REST endpoints
Namespace ospam/v1. All routes require manage_options.
| Method | Path | Purpose | |||
|---|---|---|---|---|---|
| GET | /stats | Aggregate stats for the dashboard | |||
| GET | /log | Paginated log (?page=, ?per_page=, `?filter=blocked | allowed`) | ||
| DELETE | /log/{id} | Delete a log row | |||
| GET | `/blocklist?type={ip\ | email\ | domain\ | keyword}` | List blocklist entries |
| POST | /blocklist | Create entry (type, value, note) | |||
| DELETE | /blocklist/{id} | Delete a blocklist entry | |||
| GET | `/allowlist?type={ip\ | email\ | domain}` | List allowlist entries | |
| POST | /allowlist | Create entry (type, value, note) | |||
| DELETE | /allowlist/{id} | Delete an allowlist entry |
Valid blocklist types: ip, email, domain, keyword. Allowlist supports ip, email, domain only.
PHP API
phpOSpam_DB::insert_blocklist( 'ip', '203.0.113.42', 'Repeated honeypot hits' );
OSpam_DB::insert_allowlist( 'email', 'partner@trusted.com', 'Whitelisted partner' );
OSpam_DB::stats();
OSpam_DB::count_blocked();
OSpam_DB::count_blocked_today();
OSpam_RateLimit::reset( '203.0.113.42' ); // clear the rate-limit counterAuto-blocklist
Enable ospam_auto_blocklist_enabled and set a threshold (ospam_auto_blocklist_threshold, default 3). After that many honeypot hits from the same IP in 24 hours, the IP is auto-added to wp_ospam_blocklist with a note like "auto-blocked: repeated honeypot hits." The action is also logged to Orravo Core's activity feed via OC_DB::log_activity().