Linux 软件免费装

在这里免费安装WordPress以及其他软件

Cloud Maestro - WAF Security Suite for Cloudflare

开发者 5starplugins
更新时间 2026年2月17日 09:41
PHP版本: 7.4 及以上
WordPress版本: 6.9.1
版权: GPLv3 or later
版权网址: 版权信息

标签

security firewall cloudflare bot protection waf rules

下载

1.0.6 1.0.7 1.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5

详情介绍:

Cloud Maestro brings centralized Cloudflare Web Application Firewall (WAF) controls directly into WordPress. Why would I use a plugin when I can create rules in Cloudflare? If you manage multiple Cloudflare-connected sites, Cloud Maestro is a productivity tool that helps oversee several domains from a central dashboard using WordPress. If you only manage one domain in Cloudflare, you wouldn't benefit from this plugin. It’s useful for someone managing: The free version supports one Cloudflare account with multiple domains. An optional premium version is available for managing unlimited domains across multiple Cloudflare accounts at once. 🛡️ Why Use Cloud Maestro - WAF Security Suite for Cloudflare? Managing security rules across multiple Cloudflare domains is tedious and time-consuming. This plugin streamlines the process, allowing you to: ✅ Free Standard Features 🔥 What Gets Protected The plugin deploys 3 optimized trusted security rules (prior versions used 5) that work together to protect your sites: ✨ Premium Upgrade (Optional) For agencies and professionals managing multiple Cloudflare accounts, a Premium version is available with expanded functionality and tech support. Check out our free trial for these features: 📋 Important Information Rule Replacement: This plugin replaces existing custom WAF rules on targeted domains. Make sure to back up any custom rules you want to keep. Compatibility: Works with Cloudflare Free, Pro, and Business plans. Not compatible with Enterprise plans managed by hosting providers. Service Monitoring: These rules might challenge some monitoring or uptime services. Check Cloudflare's Events log if services stop connecting, and add exceptions as needed.

安装:

Automatic Installation
  1. Log in to your WordPress admin panel
  2. Navigate to PluginsAdd New
  3. Search for "Cloud Maestro"
  4. Click Install Now and then Activate
Manual Installation
  1. Download the plugin ZIP file
  2. Log in to your WordPress admin panel
  3. Navigate to PluginsAdd NewUpload Plugin
  4. Choose the ZIP file and click Install Now
  5. Click Activate Plugin
Getting Started
  1. After activation, navigate to WAF Security in your WordPress admin menu
  2. Enter your Cloudflare API details:
  3. API Token - Paste in your existing API Token, or click the Generate New Token button.
  4. Account ID - Choose your account ID from the drop-down.
  5. Global API Key is also supported but NOT recommended.
  6. Click Save Settings to retrieve your domains
  7. Select the domains you want to protect
  8. Click Create/Overwrite All WAF Rules
  9. Verify the rules in your Cloudflare account, and edit further as needed.
That's it! Your sites are now protected. The Premium version offers easy checkbox selection of common service user agents, and type in custom user agents or IPs.

屏幕截图:

  • API Token field with easy Generate Token button
  • API Settings encrypted with built-in expiration timer
  • Premium Good Bot customization options
  • Successfully deployed rules confirmation
  • Cloudflare dashboard showing applied WAF rules
  • Premium IP Rules Management screen
  • New Preview Rules Section

升级注意事项:

1.0.7 Fixes custom user agent persistence and expands allowed characters for greater flexibility with monitoring services.

常见问题:

How It Works

1. Install Once - You only need to install the plugin to one site to manage all of your Cloudflare-connected domains 2. Connect Your Cloudflare Account – Securely enter your API credentials (encrypted and stored safely) 3. Select Your Domains – View all domains in your account with convenient checkboxes 4. Deploy Rules – Click once to apply proven security rules across all selected domains 5. Stay Protected – Your sites are now shielded from thousands of common threats and malicious or resource-hungry traffic

Will this affect my existing Cloudflare rules?

Yes, this plugin replaces the custom WAF rules in your Cloudflare configuration. Any existing custom rules will be overwritten. The plugin does not affect Cloudflare's managed rulesets or other settings—only custom WAF rules.

Are my Cloudflare API credentials secure?

Yes. It uses API Tokens that are stored encrypted using AES-256-CBC (bank-level encryption) securely within WordPress. For additional security, it has a Settings Expiration timer that automatically deletes the API settings, or manually using the "Delete Settings" button when you're not actively managing rules.

Does the free version require a Premium upgrade?

No. The free version works independently and includes centralized WAF rule deployment for one Cloudflare account with multiple domains. The free version is ideal for managing up to 25 domains under one Cloudflare account. Premium expands this to multiple Cloudflare accounts and unlimited domains for agencies and professionals. Additionally, powerful customization options are available, including built-in bot whitelisting, custom user agents, custom IP addresses, and the IP Rules Manager.

Will this work with any Cloudflare plan?

This plugin is designed for Cloudflare Free, Pro, and Business plans. WAF features depend on Cloudflare’s plan limitations. Enterprise plans typically have different WAF rule management and may be controlled by your hosting provider, so this plugin may not be compatible.

Will this block legitimate bots like Google?

No. The first rule explicitly allows verified bots from major search engines (Google, Bing), monitoring services, and other legitimate services. The Premium version offers even more control with 50+ built-in trusted services you can whitelist.

What happens if a monitoring service gets blocked?

If you notice a service can't connect after applying rules, check Cloudflare's Events log to see what was blocked. You can then add that service's user agent or IP to the allowlist. Premium users can do this directly in the plugin with custom user agents and IP fields.

Can I customize or override the rule expressions with code?

Yes! Developers can use WordPress filter hooks to customize or completely replace each rule expression. The plugin provides three filters: fivestar_cfwaf_good_bot_expression, fivestar_cfwaf_managed_challenge_expression, and fivestar_cfwaf_block_expression. Add your custom code to your theme's functions.php, a code snippet, or a custom plugin. For documentation and examples, visit our support site. You can also more easily add 50+ pre-configured service user agents across 8 categories via the Premium version, which offers simple checkbox selection, and custom text fields to add your own user agents or IPs as desired, and saves those settings for repeated use.

Fair Use Disclaimer:

This plugin is independent and not affiliated, endorsed, or sponsored by Cloudflare®. Trademarks are used under fair use for compatibility and functionality only. No endorsement is implied. This plugin was inspired in part by Troy Glancy’s WAF Rules v3.

更新日志:

1.0.7 - 2026-02-12 1.0.6 - 2026-02-12 1.0.5 - 2026-02-10 1.0.4 - 2026-02-08 1.0.3 - 2026-02-04 1.0.2 - 2026-02-03 1.0.1 - 2026-01-31 1.0.0 - 2026-01-29