Integration guide
WordPress setup
Install the Predax Security plugin and configure login protection, visitor blocking, VPN/proxy controls, and geo-blocking.
Prerequisites
- An Predax account with a live API key (register free)
- WordPress 5.8 or later, PHP 7.4 or later
- Admin access to your WordPress dashboard
1. Installation
- 1In your WordPress admin, go to Plugins → Add New and search for “Predax Security” (or open the WordPress.org listing).
- 2Click Install Now, then Activate Plugin.
- 3A new Predax Security menu (shield icon) appears in your WP admin sidebar.
2. Connect your API key
- 1Go to Predax Security → Settings.
- 2Paste your API key (starting with
prdx_) into the API Key field. - 3Click Test Connection — the status badge should turn green.
- 4Save settings.
Local dev / Docker
If WordPress runs inside Docker, do not use localhost as the API URL — it resolves to the WordPress container.
- • Docker Desktop:
http://host.docker.internal:8000 - • Linux (same server):
http://172.17.0.1:8000 - • Same Docker network:
http://api:8000
3. Configure protection levels
Each entry point has a three-way radio control: Block (rejects the request), Monitor (logs but allows), or Off (bypasses Predax entirely).
| Entry point | Default | Recommended |
|---|---|---|
| Login | Off | Block (threshold 65) |
| Registration | Off | Block (threshold 50) |
| Comments | Off | Monitor first, then Block |
| All visitors | Off | Off — enable once login/registration is stable |
The All visitors option checks every page load (not just form submissions). Results are cached per IP for one hour to avoid excessive API calls. Use the whitelist to exclude known admin IPs before enabling this.
4. Threat signals
Each threat signal can independently be set to Block, Monitor, or Off regardless of the risk threshold.
| Signal | Recommended | Notes |
|---|---|---|
| VPN | Block | Some legitimate users use corporate VPNs — use Monitor if that applies |
| Proxy | Block | Open and anonymous proxies are strong abuse signals |
| Tor exit node | Block | Very high-risk in most contexts |
| Datacenter IP | Monitor | Catches scrapers/bots; may also block developer tools |
5. Risk threshold
The risk threshold (1–100) is the score above which an IP is blocked regardless of which threat signals are detected. Start at 65 for login protection and lower it gradually if you want tighter coverage.
Score 0–39: Low risk — pass through
Score 40–69: Medium risk — consider monitoring
Score 70–89: High risk — block at login
Score 90–100: Critical — block everywhere
6. Whitelist & blacklist
The whitelist bypasses all Predax checks. Always add your own IP before enabling aggressive rules. The blacklist hard-blocks IPs regardless of their risk score. Both accept individual IPs or CIDR ranges (one per line or comma-separated).
# Whitelist examples
203.0.113.42
10.0.0.0/8
# Blacklist examples
185.65.50.0/24
7. Geo-blocking
You can block by individual country or by world region (Europe, Asia Pacific, etc.). Region blocking applies to all enabled entry points — login, registration, comments, and visitor protection. Always test with a country you don't block before going live.
8. Custom scoring weights
The plugin sends optional per-user scoring weights with each API call. Configure these in the Custom Scoring section of the plugin settings, or manage them centrally from your Predax dashboard. Weights let you tune how much each signal (VPN, proxy, ASN reputation, etc.) contributes to the risk score for your specific traffic profile.
9. Verify
- 1Try a login attempt from a known VPN IP (you can test via your dashboard lookup tool).
- 2Check Predax Security → Threat Log — the blocked event should appear within seconds.
- 3Confirm the entry shows the correct action (block/monitor), reason, risk score, and country.
- 4Check the WP Admin dashboard widget for a summary of recent activity.
Troubleshooting
Test Connection fails
Check the API key is correct and starts with prdx_. If WordPress is in Docker, the API base URL may need updating — see the Docker note in step 2.
Legitimate users are being blocked
Add your office/home IP ranges to the whitelist. Lower the risk threshold (try 75 instead of 65) or switch VPN detection from Block to Monitor.
No entries in Threat Log
Ensure the protection mode for at least one entry point is set to Block or Monitor (not Off). The log only records events when Predax actually processes a request.
Visitor protection is blocking logged-in admins
Visitor protection automatically skips users with edit_posts capability. If you're still affected, your admin user may not have the expected role — or add your IP to the whitelist.
