Updating WordFence WAF Whitelist IP programmatically

WordPress is one of the most popular CMS systems on the Internet. In the United States alone, roughly 30% of the top 1 million websites are powered by this system.

One of the most obvious things that you have to be concerned with on any hosting site is security. A widely used WordPress security plugin is WordFence. One of the featured of this plugin is a WAF, or web application firewall. While having a firewall is very handy and a great method of blocking bad actors, there are often cases in which you would want to whitelist an IP address to ensure that certain traffic sources always make it in.

For example, I try to ensure that the dynamic DNS IP for my home egress is always whitelisted to ensure that I am never blocked from managing my own CMS. With a CMS however you do not always know when your ISP changes your IP.

Fortunately, like all WP plugins, WordFence stores its configuration data in tables in the WP database. This allows for programmatic access via the command line. In order to handle this what I can up with was a script that can be run on manual basis, or via a cronjob, to update this database field.

You can check the script out in my Github repo: https://github.com/andyfore/wordfence_whitelist_conversion