WPMU DEV is dedicated to supporting advanced users in every possible way. Our Defender API Documentation is an ongoing project. Information about new commands will be added here as it becomes available.

5.1 Filters & Actions

Copy chapter anchor to clipboard
Recommendations
Get supported servers
/src/component/security-tweaks/servers/server-factory.php
Get login duration
/src/component/security-tweaks/login-duration.php
Get supported PHP versions
/src/component/security-tweaks/php-version.php
Verify SSL argument
/src/component/security-tweaks/servers/server.php
Audit
Convert key to human name
/src/component/audit/options-audit.php
Filter active status check
/src/model/setting/audit-logging.php
Firewall
After login lockout
/src/component/login-lockout.php
“Not found” lockout
/src/component/notfound-lockout.php
Blocklist IP
/src/component/notfound-lockout.php
/src/component/notfound-lockout.php
IP lockout assets
/src/controller/firewall.php
Before lockouts
/src/controller/firewall.php
IP lockout logs store backward
/src/component/firewall.php
Get default allowlist IPs
/src/component/blacklist-lockout.php
Enable/disable User Agent Banning
/src/model/setting/user-agent-lockout.php
Before User Agent is blocked
/src/model/setting/user-agent-lockout.php
Action after User Agent lockout
/src/model/setting/user-agent-lockout.php
Filter user agent
/src/model/setting/user-agent-lockout.php
Update MaxMind database
/src/controller/blacklist.php
Update geolocation database
/src/controller/blacklist.php
2FA
Check 2FA user
/src/component/two-fa.php
Action after successful login via 2FA
/src/controller/two-factor.php
Filter providers
/src/component/two-fa.php
Filter enabled providers for user
/src/component/two-fa.php
TOTP provider
/src/view/two-fa/user-options.php
Backup codes provider
/src/view/two-fa/user-options.php
Fallback email provider
/src/view/two-fa/user-options.php
TOTP user options
/src/view/two-fa/user-options.php
Backup codes user options
/src/view/two-fa/user-options.php
Fallback email user options
/src/view/two-fa/user-options.php
Mask Login
Enable/Disable Mask Login
/src/model/setting/mask-login.php
Filter strict slugs
/src/component/mask-login.php
Filter non-strict slugs
/src/component/mask-login.php
Redirect login page
/src/controller/mask-login.php
Filter allowlisted paths
/src/controller/mask-login.php
Redirect current URL to masked URL
/src/controller/mask-login.php
Security Headers
Get TTL
/src/component/security-header.php
Filter directives of Permissions-Policy header
/src/component/security-headers/sh-feature-policy.php
Passwords
Enable/Disable Pwned Passwords
/src/model/setting/password-protection.php
Enable/Disable Password Reset
/src/model/setting/password-reset.php
Password reset page
src/controller/password-protection.php
src/controller/password-reset.php
Google reCAPTCHA
Enable/Disable Google reCAPTCHA
/src/model/setting/recaptcha.php
Extra conditions before reCAPTCHA
src/controller/recaptcha.php
Extra conditions after reCAPTCHA
src/controller/recaptcha.php
Exclude requests from reCAPTCHA
src/controller/recaptcha.php
Check reCAPTCHA result
src/controller/recaptcha.php
Display custom reCAPTCHA error message
src/controller/recaptcha.php
Send IP to reCAPTCHA API
src/controller/recaptcha.php
Add extra assets for reCAPTCHA
src/controller/recaptcha.php
Notifications
After recipient added
/src/model/notification/notification.php
Notify users
/src/component/login-lockout.php
/src/component/notfound-lockout.php
/src/component/scan.php
Change confirmation email
/src/component/notification.php
Change subscription email
/src/component/notification.php
Unsubscribe email
/src/component/notification.php
Filter to override scan threshold period
/src/model/scan.php
Additional hooks
Run after Defender activation
/wp-defender.php
Enqueue assets
/src/bootstrap.php
Get time interval
/src/traits/formats.php
Filter user IP
/src/traits/ip.php
Advanced tools data
/src/controller/advanced-tools.php
Filter settings data
/src/controller.php
/src/controller2.php
Was the button ‘Rate Defender’ clicked or not?
/src/class-admin.php
Was the button ‘Maybe later’ clicked or not?
/src/class-admin.php
Display vulnerability warnings
/src/controller/scan.php
Time limit to clear logs
/src/controller/main-setting.php
Filter countries
/src/traits/country.php

