WPMU DEV is dedicated to supporting advanced users in every possible way. Our Defender API Documentation is an ongoing project. Information about new commands will be added here as it becomes available.

5.1 Filters & Actions

Copy chapter anchor to clipboard
Audit
Configure reporting preferences
/src/view/email/audit-report.php
Convert key to human name
/src/component/audit/options-audit.php
Firewall
After login lockout
/src/component/login-lockout.php
“Not found” lockout
/src/component/notfound-lockout.php
Blocklist IP
/src/component/notfound-lockout.php
/src/component/notfound-lockout.php
IP lockout assets
/src/controller/firewall.php
Before lockouts
/src/controller/firewall.php
IP lockout logs store backward
/src/component/firewall.php
Get default allowlist IPs
/src/component/blacklist-lockout.php
Enable/disable User Agent Banning
/src/model/setting/user-agent-lockout.php
Before User Agent is blocked
/src/model/setting/user-agent-lockout.php
Action after User Agent lockout
/src/model/setting/user-agent-lockout.php
Filter user agent
/src/model/setting/user-agent-lockout.php
Recommendations
Get supported servers
/src/component/security-tweaks/servers/server-factory.php
Get login duration
/src/component/security-tweaks/login-duration.php
Get supported PHP versions
/src/component/security-tweaks/php-version.php
Verify SSL argument
/src/component/security-tweaks/servers/server.php
2FA
Check 2FA user
/src/component/two-fa.php
Mask Login
Enable/Disable Mask Login
/src/model/setting/mask-login.php
Filter strict slugs
/src/component/mask-login.php
Filter non-strict slugs
/src/component/mask-login.php
Redirect login page
/src/controller/mask-login.php
Security Headers
Get TTL
/src/component/security-header.php
Notifications
After recipient added
/src/model/notification/notification.php
Configure report preferences
/src/view/email/firewall-report.php
/src/view/email/lockout-404.php
/src/view/email/login-lockout.php
Notify users
/src/component/login-lockout.php
/src/component/notfound-lockout.php
/src/component/scan.php
Change confirmation email
/src/component/notification.php
Change subscription email
/src/component/notification.php
Unsubscribe email
/src/component/notification.php
Passwords
Enable/Disable Pwned Passwords
/src/model/setting/password-protection.php
Enable/Disable Password Reset
/src/model/setting/password-reset.php
Password reset page
src/controller/password-protection.php
src/controller/password-reset.php
Google reCAPTCHA
Enable/Disable Google reCAPTCHA
/src/model/setting/recaptcha.php
Extra conditions before reCAPTCHA
src/controller/recaptcha.php
Extra conditions after reCAPTCHA
src/controller/recaptcha.php
Exclude requests from reCAPTCHA
src/controller/recaptcha.php
Check reCAPTCHA result
src/controller/recaptcha.php
Display custom reCAPTCHA error message
src/controller/recaptcha.php
Send IP to reCAPTCHA API
src/controller/recaptcha.php
Add extra assets for reCAPTCHA
src/controller/recaptcha.php
Additional hooks
Run after Defender activation
/wp-defender.php
Enqueue assets
/src/bootstrap.php
Get time interval
/src/traits/formats.php
Filter user IP
/src/traits/ip.php
Advanced tools data
/src/controller/advanced-tools.php
Filter settings data
/src/controller.php
/src/controller2.php

5.1.1 Filter: defender_get_supported_servers

Link to chapter 1

Description

Filter. Get supported servers.

Usage

add_filter( ‘defender_get_supported_servers’, ‘custom_defender_filter’ );

Parameters

$servers – array – the list of supported servers

Return

the $servers as an array

Example

5.1.2 Filter: defender_security_tweaks_login-duration_get_duration

Link to chapter 1

Description

Filter. Get login duration in days or seconds.

Usage

add_filter( ‘defender_security_tweaks_login-duration_get_duration’, ‘custom_defender_filter’ );

Parameters

$duration – int – duration value

Return

the $duration as int

Example

5.1.3 Filter: defender_php-version_supported_php

Link to chapter 1

Description

Filter. Get supported PHP versions.

Usage

add_filter( ‘defender_php-version_supported_php’, ‘custom_defender_filter’ );

Parameters

$supported_php – array – the list of supported PHP versions

Return

the $supported_php as an array

Example

5.1.4 Filter: defender_ssl_verify

Link to chapter 1

Description

Filter. Verify SSL argument in an HTTP request.

