ForceField

ForceField

Wordpress plugin

Install on Wordpress

App Details

Adds several layers of security to restrict access to common hacking attack vectors. By filtering requests in a more specific and intelligent way, ForceField allows permitted actions to continue unaltered, but blocks actions that are disallowed or not explicitly unauthorized.

ForceField is not a “firewall” – nor a replacement for a comprehensive security plugin, but rather is intended to complement and enhance your existing security measures, by adding some unique and innovative protection features not easily found elsewhere. These include:

  • tokenizing and recording login/registration behaviour
  • protecting whitelisted administrator and user roles
  • restricting WordPress API access and endpoints
  • tracking bot behavior and blocking repeat transgressors
  • periodically checking for known vulnerabilities

Tokenized Protection

Easily reduce Brute Force Password attacks, SPAM Comments, Fake User Registrations and Sploggers! Adds a dynamic Javascript Token field to all common user action forms: Login, Registration (and optionally BuddyPress Registration), Blog Signup (Multisite only), Lost Password and Commenting. You can adjust the settings to apply to any or all of these, giving you more fine-grained control as needed.

Since the majority of bots do not have the capacity or time to recognize and process javascript fields, their attempts at access via these actions are instantly blocked – with repeat offender getting IP banned from further attempts. This gives seamless and invisible protection (without needing an annoying ReCaptcha field.)

Login Role Protection

A last line of defense against hackers who have managed to “somehow” create their own administrator account or escalate their user priveleges! Automatically block, notify by email, revoke role and/or demote to subscriber any “administrator” account that logs in who is not in an explicitly allowed list of verified administrator usernames. Goodbye escalated privelege attack!

API Protection

Adds several ways to restrict access to XML RPC and REST API features. While these can be disabled, there are several other options provided to severely limit bot and other unauthorized access while still being able to use these features as intended! Part of the aim of this plugin is to make these options available for everyone without needing to code them: Multiple request slowdown, disable XML RPC logins, logged in access only, restrict access to specified user roles, and require secure connection.

Behavioural Protection

ForceField also records access to user actions missing referer headers, missing or bad tokens, and other bad behaviours in a custom table. Reaching transgression limits for any specific action results in an IP ban. Transgression occurrences are reduced via cooldown over time, with old records expired and later deleted (with intervals adjustable.) This process keeps protection high for fresh attacks while keeping the database free of old record bloat. Also gives the option to output a form to banned IPs so users can unblock themselves manually in case of false positives (and so you don’t lock yourself out of your site!)

Vulnerability Check

Checks your installed core, plugins and themes for known vulnerabilities, according to the frequency you set for each. Then sends email alerts and provides an Admin Notice for any new vulnerabilities when they found, giving you a heads up on updates that require action. (Note: This feature is complete but currently being retested more extensively before being included in the plugin in an upcoming version. If you wish to test it out yourself beforehand, you can download the plugin from Github repository.)

ForceField Home
Support Forum
ForceField Home

Like this plugin? Check out more of our free plugins here:
WordQuest

Looking for an awesome theme? Check out my child theme framework:
BioShip Child Theme Framework

Support

For support or if you have an idea to improve this plugin:
ForceField Support Quests

Contribute

Help support improvements and log priority feature requests by a gift of appreciation:
Contribute to ForceField

Development

To aid directly in development, please fork on Github and do a pull request:
ForceField on Github

Pricing

Starting from $0 per month.

Check Out the YouTube Feed Widget

By Common Ninja

YouTube FeedTry For Free!

App Info

Rating

Reviewers

No reviews

Tags

login protect
xml-rpc

Developed By

Tony Hayes

Quick & Easy

Find the Best Wordpress plugins for you

Common Ninja has a large selection of powerful Wordpress plugins that are easy to use, fully customizable, mobile-friendly and rich with features — so be sure to check them out!

