Recently while upgrading my WordPress blogs I installed WPIDS 0.1.2. WPIDS is a Intrusion Protection System, which is based upon the Intrusion Detection System PHPIDS. It is a nice plugin for those curious about WordPress security. In theory this should improve the security of my blogs.
For the last couple of days I have been monitoring its log. So far I have not found any false positives. It looks like it is blocking some comment spam. Most of my comment spam is caught by Akismet.
I am kind of fascinated with this plugin. If the developers are looking for ideas, it would be nice if:
- It would tell me if there is a new filter available. I am not sure how often the filter is updated but with a little modification the plugin could update the file directly. WordPress would like updated plugins to be updated on their web site. An updated the revision number for the plugin would appear in the plugin panel. In a perfect world the use could then update the plugin automatically.
- The search stats button overlaid the standard report onto the admin page for the plugin. It is not very useful in this format.
- It would be nice if the report said why the bad request was blocked. I have several blocked requests showing something called “__utmz” in the tag field.
- It would be nice to download the report as a csv file.
- It would be nice to have a summary report by type of blocked request.