Usage

add_filter( ‘defender_ssl_verify’, ‘custom_defender_filter’ );

Parameters

$ssl_verify – bool

Return

the $ssl_verify as bool

Example

5.1.6 Filter: wd_audit_settings_keys

Link to chapter 1

Description

Filter. Convert the key to the human name.

Usage

add_filter( ‘wd_audit_settings_keys’, ‘custom_defender_filter’ );

Parameters

$settings_keys – array – the list of keys.

Return

the $settings_keys as an array

Example

5.1.7 Action: wd_login_lockout

Link to chapter 1

Description

Action after login lockout.

Usage

add_action( ‘wd_login_lockout’, ‘custom_defender_action’ );

Parameters

$model – object – Record the attempt
$scenario – string – One of them: ‘login_fail’, ‘login_lockout’ or ‘login_ban’

Return

No return.

Example

5.1.8 Action: wd_404_lockout

Link to chapter 1

Description

Action after ‘Not found’ lockout.

Usage

add_action( ‘wd_404_lockout’, ‘custom_defender_action’ );

Parameters

$model – object – Record the attempt
$scenario – string – One of them: ‘normal’, ‘blacklist’

Return

No return.

Example

5.1.9 Action: wd_blacklist_this_ip

Link to chapter 1

Description

Action. Perform an action when an IP is blocked.

Usage

add_action( ‘wd_blacklist_this_ip’, ‘custom_defender_action’ );

Parameters

$ip – string – a new IP for blacklist

Return

No return.

Example

5.1.10 Action: defender_ip_lockout_action_assets

Link to chapter 1

Description

Action. Add additional script or style assets for IP Lockouts.

Usage

add_action( ‘defender_ip_lockout_action_assets’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.11 Action: wd_before_lockout

Link to chapter 1

Description

Action before any lockouts.

Usage

add_action( ‘wd_before_lockout’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.12 Filter: ip_lockout_logs_store_backward

Link to chapter 1

Description

Filter. Count days for IP logs to be saved to DB

Usage

add_filter( ‘ip_lockout_logs_store_backward’, ‘custom_defender_filter’ );

Parameters

$storage_days – string|int – storage days

Return

the $storage_days as string|int.

Example

5.1.13 Filter: ip_lockout_default_whitelist_ip

Link to chapter 1

Description

Filter. Get the list of default allowlisted IP addresses.

Usage

add_filter( ‘ip_lockout_default_whitelist_ip’, ‘custom_defender_filter’ );

Parameters

$ips – array – the default IPs that need to whitelisteda

Return

the $ips as an array

Example

5.1.14 Filter: wd_user_agents_enable

Link to chapter 1

Description

Filter. Enable or disable of the User Agent Banning feature.

Usage

add_filter( ‘wd_user_agents_enable’, ‘custom_defender_filter’ );

Parameters

$enabled – boolean

Return

boolean

Example

add_filter( 'wd_user_agents_enable', '__return_false' );

5.1.15 Action: wd_user_agent_before_block

Link to chapter 1

Description

Action. Fires before User Agent is blocked.

Usage

add_action( ‘wd_user_agent_before_block’, ‘custom_defender_action’ );

Parameters

$user_agent – string. Value from $_SERVER[‘HTTP_USER_AGENT’].
$ip – string. User IP.
$reason – string. Reason for blocking.

Return

No return

Example

5.1.16 Action: wd_user_agent_lockout

Link to chapter 1

Description

Action. Action after User Agent lockout.

Usage

add_action( ‘wd_user_agent_lockout’, ‘custom_defender_action’ );

Parameters

$model – object.
$scenario – string.

Return

No return

Example

5.1.17 Filter: wd_current_user_agent

Link to chapter 1

Description

Filter. Filter user agent.

Usage

add_filter( ‘wd_current_user_agent’, ‘custom_defender_filter’ );

Parameters

$user_agent – string. Value from $_SERVER[‘HTTP_USER_AGENT’].

Return

$user_agent as string.

Example

5.1.18 Filter: wp_defender_2fa_user_enabled

Link to chapter 1

Description

Filter. Check if the 2FA option is enabled for a specific user.

