Injection Guard


Injection Guard is a wordpress plugin which helps you to get relax about security of your website which can be disturbed by invalid query string based requests. It is much better that if you are using pretty permalinks so you can deny all of the query string parameters straightaway instead of having headache of a list of whitelisted parameters and blacklisted as well. I am a PHP, WordPress developer and i faced a lot of inconvenience regarding keep an eye on security threats related to query strings and user’s activity. Our debugging process demands continuous monitoring to the number of requests and their types. So, I coded a number of fixes for wordpress sites and few of them are in form of articles on my blog.


injection shield


1- Be in touch with your Google Webmaster Tools.

2- Keep visitng author’s blog for the updates.


sql injection, http injection, site hacked, site hacking, anti hacking, injection guard, hacking


**📌 Log all the unique query strings which are trying to penetrate your website
**📌 Blocked some query parameter
**📌 With an add-on you can ask a free diagnosis for your site


This WordPress Plugin is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or any later version. This free software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this software. If not, see


  • Settings & Reports


To use Injection Guard, you will need:
* an installed and configured copy of [WordPress][]

(version 3.0 or later).

* FTP, SFTP or shell access to your web host

New Installations


  1. Go to your wordpress admin “”

  2. Login and then access “

  3. Upload and activate this plugin

  4. Now go to admin menu -> settings -> IG Settings

  5. Click on save settings button.

  6. That’s it, now wait for the magic


  1. Download the Injection Guard installation package and extract the files on

    your computer.

  2. Create a new directory named Injection Guard in the wp-content/plugins

    directory of your WordPress installation. Use an FTP or SFTP client to

    upload the contents of your Injection Guard archive to the new directory

    that you just created on your web host.

  3. Log in to the WordPress Dashboard and activate the Injection Guard plugin.
  4. Once the plugin is activated, a new IG Settings sub-menu will appear in your WordPress admin -> settings menu.


Does this plugin help in saving SEO effort?


Is it secure? If yes, how?

It immediately senses the unauthorized access through query string and block it immediately. It does not let the page generate a valid content for an invalid request. It saves you from an extreme headache.

What if I am still being hacked?

Make sure that your plugin version is updated because protection and related knowledge is evolving every moment. Keep an eye on invalid requests through query strings you have, either restrict few of them or restrict them all if not required.

I have some other queries, other than this plugin, may I ask to the plugin author?

YES, if the queries are about WordPress and data security then you are welcome.

What best method is to contact plugin author?

It is good if you use support tab or plugin’s author blog. If you want to reach the author immediately then use contact form on his blog.

I am not sure that I configured it properly or not?

Contact plugin author, he might will do on your behalf or will guide you shortly.


26 Aibreán, 2021
Injection Guard with Wordfence allows me to sleep and not worry. Don’t even have to check all of the reported links. Along with articles about security in wp-config this beginner is extremely satisfied with the Injection Guard plugin.
3 Meán Fómhair, 2016
yeah it’s good – had been searching for a solution like this for quite a while, provides good security without breaking your site. would recommend. definitely worth a $15 donation to make up for removal of stress and headaches.
Read all 4 reviews

Contributors & Developers

“Injection Guard” is open source software. The following people have contributed to this plugin.


Translate “Injection Guard” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Updated version for WordPress. [05/06/2024]


  • Updated version for pioneer. [Thanks to alianwaar91][11/05/2023]


  • Updated version for vulnerable to Broken Access Control. [Thanks to Darius Sveikauskas | Patchstack Alliance overlord][10/05/2023]


  • Updated version for WordPress. [07/09/2022]


  • Bootstrap, FontAwesome and timestamp based log added. [Thanks to Team Ibulb Work]


  • Updating jQuery functions.


  • Updating FAQs.


  • Languages added. [Thanks to Abu Usman]


  • Dashboard refined with customers results.


  • Dashboard introduced for registered users activity regarding orders and logins from different locations.


  • Sanitized input and fixed direct file access issues.


  • Updating a few Illegal string offset conditions. [Thanks to PapGeo]


  • Updating a few Illegal string offset conditions.


  • Releasing with WP Mechanic free help feature.