DNSBL Plugin

This page documents the WordPress plugin Tornevall Networks DNSBL and Fraud Blacklist implementation.

What the plugin does

The plugin adds a lightweight DNSBL/FraudBL protection layer to WordPress.

Current features include:

• direct DNS lookups against configured blacklist resolvers
• local cache storage to avoid repeating lookups too often
• optional comment-spam escalation through Tornevall Tools
• visitor blocking / redirect behaviour for listed IP addresses
• comment hiding for listed visitors
• admin self-check and manual lookup tools
• admin statistics for recorded checks, hits and blocked requests
• a safe IP whitelist so your own address can be tested without being blocked

Admin dashboard

The DNSBL admin screen now contains:

• At a glance for current configuration
• Visitor statistics with:
  • resolved visitor checks recorded
  • unique visitor addresses seen
  • blacklist hits recorded
  • blocked requests recorded
  • unique blocked visitor addresses
  • last 24 hours snapshot
  • cached blacklist entries currently stored
• Plugin information and help
• Try-tests and self-check tools
• settings for resolvers, cache lifetime, protection behaviour and Tools integration

How the statistics work

The plugin ships with a dnsblstats table and now writes live request events into it.

In practice this means the dashboard can show:

• how many checks have been recorded
• how many addresses were seen
• how many blacklist hits were returned
• how many requests were considered blocked

The statistics are event-based, so they become useful after the upgraded plugin has handled normal traffic.

Safe testing in WordPress

The recommended way to test DNSBL behaviour is:

• keep your own current IP address in the safe IP whitelist
• use the built-in lookup and self-check tools from wp-admin
• review the visitor statistics and blacklist-hit counters

Whitelisted IP addresses are still evaluated and can appear in the statistics, but they are not blocked, redirected or marked as spam.

When possible, the activating owner's IP is seeded into the whitelist automatically during first-time setup.

Why the old overview looked empty

The old "At a glance" box only summarized configuration values such as resolver count, selected flags and token/dev-mode state.

Even though the plugin schema already contained a dnsblstats table, the current 3.x code path was not writing to it, so there was nothing meaningful to display.

That gap has now been closed.

Documentation and source trail

• Plugin page: https://wordpress.org/plugins/tornevall-networks-dnsbl-implementation/
• Project repository: https://github.com/Tornevall/tornevall-wp-dnsbl
• Plugin changelog: https://github.com/Tornevall/tornevall-wp-dnsbl/blob/master/CHANGELOG.md
• Commit history / diff trail: https://github.com/Tornevall/tornevall-wp-dnsbl/commits/master
• Issues: https://github.com/Tornevall/tornevall-wp-dnsbl/issues

Notes

• The plugin still uses the historical bootstrap filename tornevall-wp-dnsbl.php.
• The 3.x series is a cleanup/refactor of the older codebase.
• The latest historical tag visible in the local repository is 2.1.9.

Last Updated: 2026-03-13