5.1.1 Filter: defender_get_supported_servers

Link to chapter 1

Description

Filter. Get supported servers.

Usage

add_filter( ‘defender_get_supported_servers’, ‘custom_defender_filter’ );

Parameters

$servers – array – the list of supported servers

Return

the $servers as an array

Example

5.1.2 Filter: defender_security_tweaks_login-duration_get_duration

Link to chapter 1

Description

Filter. Get login duration in days or seconds.

Usage

add_filter( ‘defender_security_tweaks_login-duration_get_duration’, ‘custom_defender_filter’ );

Parameters

$duration – int – duration value

Return

the $duration as int

Example

5.1.3 Filter: defender_php-version_supported_php

Link to chapter 1

Description

Filter. Get supported PHP versions.

Usage

add_filter( ‘defender_php-version_supported_php’, ‘custom_defender_filter’ );

Parameters

$supported_php – array – the list of supported PHP versions

Return

the $supported_php as an array

Example

5.1.4 Filter: defender_ssl_verify

Link to chapter 1

Description

Filter. Verify SSL argument in an HTTP request.

Usage

add_filter( ‘defender_ssl_verify’, ‘custom_defender_filter’ );

Parameters

$ssl_verify – bool

Return

the $ssl_verify as bool

Example

5.1.5 Filter: wd_audit_settings_keys

Link to chapter 1

Description

Filter. Convert the key to the human name.

Usage

add_filter( ‘wd_audit_settings_keys’, ‘custom_defender_filter’ );

Parameters

$settings_keys – array – the list of keys.

Return

the $settings_keys as an array

Example

5.1.6 Filter: wd_audit_enable

Link to chapter 1

Description

Filter. Filter “active” status check for Audit Logging.

Usage

add_filter( ‘wd_audit_enable’, ‘custom_defender_filter’ );

Parameters

$enabled – bool

Return

the $enabled as bool

Example

5.1.7 Action: wd_login_lockout

Link to chapter 1

Description

Action after login lockout.

Usage

add_action( ‘wd_login_lockout’, ‘custom_defender_action’ );

Parameters

$model – object – Record the attempt
$scenario – string – One of them: ‘login_fail’, ‘login_lockout’ or ‘login_ban’

Return

No return.

Example

5.1.8 Action: wd_404_lockout

Link to chapter 1

Description

Action after ‘Not found’ lockout.

Usage

add_action( ‘wd_404_lockout’, ‘custom_defender_action’ );

Parameters

$model – object – Record the attempt
$scenario – string – One of them: ‘normal’, ‘blacklist’

Return

No return.

Example

5.1.9 Action: wd_blacklist_this_ip

Link to chapter 1

Description

Action. Perform an action when an IP is blocked.

Usage

add_action( ‘wd_blacklist_this_ip’, ‘custom_defender_action’ );

Parameters

$ip – string – a new IP for blacklist

Return

No return.

Example

5.1.10 Action: defender_ip_lockout_action_assets

Link to chapter 1

Description

Action. Add additional script or style assets for IP Lockouts.

Usage

add_action( ‘defender_ip_lockout_action_assets’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.11 Action: wd_before_lockout

Link to chapter 1

Description

Action before any lockouts.

