Changeset 3357194

Timestamp:

09/06/2025 06:05:09 PM (6 months ago)

Author:

encodedothost

Message:

Update to 1.4.3

Location:

edh-bad-bots/trunk

Files:

• admin/views/admin-display.php (modified) (10 diffs)
• assets/js/admin-script.js (modified) (1 diff)
• edh-bad-bots.php (modified) (7 diffs)
• includes/class-edhbb-admin.php (modified) (3 diffs)
• includes/class-edhbb-blocker.php (modified) (3 diffs)
• includes/class-edhbb-database.php (modified) (9 diffs)
• readme.txt (modified) (14 diffs)

edh-bad-bots/trunk/admin/views/admin-display.php

@@ -6 +6 @@
  * It displays blocked bots, allows whitelisting IPs, and manages unblocking.
  */
+declare(strict_types=1);
 
 if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
@@ -112 +113 @@
             <div class="card edhbb-card">
                 <h2 class="title"><?php esc_html_e( 'Currently Blocked Bots', 'edh-bad-bots' ); ?></h2>
+                
+                <!-- Manual hostname update buttons -->
+                <div style="margin-bottom: 20px;">
+                    <form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display: inline;">
+                        <input type="hidden" name="action" value="edhbb_update_hostnames">
+                        <?php wp_nonce_field( 'edhbb_update_hostnames_nonce' ); ?>
+                        <?php submit_button( __( 'Update Missing Hostnames', 'edh-bad-bots' ), 'secondary', 'submit_update_hostnames', false ); ?>
+                    </form>
+                    
+                    <form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display: inline; margin-left: 10px;">
+                        <input type="hidden" name="action" value="edhbb_force_refresh_all_hostnames">
+                        <?php wp_nonce_field( 'edhbb_force_refresh_all_hostnames_nonce' ); ?>
+                        <?php submit_button( __( 'Force Refresh All Hostnames', 'edh-bad-bots' ), 'secondary', 'submit_force_refresh_all', false ); ?>
+                    </form>
+                    
+                    <p class="description" style="margin-top: 5px;">
+                        <?php esc_html_e( 'Update Missing: Resolves hostnames for IPs that show empty or "[No PTR Record]". Force Refresh: Clears cache and re-resolves ALL hostnames.', 'edh-bad-bots' ); ?>
+                    </p>
+                </div>
+
+                <?php
+                // Display debug information if available and WP_DEBUG is enabled
+                if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
+                    $debug_info = get_transient( 'edhbb_debug_info' );
+                    if ( $debug_info ) :
+                        delete_transient( 'edhbb_debug_info' ); // Delete after displaying
+                ?>
+                    <div class="notice notice-info inline">
+                        <h3><?php esc_html_e( 'Hostname Resolution Debug Info', 'edh-bad-bots' ); ?></h3>
+                        <p><?php esc_html_e( 'The following information was gathered to help debug hostname resolution issues.', 'edh-bad-bots' ); ?></p>
+                        <table class="widefat">
+                            <thead>
+                                <tr>
+                                    <th><?php esc_html_e( 'Function', 'edh-bad-bots' ); ?></th>
+                                    <th><?php esc_html_e( 'Exists?', 'edh-bad-bots' ); ?></th>
+                                    <th><?php esc_html_e( 'Callable?', 'edh-bad-bots' ); ?></th>
+                                    <th><?php esc_html_e( 'Result for 8.8.8.8', 'edh-bad-bots' ); ?></th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                <tr>
+                                    <td><code>gethostbyaddr()</code></td>
+                                    <td><?php echo esc_html( $debug_info['gethostbyaddr']['exists'] ); ?></td>
+                                    <td><?php echo esc_html( $debug_info['gethostbyaddr']['callable'] ); ?></td>
+                                    <td><pre><?php echo esc_html( print_r( $debug_info['gethostbyaddr']['result'], true ) ); // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_print_r -- Debug output only shown when WP_DEBUG is enabled ?></pre></td>
+                                </tr>
+                                <tr>
+                                    <td><code>dns_get_record()</code></td>
+                                    <td><?php echo esc_html( $debug_info['dns_get_record']['exists'] ); ?></td>
+                                    <td><?php echo esc_html( $debug_info['dns_get_record']['callable'] ); ?></td>
+                                    <td><pre><?php echo esc_html( print_r( $debug_info['dns_get_record']['result'], true ) ); // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_print_r -- Debug output only shown when WP_DEBUG is enabled ?></pre></td>
+                                </tr>
+                            </tbody>
+                        </table>
+                    </div>
+                <?php endif;
+                } ?>
+
                 <?php if ( ! empty( $blocked_bots ) ) : ?>