Testimonial

Testimonial plugins for Wordpress

Contact Form

Contact Form plugins for Wordpress

Maps

Maps plugins for Wordpress

Translation

Translation plugins for Wordpress

Chat

Chat plugins for Wordpress

Slider

Slider plugins for Wordpress

Reviews

Reviews plugins for Wordpress

Contact

Contact plugins for Wordpress

Galleries

Galleries plugins for Wordpress

SEO

SEO plugins for Wordpress

Forms

Forms plugins for Wordpress

Comments

Comments plugins for Wordpress

Backup

Backup plugins for Wordpress

Privacy

Privacy plugins for Wordpress

Optimize

Optimize plugins for Wordpress

Tabs

Tabs plugins for Wordpress

Social Sharing

Social Sharing plugins for Wordpress

Events Calendar

Events Calendar plugins for Wordpress

Comments

Comments plugins for Wordpress

Social Feeds

Social Feeds plugins for Wordpress

Social Sharing

Social Sharing plugins for Wordpress

Portfolio

Portfolio plugins for Wordpress

Video Player

Video Player plugins for Wordpress

popup

popup plugins for Wordpress

SiteMap

SiteMap plugins for Wordpress

Payment

Payment plugins for Wordpress

Coming Soon

Coming Soon plugins for Wordpress

Inventory

Inventory plugins for Wordpress

Testimonials

Testimonials plugins for Wordpress

Portfolio

Portfolio plugins for Wordpress

Membership

Membership plugins for Wordpress

Forms

Forms plugins for Wordpress

Analytics

Analytics plugins for Wordpress

Events Calendar

Events Calendar plugins for Wordpress

Sliders

Sliders plugins for Wordpress

Analytics

Analytics plugins for Wordpress

Reviews

Reviews plugins for Wordpress

Security

Security plugins for Wordpress

Ads

Ads plugins for Wordpress

Music Player

Music Player plugins for Wordpress

Countdown

Countdown plugins for Wordpress

Email Marketing

Email Marketing plugins for Wordpress

Membership

Membership plugins for Wordpress

Ecommerce

Ecommerce plugins for Wordpress

Customer Support

Customer Support plugins for Wordpress

Video Player

Video Player plugins for Wordpress

Tabs

Tabs plugins for Wordpress

Social Feeds

Social Feeds plugins for Wordpress

Common Ninja Apps

Some of the best Common Ninja plugins for Wordpress

Browse our extensive collection of compatible plugins, and easily embed them on any website, blog, online store, e-commerce platform, or site builder.

YouTube Feed for Wordpress logo

YouTube Feed

Show YouTube videos in a customizable YouTube feed that keeps content fresh, boosts watch time, and helps visitors explore more of your channel.

X Feed for Wordpress logo

X Feed

Show posts in an X feed that keeps updates visible, improves content discovery, and helps visitors stay engaged with your latest activity.

Card Slider for Wordpress logo

Card Slider

Showcase content with a card slider that presents images, text, and buttons in a smooth, customizable layout to keep visitors engaged.

Calculator for Wordpress logo

Calculator

Create custom calculators that let visitors enter values, get results, and make confident choices that support your business.

Live Weather Forecast for Wordpress logo

Live Weather Forecast

Use a live weather forecast widget to show current conditions and upcoming predictions, giving visitors real time local weather updates for better planning.

Stories for Wordpress logo

Stories

Add interactive stories to your site to showcase content in a visual, mobile friendly format that boosts engagement and guides visitors toward action.

Reviews Badge for Wordpress logo

Reviews Badge

Use a reviews badge to highlight your ratings, build trust at a glance, improve credibility, and help increase conversions across your site.

LinkedIn Feed Slider for Wordpress logo

LinkedIn Feed Slider

Show LinkedIn posts with a slider that auto updates, presents content in a smooth layout, and keeps visitors engaged.

Slideshow for Wordpress logo

Slideshow

Present images in a Slideshow carousel that rotates or slides through visuals, helping you highlight key content within a clean, engaging layout.

Email Subscription Form for Wordpress logo

Email Subscription Form

Capture email leads with an email subscription form that collects addresses, saves entries, sends notifications, and helps grow your audience.

Instagram Carousel for Wordpress logo

Instagram Carousel

Show Instagram posts in a responsive carousel layout to enhance social proof and keep your site content visually fresh.

MP3 Player for Wordpress logo

MP3 Player

Add an MP3 Player to your website and engage visitors with music, podcasts, and spoken audio without any setup complexity.

More plugins

plugins You Might Like

Discover Apps By Platform

Discover the best apps for your website

WordPress
Wix
Shopify
Weebly
Webflow
Joomla
PrestaShop
Shift4Shop
WebsiteX5
MODX
Opencart
NopCommerce

Common Ninja Search Engine

The Common Ninja Search Engine platform helps website builders find the best site widgets, apps, plugins, tools, add-ons, and extensions! Compatible with all major website building platforms - big or small - and updated regularly, our Search Engine tool provides you with the business tools your site needs!

Multiple platforms