Usage

add_action( ‘wd_before_lockout’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.12 Filter: ip_lockout_logs_store_backward

Link to chapter 1

Description

Filter. Count days for IP logs to be saved to DB

Usage

add_filter( ‘ip_lockout_logs_store_backward’, ‘custom_defender_filter’ );

Parameters

$storage_days – string|int – storage days

Return

the $storage_days as string|int.

Example

5.1.13 Filter: ip_lockout_default_whitelist_ip

Link to chapter 1

Description

Filter. Get the list of default allowlisted IP addresses.

Usage

add_filter( ‘ip_lockout_default_whitelist_ip’, ‘custom_defender_filter’ );

Parameters

$ips – array – the default IPs that need to whitelisteda

Return

the $ips as an array

Example

5.1.14 Filter: wd_user_agents_enable

Link to chapter 1

Description

Filter. Enable or disable of the User Agent Banning feature.

Usage

add_filter( ‘wd_user_agents_enable’, ‘custom_defender_filter’ );

Parameters

$enabled – boolean

Return

boolean

Example

add_filter( 'wd_user_agents_enable', '__return_false' );

5.1.15 Action: wd_user_agent_before_block

Link to chapter 1

Description

Action. Fires before User Agent is blocked.

Usage

add_action( ‘wd_user_agent_before_block’, ‘custom_defender_action’ );

Parameters

$user_agent – string. Value from $_SERVER[‘HTTP_USER_AGENT’].
$ip – string. User IP.
$reason – string. Reason for blocking.

Return

No return

Example

5.1.16 Action: wd_user_agent_lockout

Link to chapter 1

Description

Action. Action after User Agent lockout.

Usage

add_action( ‘wd_user_agent_lockout’, ‘custom_defender_action’ );

Parameters

$model – object.
$scenario – string.

Return

No return

Example

5.1.17 Filter: wd_current_user_agent

Link to chapter 1

Description

Filter. Filter user agent.

Usage

add_filter( ‘wd_current_user_agent’, ‘custom_defender_filter’ );

Parameters

$user_agent – string. Value from $_SERVER[‘HTTP_USER_AGENT’].

Return

$user_agent as string.

Example

5.1.18 Filter: wd_update_maxmind_database

Link to chapter 1

Description

Filter. Allows update or remove the database of MaxMind automatic and periodically.

Usage

add_filter( ‘wd_update_maxmind_database’, ‘custom_defender_filter’ );

Parameters

$flag – bool

Return

the $flag as boolean

Example

add_filter( 'wd_update_maxmind_database', '__return_false' );

5.1.19 Action: wpdef_update_geoip

Link to chapter 1

Description

Action. Update the geolocation database.

Usage

add_action( ‘wpdef_update_geoip’, ‘custom_defender_action’ );

Parameters

No parameters

Return

No return

Example

5.1.20 Filter: wp_defender_2fa_user_enabled

Link to chapter 1

Description

Filter. Check if the 2FA option is enabled for a specific user.

Usage

add_filter( ‘wp_defender_2fa_user_enabled’, ‘custom_defender_filter’, 10, 2 );

Parameters

$is_enabled – int. One of them: 1 or 0 $user_id – int.

Return

the $is_enabled as int

Example

5.1.21 Action: wpmu_2fa_login

Link to chapter 1

Description

Action. Fires after successful login via 2fa.

Usage

add_action( ‘wpmu_2fa_login’, ‘custom_defender_action’ );

Parameters

$user_id – string. User IP.

Return

No return

Example

5.1.22 Filter: wd_2fa_providers

Link to chapter 1

Description

Filter. Filter the supplied providers.

Usage

add_filter( ‘wd_2fa_providers’, ‘custom_defender_filter’ );

Parameters

$classes – array

Return

the $classes as array

Example

5.1.23 Filter: wd_2fa_enabled_providers_for_user

Link to chapter 1

Description

Filter. Filter the enabled 2FA providers for this user.

