Managed OWASP rules & FireHOL IP lists (Security)
What managed WAF rules and IP blocklists do on SwiftPress, why enabling them helps, and where to turn them on in my.swiftpress.io.
SwiftPress can apply managed security rules at the edge: OWASP-oriented WAF rules (common web attack patterns) and managed IP blocklists built from FireHOL-style threat feeds. Together they reduce noise, scans, and exploit attempts before bad traffic stresses your WordPress server.
You control these from the client area—typically Security → Managed rules (exact labels may vary slightly as we ship UI updates).
Two layers, one goal
| Layer | What it is | What it helps with |
|---|---|---|
| Managed OWASP rules | A curated set of WAF checks aligned with OWASP categories (injection, XSS-style patterns, common probes, etc.). | Blocks or challenges application-layer attacks that look like real HTTP requests—not just “bad IPs”. |
| Managed IP lists (FireHOL) | IP ranges associated with known abuse, bots, or hostile networks from community-maintained FireHOL blocklists, applied as managed lists. | Drops or blocks known-bad sources early—before they hit PHP or WordPress. |
OWASP = Open Web Application Security Project—a widely used reference for how web apps get attacked. FireHOL = a well-known project that publishes machine-readable firewall lists; managed means SwiftPress imports and maintains them for you—no manual CSV updates.
Why enabling these is useful
- Less junk on your origin — Many attacks never reach WordPress; the edge absorbs them.
- Up-to-date protection — Managed lists and rule packs evolve as threats change; you’re not maintaining regexes by hand.
- OWASP-aligned coverage — Good baseline against common web flaws and scanner behaviour.
- IP reputation — FireHOL-style lists target networks with a history of abuse, reducing brute-force and scan traffic in bulk.
- Simple toggle — Turn managed protections on from your dashboard instead of editing raw firewall rules.
Nothing is a 100% guarantee—but defence in depth (CDN + WAF + lists + good WordPress hygiene) is how serious sites stay online.
Trade-offs (honest)
- Rare false positives — A very small fraction of legitimate visitors might share an IP range with bad actors, or a rare request might match a strict rule. If something breaks, disable the specific managed set temporarily and contact support—we can tune expectations.
- Not a replacement for updates — Rules don’t fix vulnerable plugins; they reduce exploitation noise. Keep WordPress, themes, and plugins updated anyway.
Where to enable them
- Sign in to my.swiftpress.io.
- Select your site.
- Open Security → Managed rules (or the closest equivalent in your menu).
- Enable managed OWASP / WAF rules and managed IP blocklists (FireHOL) as offered for your plan.
If you don’t see Managed rules, your plan or region may differ—live chat can confirm what’s available.
Summary
| Question | Short answer |
|---|---|
| What are OWASP rules here? | Managed WAF checks for common web attacks aligned with OWASP-style patterns. |
| What is FireHOL in this context? | Curated IP blocklists we maintain for you, sourced from FireHOL-style feeds—not something you download manually. |
| Should I enable them? | Yes, for most sites—unless you’re explicitly debugging and need to rule them out. |
Need help?
Use — same as the Support link in the site footer (opens the chat widget). You can also sign in at my.swiftpress.io. We don’t offer email support — see How to contact customer support. If something in this article doesn’t match your dashboard, and we’ll point you to the right screen.