                     <table class="wp-list-table widefat fixed striped">
@@ -117 +176 @@
                             <tr>
                                 <th scope="col"><?php esc_html_e( 'IP Address', 'edh-bad-bots' ); ?></th>
+                                <th scope="col"><?php esc_html_e( 'Hostname', 'edh-bad-bots' ); ?></th>
                                 <th scope="col"><?php esc_html_e( 'Blocked At', 'edh-bad-bots' ); ?></th>
                                 <th scope="col"><?php esc_html_e( 'Expires At', 'edh-bad-bots' ); ?></th>
@@ -126 +186 @@
                                 <tr>
                                     <td><?php echo esc_html( $bot['ip_address'] ); ?></td>
+                                    <td>
+                                        <?php 
+                                        $hostname = esc_html( $bot['hostname'] );
+                                        if ( $hostname === '[No PTR Record]' || empty( $hostname ) ) {
+                                            echo '<em style="color: #666;">[No PTR Record]</em>';
+                                        } else {
+                                            echo esc_html( $hostname );
+                                        }
+                                        ?>
+                                    </td>
                                     <td><?php echo esc_html( date_i18n( get_option( 'date_format' ) . ' ' . get_option( 'time_format' ), strtotime( $bot['blocked_at'] ) ) ); ?></td>
                                     <td><?php echo esc_html( date_i18n( get_option( 'date_format' ) . ' ' . get_option( 'time_format' ), strtotime( $bot['expires_at'] ) ) ); ?></td>
@@ -190 +260 @@
             $path = !empty($site_url_parts['path']) ? $site_url_parts['path'] : '';
             $trap_url = home_url( $path . '/' . $hash . '/' );
+            
+            // Get current block duration setting
+            $current_block_duration = get_option( 'edhbb_block_duration_days', 30 );
             ?>
             <!-- Section for Help Text -->
@@ -195 +268 @@
                 <h2 class="title"><?php esc_html_e( 'How EDH Bad Bots Works', 'edh-bad-bots' ); ?></h2>
                 <p>
-                    <?php esc_html_e( 'This plugin helps protect your site from bots that do not respect the `robots.txt` file.', 'edh-bad-bots' ); ?>
+                    <?php esc_html_e( 'This plugin helps protect your site from bots that do not respect the `robots.txt` file using an advanced honeypot system with intelligent hostname identification.', 'edh-bad-bots' ); ?>
                 </p>
                 <h3><?php esc_html_e( 'The Blocking Process:', 'edh-bad-bots' ); ?></h3>
@@ -212 +285 @@
                     </li>
                     <li>
-                        <?php esc_html_e( 'When a bot hits the trap URL, its IP address is recorded and added to a **blocklist** for 30 days.', 'edh-bad-bots' ); ?>
+                        <?php 
+                        echo sprintf(
+                            /* translators: %d: number of days bots are blocked */
+                            esc_html__( 'When a bot hits the trap URL, its IP address is recorded and added to a blocklist for %d days (configurable in Options).', 'edh-bad-bots' ),
+                            $current_block_duration
+                        ); 
+                        ?>
+                    </li>
+                    <li>
+                        <?php esc_html_e( 'The plugin performs reverse DNS lookups (PTR records) to identify the hostname/organization behind the blocked IP for better analysis.', 'edh-bad-bots' ); ?>
                     </li>
                     <li>
@@ -218 +300 @@
                     </li>
                 </ol>
+
+                <h3><?php esc_html_e( 'Hostname Resolution System:', 'edh-bad-bots' ); ?></h3>
+                <p>
+                    <?php esc_html_e( 'The plugin includes an advanced DNS lookup system to identify blocked bots:', 'edh-bad-bots' ); ?>
+                </p>
+                <ul>
+                    <li>
+                        <strong><?php esc_html_e( 'DNS over HTTPS (DoH):', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Uses secure, encrypted DNS queries via Cloudflare and Google DNS for enhanced privacy and reliability.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'PTR Record Lookups:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Converts IP addresses to hostnames (e.g., "crawl-66-249-66-1.googlebot.com") for better identification of what\'s being blocked.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'Background Processing:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Hostname resolution runs automatically in the background via WordPress cron to avoid delays.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'Manual Updates:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Use the "Update Missing Hostnames" and "Force Refresh All Hostnames" buttons in the Blocked Bots tab for manual control.', 'edh-bad-bots' ); ?>
+                    </li>
+                </ul>
 