Usage

add_filter( ‘wd_2fa_enabled_providers_for_user’, ‘custom_defender_filter’ );

Parameters

$enabled_providers – array
$user_id – int

Return

the $enabled_providers as array

Example

5.1.24 Action: wd_2fa_init_provider_totp

Link to chapter 1

Description

Action. Fires before user options are shown.

Usage

add_action( ‘wd_2fa_init_provider_totp’, ‘custom_defender_action’ );

Parameters

$user – object

Return

No return

Example

5.1.25 Action: wd_2fa_init_provider_backup-codes

Link to chapter 1

Description

Action. Fires before user options are shown.

Usage

add_action( ‘wd_2fa_init_provider_backup-codes’, ‘custom_defender_action’ );

Parameters

$user – object

Return

No return

Example

5.1.26 Action: wd_2fa_init_provider_fallback-email

Link to chapter 1

Description

Action. Fires before user options are shown.

Usage

add_action( ‘wd_2fa_init_provider_fallback-email’, ‘custom_defender_action’ );

Parameters

$user – object

Return

No return

Example

5.1.27 Action: wd_2fa_user_options_totp

Link to chapter 1

Description

Action. Fires before user options are shown.

Usage

add_action( ‘wd_2fa_user_options_totp’, ‘custom_defender_action’ );

Parameters

$user – object

Return

No return

Example

5.1.28 Action: wd_2fa_user_options_backup-codes

Link to chapter 1

Description

Action. Fires before user options are shown.

Usage

add_action( ‘wd_2fa_user_options_backup-codes’, ‘custom_defender_action’ );

Parameters

$user – object

Return

No return

Example

5.1.29 Action: wd_2fa_user_options_fallback-email

Link to chapter 1

Description

Action. Fires before user options are shown.

Usage

add_action( ‘wd_2fa_user_options_fallback-email’, ‘custom_defender_action’ );

Parameters

$user – object

Return

No return

Example

5.1.30 Filter: wp_mask_login_enable

Link to chapter 1

Description

Filter. Enable or disable the Mask Login feature.

Usage

add_filter( ‘wd_mask_login_enable’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_mask_login_enable', '__return_false' );

5.1.31 Filter: wd_login_strict_slugs

Link to chapter 1

Description

Filter. Filter strict slugs.

Usage

add_filter( ‘wd_login_strict_slugs’, ‘custom_defender_filter’ );

Parameters

$slugs – array – the list of the slugs

Return

the $slugs as an array

Example

5.1.32 Filter: wd_login_slugs

Link to chapter 1

Description

Filter. Filter non-strict slugs.

Usage

add_filter( ‘wd_login_slugs’, ‘custom_defender_filter’ );

Parameters

$slugs – array – the list of the slugs

Return

the $slugs as an array

Example

5.1.33 Filter: defender_redirect_login

Link to chapter 1

Description

Filter. Redirect to the page.

Usage

add_filter( ‘defender_redirect_login’, ‘custom_defender_filter’, 10, 3 );

Parameters

$url – string $raw_url – string $user – object – User object

Return

the $url string.

Example

5.1.34 Filter: wd_mask_login_is_allowed_path

Link to chapter 1

Description

Filter. Filter to allow whitelisting paths from login masking.

Usage

add_filter( ‘wd_mask_login_is_allowed_path’, ‘custom_defender_filter’ );

Parameters

$allowed – bool
$path – string

Return

the $allowed as bool

Example

5.1.35 Filter: wpdef_maybe_redirect_to_mask_login_url

Link to chapter 1

Description

Filter. Filter to redirect current URL to Mask Login URL.

Usage

add_filter( ‘wpdef_maybe_redirect_to_mask_login_url’, ‘custom_defender_filter’ );

Parameters

$allowed – bool
$current_url – string

Return

the $allowed as boolean

Example

5.1.36 Filter: wd_head_request_ttl

Link to chapter 1

Description

Filter. Get TTL.