Usage

add_filter( ‘wp_defender_2fa_user_enabled’, ‘custom_defender_filter’, 10, 2 );

Parameters

$is_enabled – int. One of them: 1 or 0 $user_id – int.

Return

the $is_enabled as int

Example

5.1.19 Filter: wp_mask_login_enable

Link to chapter 1

Description

Filter. Enable or disable the Mask Login feature.

Usage

add_filter( ‘wd_mask_login_enable’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_mask_login_enable', '__return_false' );

5.1.20 Filter: wd_login_strict_slugs

Link to chapter 1

Description

Filter. Filter strict slugs.

Usage

add_filter( ‘wd_login_strict_slugs’, ‘custom_defender_filter’ );

Parameters

$slugs – array – the list of the slugs

Return

the $slugs as an array

Example

5.1.21 Filter: wd_login_slugs

Link to chapter 1

Description

Filter. Filter non-strict slugs.

Usage

add_filter( ‘wd_login_slugs’, ‘custom_defender_filter’ );

Parameters

$slugs – array – the list of the slugs

Return

the $slugs as an array

Example

5.1.22 Filter: defender_redirect_login

Link to chapter 1

Description

Filter. Rredirect to the page

Usage

add_filter( ‘defender_redirect_login’, ‘custom_defender_filter’, 10, 3 );

Parameters

$url – string $raw_url – string $user – object – User object

Return

the $url string.

Example

5.1.23 Filter: wd_head_request_ttl

Link to chapter 1

Description

Filter. Get TTL.

Usage

add_filter( ‘wd_head_request_ttl’, ‘custom_defender_filter’ );

Parameters

$ttl – null|int|false

Return

the $ttl string

Example

5.1.24 Action: defender_recipient_added

Link to chapter 1

Description

Action. After adding recipients

Usage

add_action(‘defender_recipient_added’, ‘custom_defender_action’, 10, 2 );

Parameters

$email – string
$name – string

Return

No return.

Example

5.1.26 Action: defender_notify

Link to chapter 1

Description

Action. Notify users about results from Scan and Firewall modules.

Usage

add_action( ‘defender_notify’, ‘custom_defender_action’ );

Parameters

$slug – string – One of them: ‘firewall-notification’, ‘malware-notification’

$model – module object

Return

No return.

Example

5.1.27 Filter: wd_confirm_noreply_email

Link to chapter 1

Description

Filter. Change email for confirmation.

Usage

add_filter( ‘wd_confirm_noreply_email’, ‘custom_defender_filter’ );

Parameters

$no_reply_email – string

Return

the $no_reply_email as string.

Example

5.1.28 Filter: wd_subscribe_noreply_email

Link to chapter 1

Description

Filter. Change email for subscription.

Usage

add_filter( ‘wd_subscribe_noreply_email’, ‘custom_defender_filter’ );

Parameters

$no_reply_email – string

Return

the $no_reply_email as string.

Example

5.1.29 Filter: wd_unsubscribe_noreply_email

Link to chapter 1

Description

Filter. Change email to unsubscribe.

Usage

add_filter( ‘wd_unsubscribe_noreply_email’, ‘custom_defender_filter’ );

Parameters

$no_reply_email – string

Return

the $no_reply_email as string.

Example

5.1.30 Filter: wd_password_protection_enable

Link to chapter 1

Description

Filter. Enable or disable the Pwned Passwords feature.

Usage

add_filter( ‘wd_password_protection_enable’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_password_protection_enable', '__return_false' );

5.1.31 Filter: wd_password_reset_active

Link to chapter 1

Description

Filter. Enable or disable the Password Reset feature.

Usage

add_filter( ‘wd_password_reset_active’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_password_reset_active', '__return_false' );

5.1.32 Action: wd_forced_reset_password_url

Link to chapter 1

Description

Action. The forced url to password reset page.

Usage

add_action( ‘wd_forced_reset_password_url’, ‘custom_defender_action’ );

Parameters

$url – string. The reset password page that a user is redirected.
$action – string. Possible values: password_reset or password_protection.

Return

No return.

Example

5.1.33 Filter: wd_recaptcha_enable

Link to chapter 1

Description

Filter. Enable or disable the Google reCAPTCHA feature.