                 <h3><?php esc_html_e( 'Managing IPs:', 'edh-bad-bots' ); ?></h3>
@@ -223 +328 @@
                     <li>
                         <strong><?php esc_html_e( 'Whitelisted IPs', 'edh-bad-bots' ); ?></strong>
-                        <?php esc_html_e( 'IP addresses added to the whitelist will **never** be blocked, even if they hit the bot trap. Use this for your own IP address, trusted services, or known legitimate bots.', 'edh-bad-bots' ); ?>
+                        <?php esc_html_e( 'IP addresses added to the whitelist will never be blocked, even if they hit the bot trap. Use this for your own IP address, trusted services, or known legitimate bots.', 'edh-bad-bots' ); ?>
                     </li>
                     <li>
                         <strong><?php esc_html_e( 'Blocked Bots', 'edh-bad-bots' ); ?></strong>
-                        <?php esc_html_e( 'This tab shows all IP addresses currently on the blocklist. IPs are automatically removed after 30 days, but you can manually unblock them here at any time.', 'edh-bad-bots' ); ?>
-                    </li>
-                    <li>
-                        <strong><?php esc_html_e( '.htaccess Blocking Option:', 'edh-bad-bots' ); ?></strong>
-                        <?php esc_html_e( 'On the "Options" tab, you can choose to enable or disable server-level IP blocking via the .htaccess file. If disabled, blocking will rely solely on PHP, which might be less effective with caching plugins.', 'edh-bad-bots' ); ?>
+                        <?php 
+                        echo sprintf(
+                            /* translators: %d: number of days bots are blocked */
+                            esc_html__( 'This tab shows all IP addresses currently on the blocklist with their resolved hostnames. IPs are automatically removed after %d days, but you can manually unblock them here at any time.', 'edh-bad-bots' ),
+                            $current_block_duration
+                        ); 
+                        ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'Options Tab Features:', 'edh-bad-bots' ); ?></strong>
+                        <ul>
+                            <li><?php esc_html_e( '.htaccess Blocking: Enable or disable server-level IP blocking via the .htaccess file. If disabled, blocking will rely solely on PHP, which might be less effective with caching plugins.', 'edh-bad-bots' ); ?></li>
+                            <li><?php esc_html_e( 'Block Duration: Configure how many days to block detected bot IPs (default: 30 days).', 'edh-bad-bots' ); ?></li>
+                        </ul>
                     </li>
                 </ul>
 
+                <h3><?php esc_html_e( 'Admin Tools:', 'edh-bad-bots' ); ?></h3>
+                <ul>
+                    <li>
+                        <strong><?php esc_html_e( 'Update Missing Hostnames:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Resolves hostnames for blocked IPs that show empty or "[No PTR Record]" to help identify what type of bots are being blocked.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'Force Refresh All Hostnames:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Clears the DNS cache and re-resolves hostnames for all blocked IPs. Useful for troubleshooting or getting updated information.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'Debug Information:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'When WP_DEBUG is enabled, diagnostic information about hostname resolution functions is displayed to help troubleshoot issues.', 'edh-bad-bots' ); ?>
+                    </li>
+                </ul>
+
                 <h3><?php esc_html_e( 'Caching Plugin Exclusion:', 'edh-bad-bots' ); ?></h3>
                 <p>
-                    <?php esc_html_e( 'To ensure that the bot trap works correctly, you **must** exclude the following unique URL from your caching plugin. This prevents the trap page from being cached and served to human visitors.', 'edh-bad-bots' ); ?>
+                    <?php esc_html_e( 'To ensure that the bot trap works correctly, you must exclude the following unique URL from your caching plugin. This prevents the trap page from being cached and served to human visitors.', 'edh-bad-bots' ); ?>
                 </p>
                 <p>
@@ -249 +379 @@
                 </p>
 
+                <h3><?php esc_html_e( 'Technical Notes:', 'edh-bad-bots' ); ?></h3>
+                <ul>
+                    <li>
+                        <strong><?php esc_html_e( 'IPv4 and IPv6 Support:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'The hostname resolution system supports both IPv4 and IPv6 addresses for comprehensive coverage.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'DNS Caching:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'Hostname lookups are cached for 1 hour to improve performance and reduce DNS server load.', 'edh-bad-bots' ); ?>
+                    </li>
+                    <li>
+                        <strong><?php esc_html_e( 'Fallback Methods:', 'edh-bad-bots' ); ?></strong>
+                        <?php esc_html_e( 'If DNS over HTTPS fails, the system automatically falls back to traditional DNS methods for maximum compatibility.', 'edh-bad-bots' ); ?>
+                    </li>
+                </ul>
             </div>
         <?php endif; ?>