Usage

add_filter( ‘wd_head_request_ttl’, ‘custom_defender_filter’ );

Parameters

$ttl – null|int|false

Return

the $ttl string

Example

5.1.37 Filter: wd_permissions_policy_directives

Link to chapter 1

Description

Filter. Filter directives of Permissions-Policy header.

Usage

add_filter( ‘wd_permissions_policy_directives’, ‘custom_defender_filter’ );

Parameters

$directives – array

Return

the $directives as array

Example

5.1.38 Action: defender_recipient_added

Link to chapter 1

Description

Action. After adding recipients

Usage

add_action(‘defender_recipient_added’, ‘custom_defender_action’, 10, 2 );

Parameters

$email – string
$name – string

Return

No return.

Example

5.1.39 Action: defender_notify

Link to chapter 1

Description

Action. Notify users about results from Scan and Firewall modules.

Usage

add_action( ‘defender_notify’, ‘custom_defender_action’ );

Parameters

$slug – string – One of them: ‘firewall-notification’, ‘malware-notification’

$model – module object

Return

No return.

Example

5.1.40 Filter: wd_confirm_noreply_email

Link to chapter 1

Description

Filter. Change email for confirmation.

Usage

add_filter( ‘wd_confirm_noreply_email’, ‘custom_defender_filter’ );

Parameters

$no_reply_email – string

Return

the $no_reply_email as string.

Example

5.1.41 Filter: wd_subscribe_noreply_email

Link to chapter 1

Description

Filter. Change email for subscription.

Usage

add_filter( ‘wd_subscribe_noreply_email’, ‘custom_defender_filter’ );

Parameters

$no_reply_email – string

Return

the $no_reply_email as string.

Example

5.1.42 Filter: wd_unsubscribe_noreply_email

Link to chapter 1

Description

Filter. Change email to unsubscribe.

Usage

add_filter( ‘wd_unsubscribe_noreply_email’, ‘custom_defender_filter’ );

Parameters

$no_reply_email – string

Return

the $no_reply_email as string.

Example

5.1.43 Filter: wd_scan_threshold

Link to chapter 1

Description

Filter. Filter to override scan threshold period.

Usage

add_filter( ‘wd_scan_threshold’, ‘custom_defender_filter’ );

Parameters

$threshold_period – string. Any valid relative Date and Time formats.

Return

the $threshold_period as string

Example

5.1.44 Filter: wd_password_protection_enable

Link to chapter 1

Description

Filter. Enable or disable the Pwned Passwords feature.

Usage

add_filter( ‘wd_password_protection_enable’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_password_protection_enable', '__return_false' );

5.1.45 Filter: wd_password_reset_active

Link to chapter 1

Description

Filter. Enable or disable the Password Reset feature.

Usage

add_filter( ‘wd_password_reset_active’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_password_reset_active', '__return_false' );

5.1.46 Action: wd_forced_reset_password_url

Link to chapter 1

Description

Action. The forced url to password reset page.

Usage

add_action( ‘wd_forced_reset_password_url’, ‘custom_defender_action’ );

Parameters

$url – string. The reset password page that a user is redirected.
$action – string. Possible values: password_reset or password_protection.

Return

No return.

Example

5.1.47 Filter: wd_recaptcha_enable

Link to chapter 1

Description

Filter. Enable or disable the Google reCAPTCHA feature.

Usage

add_filter( ‘wd_recaptcha_enable’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

boolean

Example

add_filter( 'wd_recaptcha_enable', '__return_false' );

5.1.48 Action: wd_recaptcha_before_actions

Link to chapter 1

Description

Action. Extra conditions before the reCAPTCHA process.

Usage

add_action( ‘wd_recaptcha_before_actions’, ‘custom_defender_action’ );

Parameters

$condition – bool.

Return

No return.

Example

5.1.49 Action: wd_recaptcha_after_actions

Link to chapter 1

Description

Action. Extra conditions after the reCAPTCHA process.

Usage

add_action( ‘wd_recaptcha_after_actions’, ‘custom_defender_action’ );

Parameters

$condition – bool.