Usage

add_filter( ‘wd_recaptcha_enable’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_recaptcha_enable', '__return_false' );

5.1.34 Action: wd_recaptcha_before_actions

Link to chapter 1

Description

Action. Extra conditions before the reCAPTCHA process.

Usage

add_action( ‘wd_recaptcha_before_actions’, ‘custom_defender_action’ );

Parameters

$condition – bool.

Return

No return.

Example

5.1.35 Action: wd_recaptcha_after_actions

Link to chapter 1

Description

Action. Extra conditions after the reCAPTCHA process.

Usage

add_action( ‘wd_recaptcha_after_actions’, ‘custom_defender_action’ );

Parameters

$condition – bool.

Return

No return.

Example

5.1.36 Filter: wd_recaptcha_excluded_requests

Link to chapter 1

Description

Filter. Exclude url requests for which Google reCAPTCHA may be displayed.

Usage

add_filter( ‘wd_recaptcha_excluded_requests’, ‘custom_defender_filter’ );

Parameters

$data – array. Array of requests.

Return

array

Example

5.1.37 Filter: wd_recaptcha_check_result

Link to chapter 1

Description

Filter. Exclude url requests for which Google reCAPTCHA may be displayed.

Usage

add_filter( ‘wd_recaptcha_check_result’, ‘custom_defender_filter’ );

Parameters

$result – bool. The result after the reCAPTCHA API response.
$form – string. Form slug, e.g. ‘default_comments’ or ‘login_form’.

Return

bool

Example

5.1.38 Filter: wd_recaptcha_require_valid_comment

Link to chapter 1

Description

Filter. Display a custom error message.

Usage

add_filter( ‘wd_recaptcha_require_valid_comment’, ‘custom_defender_filter’ );

Parameters

$error_message – string. The text that is displayed on failure for the default comment form.

Return

bool

Example

5.1.39 Filter: wd_recaptcha_remote_ip

Link to chapter 1

Description

Filter. Send the current IP to the reCAPTCHA API.

Usage

add_filter( ‘wd_recaptcha_remote_ip’, ‘custom_defender_filter’ );

Parameters

$ip – string.

Return

bool

Example

5.1.40 Action: wd_recaptcha_extra_assets

Link to chapter 1

Description

Action. Add additional script or style assets for reCAPTCHA module.

Usage

add_action( ‘wd_recaptcha_extra_assets’, ‘custom_defender_action’ );

Parameters

None

Return

None

Example

5.1.41 Action: wp_defender

Link to chapter 1

Description

Action. Run after the activation of the Defender plugin.

Usage

add_action( ‘wp_defender’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.42 Action: defender_enqueue_assets

Link to chapter 1

Description

Action. Enqueue assets and display data.

Usage

add_action( ‘defender_enqueue_assets’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.43 Filter: defender_get_times_interval

Link to chapter 1

Description

Filter. Get time interval.

Usage

add_filter( ‘defender_get_times_interval’, ‘custom_defender_filter’ );

Parameters

$interval – array

Return

the $interval array.

Example

5.1.44 Filter: defender_user_ip

Link to chapter 1

Description

Filter. Filter user IP.

Usage

add_filter( ‘defender_user_ip’, ‘custom_defender_filter’ );

Parameters

$ip – string

Return

the $ip string

Example

5.1.45 Filter: wp_defender_advanced_tools_data

Link to chapter 1

Description

Filter. Get and update frontend data for Masc Login and Security Headers pages.

Usage

add_filter( ‘wp_defender_advanced_tools_data’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

the $data array

Example

5.1.46 Filter: defender_filtering_data_settings

Link to chapter 1

Description

Filter. Filter settings data.

Usage

add_filter( ‘defender_filtering_data_settings’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

the $data array

Example

Defender includes WP-CLI integration, enabling command-line access to common tasks. See the list of supported commands below.

5.2.1 Malware Scanning

Link to chapter 2

Command
wp defender scan [command] [–type=]

Parameters

command
String
Filescan task to perform. Accepts: run, ignore, unignore, delete, resolve.
type
String
Type of content to perform the task on. Accepts: core_integrity, plugin_integrity, vulnerability, suspicious_code.