edh-bad-bots/trunk/assets/js/admin-script.js

@@ +1 @@
+// TODO: Add JavaScript for the admin page to add client side validation for the whitelist IP address field
+// TODO: Add JavaScript for the admin page to add client side validation for the block duration days field
+// TODO: Add JavaScript for the admin page to add client side validation for the .htaccess blocking field
+// TODO: Add JavaScript for the admin page to add client side validation for the enable server-level IP blocking field
+// TODO: Add JavaScript for the admin page to add client side validation for the enable server-level IP blocking field

edh-bad-bots/trunk/edh-bad-bots.php

@@ -4 +4 @@
  * Plugin URI: https://github.com/EncodeDotHost/edh-bad-bots
  * Description: This plugin is used to block bots that don't honor the robots.txt file from the site.
- * Version: 1.4.2
+ * Version: 1.4.3
  * Requires at least: 6.2
  * Requires PHP: 7.4
@@ -17 +17 @@
  * @author EncodeDotHost
  * @contributor nbwpuk
- * @version 1.4.2
+ * @version 1.4.3
  * @link https://github.com/EncodeDotHost/edh-bad-bots
  * @license GPL v3 or later
  */
-
- if(!defined('ABSPATH')) exit;
+declare(strict_types=1);
+
+if(!defined('ABSPATH')) exit;
 
 /**
@@ -30 +31 @@
 define( 'EDHBB_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
 define( 'EDHBB_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
-define( 'EDHBB_VERSION', '1.4.2' );
+define( 'EDHBB_VERSION', '1.4.3' );
 
 /**
@@ -38 +39 @@
  */
 require_once EDHBB_PLUGIN_DIR . 'includes/class-edhbb-database.php';
+require_once EDHBB_PLUGIN_DIR . 'includes/class-edhbb-dnslookup.php';
 require_once EDHBB_PLUGIN_DIR . 'includes/class-edhbb-blocker.php';
 require_once EDHBB_PLUGIN_DIR . 'includes/class-edhbb-admin.php';
@@ -47 +49 @@
 register_activation_hook( __FILE__, 'edhbb_activate_plugin' );
 register_deactivation_hook( __FILE__, 'edhbb_deactivate_plugin' );
+
+/**
+ * Schedule hostname update cron job on activation.
+ */
+add_action( 'edhbb_update_hostnames_cron', 'edhbb_update_missing_hostnames' );
+
+/**
+ * Schedule the cron event if it's not already scheduled.
+ */
+if ( ! wp_next_scheduled( 'edhbb_update_hostnames_cron' ) ) {
+    wp_schedule_event( time(), 'hourly', 'edhbb_update_hostnames_cron' );
+}
 
 /**
@@ -65 +79 @@
  */
 function edhbb_deactivate_plugin() {
+    // Clear the scheduled cron job
+    wp_clear_scheduled_hook( 'edhbb_update_hostnames_cron' );
+    
     // Optionally, you can drop tables here. Be cautious with this as users might want to reactivate.
     // For now, we'll leave it empty to preserve data on deactivation.
@@ -84 +101 @@
 add_action( 'plugins_loaded', 'edhbb_init_plugin' );
 
+/**
+ * Background cron function to update missing hostnames.
+ * This runs periodically to resolve hostnames for blocked IPs that don't have them.
+ */
+function edhbb_update_missing_hostnames() {
+    $edh_database = new EDHBB_Database();
+    $edh_blocker = new EDHBB_Blocker( $edh_database );
+    
+    // Get IPs without hostnames (limit to 5 per run to avoid timeouts)
+    $ips_without_hostnames = $edh_database->get_blocked_ips_without_hostnames( 5 );
+    
+    if ( empty( $ips_without_hostnames ) ) {
+        return; // Nothing to do
+    }
+    
+    // Use reflection to access the private method (since we need the improved hostname resolution)
+    $reflection = new ReflectionClass( $edh_blocker );
+    $hostname_method = $reflection->getMethod( 'get_hostname_for_ip' );
+    $hostname_method->setAccessible( true );
+    
+    foreach ( $ips_without_hostnames as $ip_address ) {
+        // Get hostname using the improved method
+        $hostname = $hostname_method->invoke( $edh_blocker, $ip_address );
+        
+        // Update the database with the resolved hostname (even if empty)
+        $edh_database->update_blocked_bot_hostname( $ip_address, $hostname );
+        
+        // Log successful resolution if debug logging is enabled
+        if ( ! empty( $hostname ) && defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
+            // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log -- Only logs when WP_DEBUG_LOG is enabled
+            error_log( '[EDH Bad Bots] Background hostname resolution: ' . $ip_address . ' -> ' . $hostname );
+        }
+        
+        // Small delay to prevent overwhelming DNS servers
+        usleep( 100000 ); // 100ms delay
+    }
+}
 
