that have public-facing AJAX-based endpoints. Now that the action for such errors is properly defined, more plugin will get support for it.
The new version includes few more updates to the CSP rules, various other improvements and few bug fixes.
If you notice any problems with the plugin, stop by the support forums to report it. Let me know what you think about the new version, and as always, suggestions are welcome.
