Phoenix Firewall


  • Current Version: 1.2.1
  • Last Updated: 06/03/2024
  • Supports Phoenix: -
  • PHP: >=7.3, <=8.2

  • License: Annual
  • Requires: php-zip php-pdo pgp-pdo_mysql curl file_get_contents fsockopen

The Phoenix Firewall will help protect your Phoenix Cart Website from:

  • Brute force attacks
  • Bad Bots
  • Malware
  • Hacking of your website
  • Blacklisted IP addresses

Some of the tools and features are:

  • Scanning of webserver access logs (optional)
  • Scanning of webserver error logs (optional)
  • Watch live traffic on website and allow blocking in real time
  • Alerts system to keep website admin informed on attacks, increased attacking, blocks, logins, password changes, found malware, detected hacks, etc.
  • Blacklist of manually blocked IP addresses or blocks of addresses.
  • Whitelist of manually ignored IP addresses or blocks of addresses.
  • Bots to block
  • Limit failed login attempts
  • Ban times and thresholds
  • Rate limit visitors
  • Custom banned page as well as banned messages to display
  • Block POST attempts with empty USER_AGENT or REFERRER
  • Whois and Reverse IP lookups
  • Honeypot to target bots hitting wordpress or cgi-bin requests etc.
  • 2FA with Google Authenticator for admin accounts, with ignore IP list for admins
  • Hashing of all scanned files against clean copy of Phoenix Cart matching your version. If files change, they are rescanned. All files are checked against hacker strategies and examples. This library will increase and will be updated with a valid license. Any malware suspected files are alerted in the admin and by email depending on settings.
  • Built-in cron system to run scans on chosen schedule with email alerts
  • Diagnostic page for troubleshooting support issues
  • Scanner runs independent of Phoenix if you use server auto_prepend_file and htaccess asset scanning
  • Block IP found accessing malware files
  • Blocked IPs and Live Traffic show GEO Data (Optional MaxMind Geo Matching (requires download))
  • Country Realtime Blocking (requires MaxMind Download)
  • More features to come ...
  • 1.2.1 (06/03/2024)
    • Fix issue with errors on non-existant logs
    • Add database indexes to speed up operation of firewall routines. (If you already have these indexes through support ticket, remove them from /includes/apps/firewall/admin/inc/fwupdates/01.02.01.php)
    • Adjusted .htaccess in includes/apps/firewall/ to correct newer Apache issue.
    • Fix issue with some versions of MySQL not liking some SQL syntax.
    • Fixed default throttle setting from 50 to 500.
  • 1.2.0 (04/22/2024)
    • Several core adjustments for better performance
    • Remove old clean_core version files when downloading new clean_core files
    • Test for
    • Malware Scanner Improvements
  • 1.1.2 (04/11/2024)
    • Adjusted learning mode logic to be more accurate.
    • Added popup reverse lookup for blocked items to speed up block list.
    • Changed logic for log analysis to be less memory intense.
  • 1.1.1 (03/18/2024)
    • Add setting for blocking IP of someone requesting a password reset for an account that does not exist.
    • Add setting for not sending alerts if triggered by whitelisted IP.
  • 1.1.0 (03/17/2024)
    • Add caching blocks on local filesystem to speed things up and avoid so much Database traffic.
    • Add caching settings on local filesystem to speed things up and avoid so much Database traffic.
    • Add caching file results on local filesystem to speed things up and avoid so much Database traffic.
    • Several logic enhancements
  • 1.0.0 (03/14/2024)
    • Initial Release
This addon support lasts for 365 days. You can use this addon forever but will need a valid license if you need an upgrade.
  • Purchase and you will receive the zip file containing this add-on and a license code
  • Unzip the file
  • Copy the contents of the zip into the root of your catalog
    • If you have a slow FTP connection you may want to upload in stages to avoid any down time. Upload the hooks last in this situation as they may start looking for files that are not yet uploaded.
  • Navigate to your catalog/admin/firewall.php
    • If there are any issues pre-install the admin/firewall.php dashboard should outline them.
    • If your site becomes unresponsive, a quick fix is to edit apps/firewall/admin/classes/fireWall.php and set the disable_firewall_blocking=1. This should disable the firewall entirely until you can diagnose the issue from your logs.
    • If no issues, then proceed by clicking the INSTALL button
    • Then navigate to admin/firewall.php?settings=1 and configure your settings
    • Then navigate to admin/firewall.php?support=1 and click the "Re-Generate Firewall Config" link on that page to generate the firewall config file.
    • Then review all of the settings on the admin/firewall.php?support=1 page to make sure there are no alerts.
    • Now you should be able to go to admin/firewall.php?scan=1 and run your first file scan of your site
    • You can also go to admin/administrators.php and edit your admin accounts and set them up with 2FA
    • Navigate the other areas of the Firewall and review the Dashboard, Live Traffic, Blocked, Geo Data, etc to familiarize yourself with all of the settings and features.
  • Enter your license code from your order email receipt into the link at the top of the Firewall "Check For Upgrades"
  • Happy Blocking Bad Traffic and Malware! 😉


Phoenix Menu Master
Phoenix Menu Master

This seems to have everything to customise and display any s...
>=7.3, <=8.2 –