 /**

edh-bad-bots/trunk/includes/class-edhbb-admin.php

@@ -6 +6 @@
  * and displaying blocked bots and whitelisted IPs.
  */
+declare(strict_types=1);
 
 if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
@@ -35 +36 @@
         // Handle form submission for plugin options.
         add_action( 'admin_post_edhbb_save_options', array( $this, 'handle_save_options' ) );
+        
+        // Handle manual hostname update trigger.
+        add_action( 'admin_post_edhbb_update_hostnames', array( $this, 'handle_update_hostnames' ) );
+        
+        // Handle force refresh all hostnames trigger.
+        add_action( 'admin_post_edhbb_force_refresh_all_hostnames', array( $this, 'handle_force_refresh_all_hostnames' ) );
     }
 
@@ -318 +325 @@
         exit; // Important: Always exit after a redirect to prevent further script execution.
     }
+
+    /**
+     * Handles the manual hostname update trigger from the admin interface.
+     */
+    public function handle_update_hostnames() {
+        // Verify nonce for security.
+        if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['_wpnonce'] ) ), 'edhbb_update_hostnames_nonce' ) ) {
+            wp_die( esc_html__( 'Security check failed.', 'edh-bad-bots' ) );
+        }
+
+        // Check user capabilities.
+        if ( ! current_user_can( 'manage_options' ) ) {
+            wp_die( esc_html__( 'You do not have sufficient permissions to access this page.', 'edh-bad-bots' ) );
+        }
+
+        // Run the debug function if WP_DEBUG is enabled
+        if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
+            $this->debug_hostname_resolution();
+        }
+
+        // Trigger the hostname update function
+        $updated_count = $this->manual_hostname_update();
+
+        // Add a success message to be displayed on the admin page.
+        add_settings_error(
+            'edhbb_messages',
+            'edhbb_hostnames_updated',
+            sprintf(
+                /* translators: %d: number of updated hostnames */
+                _n( 
+                    'Updated %d hostname.', 
+                    'Updated %d hostnames.', 
+                    $updated_count, 
+                    'edh-bad-bots' 
+                ),
+                $updated_count
+            ),
+            'success'
+        );
+
+        // Redirect back to the admin page, specifically the 'blocked' tab.
+        $redirect_url = admin_url( 'tools.php?page=' . $this->admin_page_slug . '&tab=blocked' );
+        wp_redirect( esc_url_raw( $redirect_url ) );
+        exit;
+    }
+
+    /**
+     * Manually updates hostnames for blocked IPs that don't have them.
+     * 
+     * @return int Number of hostnames updated.
+     */
+    private function manual_hostname_update() {
+        // Get IPs without hostnames (limit to 10 for manual processing)
+        $ips_without_hostnames = $this->db->get_blocked_ips_without_hostnames( 10 );
+        
+        if ( empty( $ips_without_hostnames ) ) {
+            return 0; // Nothing to do
+        }
+        
+        // Create a blocker instance to access the hostname resolution method
+        $blocker = new EDHBB_Blocker( $this->db );
+        
+        // Use reflection to access the private method
+        $reflection = new ReflectionClass( $blocker );
+        $hostname_method = $reflection->getMethod( 'get_hostname_for_ip' );
+        $hostname_method->setAccessible( true );
+        
+        $updated_count = 0;
+        
+        foreach ( $ips_without_hostnames as $ip_address ) {
+            // Use the DNS lookup if available, otherwise fall back to blocker method
+            if ( class_exists( 'EDHBB_DNSLookup' ) ) {
+                $hostname = EDHBB_DNSLookup::get_hostname_for_blocked_ip( $ip_address );
+            } else {
+                // Fallback to the original blocker method
+                $hostname = $hostname_method->invoke( $blocker, $ip_address );
+            }
+            
+            // Update the database with the resolved hostname (even if empty)
+            if ( $this->db->update_blocked_bot_hostname( $ip_address, $hostname ) ) {
+                $updated_count++;
+            }
+        }
+        
+        return $updated_count;
+    }
+
+    /**
+     * Debugs hostname resolution for a sample IP address.
+     */
+    public function debug_hostname_resolution() {
+        $debug_info = array();
+        $ip_to_test = '8.8.8.8'; // A reliable IP for testing
+
+        // Test gethostbyaddr()
+        $debug_info['gethostbyaddr']['exists'] = function_exists( 'gethostbyaddr' ) ? 'Yes' : 'No';
+        $debug_info['gethostbyaddr']['callable'] = is_callable( 'gethostbyaddr' ) ? 'Yes' : 'No';
+        if ( function_exists( 'gethostbyaddr' ) ) {
+            $debug_info['gethostbyaddr']['result'] = gethostbyaddr( $ip_to_test );