Return

No return.

Example

5.1.50 Filter: wd_recaptcha_excluded_requests

Link to chapter 1

Description

Filter. Exclude url requests for which Google reCAPTCHA may be displayed.

Usage

add_filter( ‘wd_recaptcha_excluded_requests’, ‘custom_defender_filter’ );

Parameters

$data – array. Array of requests.

Return

array

Example

5.1.51 Filter: wd_recaptcha_check_result

Link to chapter 1

Description

Filter. Exclude url requests for which Google reCAPTCHA may be displayed.

Usage

add_filter( ‘wd_recaptcha_check_result’, ‘custom_defender_filter’ );

Parameters

$result – bool. The result after the reCAPTCHA API response.
$form – string. Form slug, e.g. ‘default_comments’ or ‘login_form’.

Return

bool

Example

5.1.52 Filter: wd_recaptcha_require_valid_comment

Link to chapter 1

Description

Filter. Display a custom error message.

Usage

add_filter( ‘wd_recaptcha_require_valid_comment’, ‘custom_defender_filter’ );

Parameters

$error_message – string. The text that is displayed on failure for the default comment form.

Return

bool

Example

5.1.53 Filter: wd_recaptcha_remote_ip

Link to chapter 1

Description

Filter. Send the current IP to the reCAPTCHA API.

Usage

add_filter( ‘wd_recaptcha_remote_ip’, ‘custom_defender_filter’ );

Parameters

$ip – string.

Return

bool

Example

5.1.54 Action: wd_recaptcha_extra_assets

Link to chapter 1

Description

Action. Add additional script or style assets for reCAPTCHA module.

Usage

add_action( ‘wd_recaptcha_extra_assets’, ‘custom_defender_action’ );

Parameters

None

Return

None

Example

5.1.55 Action: wp_defender

Link to chapter 1

Description

Action. Run after the activation of the Defender plugin.

Usage

add_action( ‘wp_defender’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.56 Action: defender_enqueue_assets

Link to chapter 1

Description

Action. Enqueue assets and display data.

Usage

add_action( ‘defender_enqueue_assets’, ‘custom_defender_action’ );

Parameters

No parameters.

Return

No return.

Example

5.1.57 Filter: defender_get_times_interval

Link to chapter 1

Description

Filter. Get time interval.

Usage

add_filter( ‘defender_get_times_interval’, ‘custom_defender_filter’ );

Parameters

$interval – array

Return

the $interval array.

Example

5.1.58 Filter: defender_user_ip

Link to chapter 1

Description

Filter. Filter user IP.

Usage

add_filter( ‘defender_user_ip’, ‘custom_defender_filter’ );

Parameters

$ip – string

Return

the $ip string

Example

5.1.59 Filter: wp_defender_advanced_tools_data

Link to chapter 1

Description

Filter. Get and update frontend data for Masc Login and Security Headers pages.

Usage

add_filter( ‘wp_defender_advanced_tools_data’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

the $data array

Example

5.1.60 Filter: defender_filtering_data_settings

Link to chapter 1

Description

Filter. Filter settings data.

Usage

add_filter( ‘defender_filtering_data_settings’, ‘custom_defender_filter’ );

Parameters

$data – array

Return

the $data array

Example

5.1.61 Filter: wd_display_rating

Link to chapter 1

Description

Filter. Was the button ‘Rate Defender’ clicked or not?

Usage

add_filter( ‘wd_display_rating’, ‘custom_defender_filter’ );

Parameters

$flag – bool

Return

the $flag as bool

Example

5.1.62 Filter: wd_dismiss_rating

Link to chapter 1

Description

Filter. Was the button ‘Maybe later’ clicked or not?

Usage

add_filter( ‘wd_dismiss_rating’, ‘custom_defender_filter’ );

Parameters

$flag – bool

Return

the $flag as bool

Example

5.1.63 Filter: wd_display_vulnerability_warnings

Link to chapter 1

Description

Filter. Enable or disable of the view of vulnerability warnings.

