This documentation is only valid for older versions of Wordfence. If you are using Wordfence 7 or later, please visit our new documentation.


From Wordfence Documentation
Jump to: navigation, search

NOTE: This is provisional documentation. This function will be included in Wordfence 5.3.2 release and is not available in the current release which is 5.3.1 as of November 13, 2014.

The wordfence::whitelistIP($IP) is part of Wordfence's API that we expose to other theme and plugin developers. The function can be used to add an IP address to the Wordfence whitelist.

What this means is that any traffic from that IP address will bypass all security checks. This includes two factor authentication, so if someone from that IP signs-in they will not be asked to enter the cellphone sign-in code.

The function can be called with a dotted quad IP address passed as a string. e.g.


Or you can whitelist a range of IP's by using a square bracket notation that is fairly intuitive:


You can use multiple ranges in an IP. e.g.


Note that we do not validate if your ranges are legal e.g. that you don't include a range like [1-256] where 256 is out or range. A range like this will simply check 1-255 internally and will ignore the fact that you've specified an IP that will never exist. So if you're accepting user input that allows ranges, please do your own validation.

The function returns true if the IP was added and false if the IP already existed in the whitelist. On failure it will throw an exception which contains a helpful message explaining the problem. So you should enclose this call in try/catch blocks and then gracefully handle the error. e.g.

try {
} catch(Exception $e){
  $errorMsg = $e->getMessage();
  //Do something intelligent with the error you received from Wordfence.
} //Otherwise if the catch block doesn't execute the function has succeeded.