+        }
+
+        // Test dns_get_record()
+        $debug_info['dns_get_record']['exists'] = function_exists( 'dns_get_record' ) ? 'Yes' : 'No';
+        $debug_info['dns_get_record']['callable'] = is_callable( 'dns_get_record' ) ? 'Yes' : 'No';
+        if ( function_exists( 'dns_get_record' ) ) {
+            $debug_info['dns_get_record']['result'] = dns_get_record( $ip_to_test, DNS_PTR );
+        }
+
+        set_transient( 'edhbb_debug_info', $debug_info, 60 );
+    }
+
+    /**
+     * Handles the force refresh all hostnames action.
+     */
+    public function handle_force_refresh_all_hostnames() {
+        // Verify nonce for security.
+        if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['_wpnonce'] ) ), 'edhbb_force_refresh_all_hostnames_nonce' ) ) {
+            wp_die( esc_html__( 'Security check failed.', 'edh-bad-bots' ) );
+        }
+
+        // Check user capabilities.
+        if ( ! current_user_can( 'manage_options' ) ) {
+            wp_die( esc_html__( 'You do not have sufficient permissions to access this page.', 'edh-bad-bots' ) );
+        }
+
+        // Clear all DNS caches
+        if ( class_exists( 'EDHBB_DNSLookup' ) ) {
+            // Clear hostname cache
+            global $wpdb;
+            // phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching -- Intentionally clearing transient cache for this plugin, caching not applicable for cache clearing operations
+            $wpdb->query( 
+                $wpdb->prepare( 
+                    "DELETE FROM {$wpdb->options} WHERE option_name LIKE %s", 
+                    $wpdb->esc_like( '_transient_edhbb_hostname_' ) . '%' 
+                ) 
+            );
+            $wpdb->query( 
+                $wpdb->prepare( 
+                    "DELETE FROM {$wpdb->options} WHERE option_name LIKE %s", 
+                    $wpdb->esc_like( '_transient_timeout_edhbb_hostname_' ) . '%' 
+                ) 
+            );
+            // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching
+        }
+
+        // Get ALL blocked IPs (not just ones without hostnames)
+        $all_blocked_ips = $this->db->get_blocked_bots( 0 ); // 0 = no limit
+        $updated_count = 0;
+
+        foreach ( $all_blocked_ips as $bot ) {
+            $ip_address = $bot['ip_address'];
+            
+            // Force new hostname lookup
+            if ( class_exists( 'EDHBB_DNSLookup' ) ) {
+                $hostname = EDHBB_DNSLookup::get_hostname_for_blocked_ip( $ip_address );
+            } else {
+                // Fallback method
+                $blocker = new EDHBB_Blocker( $this->db );
+                $reflection = new ReflectionClass( $blocker );
+                $hostname_method = $reflection->getMethod( 'get_hostname_for_ip' );
+                $hostname_method->setAccessible( true );
+                $hostname = $hostname_method->invoke( $blocker, $ip_address );
+                // Ensure we set a clear indicator for empty results in fallback
+                if ( empty( $hostname ) ) {
+                    $hostname = '[No PTR Record]';
+                }
+            }
+            
+            // Update the database
+            if ( $this->db->update_blocked_bot_hostname( $ip_address, $hostname ) ) {
+                $updated_count++;
+            }
+        }
+
+        // Add success message
+        add_settings_error(
+            'edhbb_messages',
+            'edhbb_force_refresh_completed',
+            sprintf(
+                /* translators: %d: number of updated hostnames */
+                _n( 
+                    'Force refreshed %d hostname (cleared cache and re-resolved all).', 
+                    'Force refreshed %d hostnames (cleared cache and re-resolved all).', 
+                    $updated_count, 
+                    'edh-bad-bots' 
+                ),
+                $updated_count
+            ),
+            'success'
+        );
+
+        // Redirect back to the admin page
+        $redirect_url = admin_url( 'tools.php?page=' . $this->admin_page_slug . '&tab=blocked' );
+        wp_redirect( esc_url_raw( $redirect_url ) );
+        exit;
+    }
 }

edh-bad-bots/trunk/includes/class-edhbb-blocker.php

@@ -5 +5 @@
  * Handles detecting and blocking bad bots that hit the trap URL.
  */
+declare(strict_types=1);
 
 if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
@@ -108 +109 @@
         $current_url = esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) );
         $site_path = wp_parse_url( site_url(), PHP_URL_PATH );
+        
+        // Handle cases where site_path might be null (when URL has no path component)
+        $site_path = $site_path ?? '';
         $expected_trap_path = rtrim( $site_path, '/' ) . '/' . $this->trap_url_hash . '/';
 
