// tool reference · Governance & Advisory
Security Center Business
Platform defence posture: blocklists, lockdown, honeypot and rate-limit controls.
What it does
The platform's own defensive controls: IP/CIDR/ASN/country blocklists, lockdown mode, honeypot sensitivity and rate-limit posture.
When to use it
- You are under active abuse and need to tighten posture now.
- Reviewing what is currently blocked and why.
Inputs
Field names are the actual form parameters, verified against source.
| Field | Type | Required | Notes |
|---|---|---|---|
| tab | select | optional | Which control surface. |
| ip | text | optional | Address to block or inspect. |
| blocked_cidrs | textarea | optional | CIDR blocklist. |
| blocked_asns | textarea | optional | ASN blocklist. |
| blocked_countries | textarea | optional | Country blocklist. |
| lockdown | checkbox | optional | Lockdown mode. |
| honeypot_sensitive | checkbox | optional | Honeypot sensitivity. |
| rate_limit_posture | select | optional | Global rate-limit posture. |
What you get back
Current posture, active blocks, and recent security events.
Worked example
Input
tab = blocklist blocked_cidrs = 198.51.100.0/24 lockdown = off
Output (abridged)
POSTURE UPDATED Blocked CIDRs 1 (198.51.100.0/24) Blocked ASNs 0 Blocked countries 0 Lockdown off Honeypot standard Rate-limit posture normal Effective immediately. CAUTION: country and ASN blocks are blunt. A country block removes legitimate users and a VPN defeats it in one click. Prefer a CIDR or an ASN block scoped to the actual abuse.
How it works
Deterministic. Changes take effect on the next request — there is no cache to wait for.
Limits
Read live from the platform configuration.
| Rate limit | 30 requests / 60s (platform default) |
Limitations — what it does not do
Application-layer defence. It cannot absorb a volumetric DoS that never reaches PHP — that needs an edge WAF/CDN. A country block is easily bypassed with a VPN while permanently excluding real users.
Privacy
Blocklists and security events are stored. Actor identity is pseudonymised in event data.
Standards
NIST CSF (PR.AC, DE.CM)OWASP