The wp admintools wafdeny commands let you manage the WAF Deny List rules. These rules block specific requests matching criteria such as option (component), view, task, query parameters, HTTP verb, and application area.
Creates a new WAF Deny List rule.
wp admintools wafdeny add [--option=<option>] [--view=<view>] [--task=<task>] [--query=<query>] [--query-type=<query_type>] [--query-content=<query_content>] [--verb=<verb>] [--application=<application>] [--enabled=<enabled>]
--optionThe option (component) to match. Optional.
--viewThe view to match. Optional.
--taskThe task to match. Optional.
--queryThe query parameter name to match. Optional.
--query-typeHow to match the query content: E (Exact), P (Partial), or R (Regex). Default: E.
--query-contentThe query parameter value to match. Optional.
--verbThe HTTP verb to match (e.g. GET, POST). Optional.
--applicationThe application area: site, admin, or both. Default: both.
--enabledWhether the rule is enabled (1) or disabled (0). Default: 1.
Block POST requests to a specific component:
wp admintools wafdeny add --option=com_example --verb=POST
Block requests with a partial query match:
wp admintools wafdeny add --query=hack --query-type=P --query-content=malicious
Block requests to a view on the frontend only:
wp admintools wafdeny add --view=exploit --application=site
Success: WAF Deny rule created with ID 1.