Examples

Run full Defender filescan:
wp defender scan run

Run full Defender filescan and ignore all issues:
wp defender scan ignore

Run full Defender filescan and unignore all issues:
wp defender scan unignore

Run full Defender filescan and delete all unknown or modified files/directories in WordPress core, plugins and themes, and all files with suspicious functions found:
wp defender scan delete

Run full Defender filescan and resolve all possible issues:
wp defender scan resolve

Run full Defender filescan and ignore all unknown/modified file issues found in WordPress core:
wp defender scan ignore --type=core_integrity

Run full Defender filescan and unignore all unknown/modified file issues found in WordPress core:
wp defender scan unignore --type=core_integrity

Run full Defender filescan and delete all unknown files/directories in WordPress core:
wp defender scan delete --type=core_integrity

Run full Defender filescan and resolve all unknown/modified file issues found in WordPress core:
wp defender scan resolve --type=core_integrity

Run full Defender filescan and ignore all unknown/modified file issues found in plugins from wordpress.org:
wp defender scan ignore --type=plugins_integrity

Run full Defender filescan and unignore all unknown/modified file issues found in plugins from wordpress.org:
wp defender scan unignore --type=plugins_integrity

Run full Defender filescan and delete all unknown files/directories found in plugins from wordpress.org:
wp defender scan delete --type=plugins_integrity

Run full Defender filescan and resolve all unknown/modified file issues found in plugins from wordpress.org:
wp defender scan resolve --type=plugins_integrity

Run full Defender filescan and ignore all published vulnerability issues found in plugins and themes:
wp defender scan ignore --type=vulnerability

Run full Defender filescan and unignore all published vulnerability issues found in plugins and themes:
wp defender scan unignore --type=vulnerability

Run full Defender filescan and delete all files with published vulnerability issues found in plugins and themes:
wp defender scan delete --type=vulnerability

Run full Defender filescan and resolve all possible published vulnerability issues found in plugins and themes:
wp defender scan resolve --type=vulnerability

Run full Defender filescan and ignore all suspicious code issues found in plugins and themes:
wp defender scan ignore --type=suspicious_code

Run full Defender filescan and unignore all suspicious code issues found in plugins and themes:
wp defender scan unignore --type=suspicious_code

Run full Defender filescan and delete all files with suspicious code issues found in plugins and themes:
wp defender scan delete --type=suspicious_code

Run full Defender filescan and resolve all possible suspicious code issues found in plugins and themes:
wp defender scan resolve --type=suspicious_code

5.2.2 Mask Login

Link to chapter 2

Command
wp defender mask_login [command]

Parameters

command
String
Mask Login task to perform. Accepts: clear.

Examples

Clear the Mask Login URI & reset to default:
wp defender mask_login clear

5.2.3 Security Headers

Link to chapter 2

Command
wp defender security_headers [command]

Parameters

command
String
Security headers task to perform for all security header options. Accepts: check, activate, deactivate.

Examples

Check for all security headers:
wp defender security_headers check

Activate all security headers:
wp defender security_headers activate

Deactivate all security headers:
wp defender security_headers deactivate

5.2.4 Firewall

Link to chapter 2

Command
wp defender firewall [command] [arg_1] [arg_2]

Parameters

command
String
Firewall task to perform. Accepts: clear.
arg_1
String
Type of content to perform the task on. Accepts: ip, files.
arg_2
String
Specific content to perform the task on. Accepts: allowlist, blocklist, country_allowlist, country_blocklist.

Examples

Clear all IP addresses from the IP allowlist:
wp defender firewall clear ip allowlist

Clear all IP addresses from the IP blocklist:
wp defender firewall clear ip blocklist

Clear all IP addresses from the Locations allowlist:
wp defender firewall clear ip country_allowlist

Clear all IP addresses from the Locations blocklist:
wp defender firewall clear ip country_blocklist

Clear all files from the 404 allowlist:
wp defender firewall clear files allowlist

Clear all files from the 404 blocklist:
wp defender firewall clear files blocklist

5.2.5 Password Reset

Link to chapter 2

Command
wp defender password_reset [command]

Parameters

command
String
Password Reset task to perform. Accepts: force, undo.

Examples

Force password reset for all currently selected user roles:
wp defender password_reset force

Undo the password reset for all currently selected user roles:
wp defender password_reset undo

5.2.6 Settings

Link to chapter 2

Command
wp defender settings [command]

Parameters

command
String
Settings task to perform. Accepts: reset.

Examples

Reset all plugin settings and data:
wp defender settings reset