@@ -127 +131 @@
 
             // Add the bot to the blocked list.
-            $this->db->add_blocked_bot( $client_ip );
+            $hostname = $this->get_hostname_for_ip($client_ip);
+            $this->db->add_blocked_bot( $client_ip, $hostname );
 
             // Immediately block the request after adding to the blocklist.
             $this->block_request_action( $client_ip, true ); // Pass true to indicate it's a trap hit block
         }
+    }
+
+    /**
+     * Attempts to resolve hostname for an IP address using enhanced DNS lookup.
+     * Uses the new EDHBB_DNSLookup class with DoH support and fallback methods.
+     * 
+     * @param string $ip_address The IP address to resolve.
+     * @return string The hostname if resolved, empty string if failed.
+     */
+    private function get_hostname_for_ip( $ip_address ) {
+        // Validate IP address first
+        if ( ! filter_var( $ip_address, FILTER_VALIDATE_IP ) ) {
+            return '';
+        }
+
+        // Check if the DNSLookup class is available
+        if ( ! class_exists( 'EDHBB_DNSLookup' ) ) {
+            // Fallback to traditional method if class not loaded
+            return $this->traditional_hostname_lookup( $ip_address );
+        }
+
+        // Use the DNS lookup method for blocked IPs
+        return EDHBB_DNSLookup::get_hostname_for_blocked_ip( $ip_address );
+    }
+
+    /**
+     * Traditional hostname lookup method as fallback.
+     * 
+     * @param string $ip_address The IP address to resolve.
+     * @return string The hostname if resolved, empty string if failed.
+     */
+    private function traditional_hostname_lookup( $ip_address ) {
+        // Check if dns_get_record is disabled
+        if ( ! function_exists( 'dns_get_record' ) || ! is_callable( 'dns_get_record' ) ) {
+            if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
+                // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log
+                error_log( '[EDH Bad Bots] Hostname lookup failed: dns_get_record() is disabled.' );
+            }
+            return '';
+        }
+
+        $hostname = '';
+        
+        try {
+            // Perform a reverse DNS lookup (PTR record)
+            $ptr_records = @dns_get_record( $ip_address, DNS_PTR );
+
+            if ( $ptr_records && ! empty( $ptr_records[0]['target'] ) ) {
+                $resolved = $ptr_records[0]['target'];
+                
+                // Validate the resolved hostname
+                if ( filter_var( $resolved, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME ) || 
+                     preg_match( '/^[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?)*$/', $resolved ) ) {
+                    $hostname = $resolved;
+                }
+            }
+        } catch ( Exception $e ) {
+            // Log the error if debug logging is enabled
+            if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
+                // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log -- Only logs when WP_DEBUG_LOG is enabled
+                error_log( '[EDH Bad Bots] Hostname lookup failed for IP ' . $ip_address . ': ' . $e->getMessage() );
+            }
+        }
+
+        return $hostname;
     }
 

edh-bad-bots/trunk/includes/class-edhbb-database.php

@@ -5 +5 @@
  * Handles all database interactions for storing blocked bots and whitelisted IPs.
  */
+declare(strict_types=1);
 
 if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
@@ -67 +68 @@
          * - id: Primary key.
          * - ip_address: The IP address of the blocked bot.
+         * - hostname: The hostname of the blocked bot.
          * - blocked_at: Timestamp when the bot was blocked.
          * - expires_at: Timestamp when the block will expire (30 days after blocked_at).
@@ -72 +74 @@
         // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
         $sql_blocked_bots = $this->wpdb->prepare(
-            "CREATE TABLE IF NOT EXISTS %i (
+            "CREATE TABLE %i (
                 id bigint(20) NOT NULL AUTO_INCREMENT,
                 ip_address varchar(45) NOT NULL,
+                hostname varchar(255) DEFAULT NULL,
                 blocked_at datetime NOT NULL,
                 expires_at datetime NOT NULL,
@@ -93 +96 @@
         // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
         $sql_whitelisted_ips = $this->wpdb->prepare(
-            "CREATE TABLE IF NOT EXISTS %i (
+            "CREATE TABLE %i (
                 id bigint(20) NOT NULL AUTO_INCREMENT,
                 ip_address varchar(45) NOT NULL,
@@ -108 +111 @@
         dbDelta( $sql_whitelisted_ips );
 