Usage

add_filter( ‘wd_display_vulnerability_warnings’, ‘custom_defender_filter’ );

Parameters

$enabled – boolean

Return

boolean

Example

add_filter( 'wd_display_vulnerability_warnings', '__return_true' );

5.1.64 Filter: wpdef_clear_logs_time_limit

Link to chapter 1

Description

Filter. Filter time limit to clear old logs.

Usage

add_filter( ‘wpdef_clear_logs_time_limit’, ‘custom_defender_filter’ );

Parameters

$time_limit – int

Return

the $time_limit as int

Example

5.1.65 Filter: wd_countries

Link to chapter 1

Description

Filter. Filter countries.

Usage

add_filter( ‘wd_countries’, ‘custom_defender_filter’ );

Parameters

$countries – array

Return

the $countries as array

Example

Defender includes WP-CLI integration, enabling command-line access to common tasks. See the list of supported commands below.

5.2.1 Malware Scanning

Link to chapter 2

Command
wp defender scan [command] [–type=]

Parameters

command
String
Filescan task to perform. Accepts: run, ignore, unignore, delete, resolve, clear_logs.
type
String
Type of content to perform the task on. Accepts: core_integrity, plugin_integrity, vulnerability, suspicious_code.

Examples

Clear completed Malware Scan entries from Scheduled Actions logs:
wp defender scan clear_logs

Run full Defender filescan:
wp defender scan run

Run full Defender filescan and ignore all issues:
wp defender scan ignore

Run full Defender filescan and unignore all issues:
wp defender scan unignore

Run full Defender filescan and delete all unknown or modified files/directories in WordPress core, plugins and themes, and all files with suspicious functions found:
wp defender scan delete

Run full Defender filescan and resolve all possible issues:
wp defender scan resolve

Run full Defender filescan and ignore all unknown/modified file issues found in WordPress core:
wp defender scan ignore --type=core_integrity

Run full Defender filescan and unignore all unknown/modified file issues found in WordPress core:
wp defender scan unignore --type=core_integrity

Run full Defender filescan and delete all unknown files/directories in WordPress core:
wp defender scan delete --type=core_integrity

Run full Defender filescan and resolve all unknown/modified file issues found in WordPress core:
wp defender scan resolve --type=core_integrity

Run full Defender filescan and ignore all unknown/modified file issues found in plugins from wordpress.org:
wp defender scan ignore --type=plugins_integrity

Run full Defender filescan and unignore all unknown/modified file issues found in plugins from wordpress.org:
wp defender scan unignore --type=plugins_integrity

Run full Defender filescan and delete all unknown files/directories found in plugins from wordpress.org:
wp defender scan delete --type=plugins_integrity

Run full Defender filescan and resolve all unknown/modified file issues found in plugins from wordpress.org:
wp defender scan resolve --type=plugins_integrity

Run full Defender filescan and ignore all published vulnerability issues found in plugins and themes:
wp defender scan ignore --type=vulnerability

Run full Defender filescan and unignore all published vulnerability issues found in plugins and themes:
wp defender scan unignore --type=vulnerability

Run full Defender filescan and delete all files with published vulnerability issues found in plugins and themes:
wp defender scan delete --type=vulnerability

Run full Defender filescan and resolve all possible published vulnerability issues found in plugins and themes:
wp defender scan resolve --type=vulnerability

Run full Defender filescan and ignore all suspicious code issues found in plugins and themes:
wp defender scan ignore --type=suspicious_code

Run full Defender filescan and unignore all suspicious code issues found in plugins and themes:
wp defender scan unignore --type=suspicious_code

Run full Defender filescan and delete all files with suspicious code issues found in plugins and themes:
wp defender scan delete --type=suspicious_code

Run full Defender filescan and resolve all possible suspicious code issues found in plugins and themes:
wp defender scan resolve --type=suspicious_code

5.2.2 Mask Login

Link to chapter 2

Command
wp defender mask_login [command]

Parameters

command
String
Mask Login task to perform. Accepts: clear.

