| 开发者 | ddosnull |
|---|---|
| 更新时间 | 2026年7月13日 21:17 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 7.0 |
| 版权: | GPL-2.0+ |
| 版权网址: | 版权信息 |
ddosnull-shield folder to /wp-content/plugins/, or install it directly from the WordPress plugin directory.No. The plugin intercepts requests before WordPress loads the full page, and all traffic analysis happens on ddosNull's servers — not yours. There is zero performance impact on normal page loads.
No DNS changes, no proxy, no re-routing your traffic. ddosNull Shield works directly inside WordPress. Your DNS, CDN, and existing Cloudflare setup stay exactly as they are.
Use Dry Run Mode first. You'll see a report of exactly who would have been blocked before any blocking occurs. ddosNull also uses smart challenges (not hard blocks) for suspicious-but-not-confirmed traffic, so edge cases like VPN users get a quick verification step instead of a flat rejection.
Yes. Because ddosNull Shield works at the PHP/WordPress layer, it runs on any host that supports WordPress plugins — including shared cPanel and Plesk hosting. No server-level access is required.
Your WordPress site keeps running normally. The plugin stores the last known block list locally and continues enforcing those rules if the ddosNull cloud is temporarily unreachable. Nothing breaks.
Checkout protection against carding, card testing, and fake orders is available with ddosNull Shield Pro, distributed from ddosnull.com. When active, it collects lightweight browser signals on the checkout page — things like screen dimensions, JavaScript environment, and session timing. Orders that arrive too fast, without a real browser, or from known automation tools are blocked before the order is created. Legitimate shoppers experience no friction.
ALTCHA is a privacy-friendly proof-of-work challenge that runs silently in the browser. Most real visitors pass it automatically without clicking anything. It requires no Google account and collects no personal data.
Yes. Switch the challenge type to reCAPTCHA v2 in the plugin settings and enter your site key and secret key from Google.
When early loading is enabled, the plugin installs a small must-use plugin file so the intercept runs before regular plugins load — giving better performance under heavy traffic. The setting is opt-in and can be toggled on or off at any time from the plugin settings page.
Yes. All paid plans include a 30-day money-back guarantee — no questions asked. You can also start on the Free plan (15,000 requests/month) before upgrading. There are no long-term contracts; you can cancel at any time and protection remains active through the end of your current billing period.
Your traffic never passes through ddosNull's servers. The plugin only shares anonymized metadata — IP addresses, request counts, and access log lines — to power threat detection. ddosNull never sees your customers' personal data, payment information, or page content.
~ for case-sensitive, ~* for case-insensitive).