Examples

Clear the Mask Login URI & reset to default:
wp defender mask_login clear

5.2.3 Security Headers

Link to chapter 2

Command
wp defender security_headers [command]

Parameters

command
String
Security headers task to perform for all security header options. Accepts: check, activate, deactivate.

Examples

Check for all security headers:
wp defender security_headers check

Activate all security headers:
wp defender security_headers activate

Deactivate all security headers:
wp defender security_headers deactivate

5.2.4 Firewall

Link to chapter 2

Command
wp defender firewall [command] [arg_1] [arg_2] –ips=[ips]

Parameters

command
String
Firewall task to perform. Accepts: clear, unblock, activate, deactivate, list. Note that list is used only with the user_agent argument; activate & deactivate are used only with submodule argument as seen in the examples below.
arg_1
String
Type of content to perform the task on. Accepts: ip, files, user_agent, submodule.
arg_2
String
Specific content to perform the task on. Accepts: all, allowlist, blocklist, country_allowlist, country_blocklist, lockout, <submodule>. Note that <submodule> must be specified and is used only with submodule in arg_1; all is used only with list user_agent, as seen in the examples below.
ips
String
Optional. Specific IP addresses to unblock. Accepts comma-separated IPv4 addresses. Use only when unblocking locked out IPs.

Examples

Clear all IP addresses from the IP allowlist:
wp defender firewall clear ip allowlist

Clear all IP addresses from the IP blocklist:
wp defender firewall clear ip blocklist

Clear all IP addresses from the Locations allowlist:
wp defender firewall clear ip country_allowlist

Clear all IP addresses from the Locations blocklist:
wp defender firewall clear ip country_blocklist

Clear all files from the 404 allowlist:
wp defender firewall clear files allowlist

Clear all files from the 404 blocklist:
wp defender firewall clear files blocklist

Unblock a single IP address::
wp defender firewall unblock ip lockout --ips=127.0.0.1

Unblock multiple IP addresses::
wp defender firewall unblock ip lockout --ips=127.0.0.1,255.255.255.255

Clear all User Agents from the allowlist:
wp defender firewall clear user_agent allowlist

Clear all User Agents from the blocklist:
wp defender firewall clear user_agent blocklist

Activate Login Protection submodule:
wp defender firewall activate submodule login_protection

Activate 404 Detection submodule:
wp defender firewall activate submodule 404_detection

Activate User Agent Banning submodule:
wp defender firewall activate submodule user_agent

Deactivate Login Protection submodule:
wp defender firewall deactivate submodule login_protection

Deactivate 404 Detection submodule:
wp defender firewall deactivate submodule 404_detection

Deactivate User Agent Banning submodule:
wp defender firewall deactivate submodule user_agent

Get the list of all user agents:
wp defender firewall list user_agent all

Get the list of user agents on the allowlist:
wp defender firewall list user_agent allowlist

Get the list of user agents on the blocklist:
wp defender firewall list user_agent blocklist

5.2.5 Password Reset

Link to chapter 2

Command
wp defender password_reset [command]

Parameters

command
String
Password Reset task to perform. Accepts: force, undo.

Examples

Force password reset for all currently selected user roles:
wp defender password_reset force

Undo the password reset for all currently selected user roles:
wp defender password_reset undo

5.2.6 Settings

Link to chapter 2

Command
wp defender settings [command]

Parameters

command
String
Settings task to perform. Accepts: reset.

Examples

Reset all plugin settings and data:
wp defender settings reset

5.2.7 Logs

Link to chapter 2

Command
wp defender logs [command]

Parameters

command
String
Logs task to perform. Accepts: delete.

Examples

Delete all log entries older than 7 days
wp defender logs delete