+        // Run database migrations for existing installations
+        $this->migrate_database();
+
         // Ensure .htaccess rules are up-to-date on activation, respecting the option flag
         $this->update_htaccess_block_rules();
+    }
+
+    /**
+     * Handles database migrations for existing installations.
+     * Adds missing columns to existing tables.
+     */
+    private function migrate_database() {
+        // Check if hostname column exists in blocked_bots table
+        // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- INFORMATION_SCHEMA queries require literal DB_NAME constant and table names
+        $column_exists = $this->wpdb->get_results(
+            $this->wpdb->prepare(
+                "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS 
+                 WHERE TABLE_SCHEMA = %s AND TABLE_NAME = %s AND COLUMN_NAME = 'hostname'",
+                DB_NAME,
+                $this->blocked_bots_table_name
+            )
+        );
+        // phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
+
+        // If hostname column doesn't exist, add it
+        if ( empty( $column_exists ) ) {
+            // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
+            $result = $this->wpdb->query(
+                $this->wpdb->prepare(
+                    "ALTER TABLE %i ADD COLUMN hostname varchar(255) DEFAULT NULL AFTER ip_address",
+                    $this->blocked_bots_table_name
+                )
+            );
+            // phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
+
+            // Log any errors if WP_DEBUG_LOG is enabled
+            if ( $result === false && defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
+                // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log -- Only logs when WP_DEBUG_LOG is enabled
+                error_log( '[EDH Bad Bots] Failed to add hostname column to blocked_bots table. Error: ' . $this->wpdb->last_error );
+            }
+        }
+    }
+
+    /**
+     * Public method to trigger database migrations manually.
+     * This can be called from admin interfaces or other parts of the plugin.
+     * 
+     * @return bool True if migration was successful or not needed, false on failure.
+     */
+    public function run_migrations() {
+        $this->migrate_database();
+        return true;
+    }
+
+    /**
+     * Checks if a column exists in a given table.
+     * 
+     * @param string $table_name The name of the table to check.
+     * @param string $column_name The name of the column to check.
+     * @return bool True if the column exists, false otherwise.
+     */
+    private function column_exists( $table_name, $column_name ) {
+        // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- INFORMATION_SCHEMA queries require literal DB_NAME constant and table names
+        $column_exists = $this->wpdb->get_results(
+            $this->wpdb->prepare(
+                "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS 
+                 WHERE TABLE_SCHEMA = %s AND TABLE_NAME = %s AND COLUMN_NAME = %s",
+                DB_NAME,
+                $table_name,
+                $column_name
+            )
+        );
+        // phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
+
+        return ! empty( $column_exists );
     }
 
@@ -131 +207 @@
      *
      * @param string $ip_address The IP address to block.
+     * @param string $hostname The hostname of the blocked bot.
      * @return bool True on success, false on failure.
      */
-    public function add_blocked_bot( $ip_address ) {
+    public function add_blocked_bot( $ip_address, $hostname = '' ) {
         // Clean up old entries before adding a new one to keep the table lean.
         $this->clean_old_blocked_bots();
@@ -142 +219 @@
         $expires_at = gmdate( 'Y-m-d H:i:s', $expires_timestamp );
 
+        // Check if hostname column exists to determine the query format
+        $hostname_exists = $this->column_exists( $this->blocked_bots_table_name, 'hostname' );
+
         // Insert the IP address into the blocked bots table.
         // Using `INSERT IGNORE` to prevent errors if the IP is already present due to the UNIQUE KEY constraint.
         // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
-        $result = $this->wpdb->query(
-            $this->wpdb->prepare(
-                "INSERT IGNORE INTO %i (ip_address, blocked_at, expires_at) VALUES (%s, %s, %s)",
-                $this->blocked_bots_table_name,
-                $ip_address,
-                $current_time,
-                $expires_at
-            )
-        );
+        if ( $hostname_exists ) {
+            $result = $this->wpdb->query(
+                $this->wpdb->prepare(
+                    "INSERT IGNORE INTO %i (ip_address, hostname, blocked_at, expires_at) VALUES (%s, %s, %s, %s)",
+                    $this->blocked_bots_table_name,
+                    $ip_address,
+                    $hostname,
+                    $current_time,
+                    $expires_at
+                )
+            );
+        } else {
+            // Fallback for tables without hostname column
+            $result = $this->wpdb->query(
+                $this->wpdb->prepare(
+                    "INSERT IGNORE INTO %i (ip_address, blocked_at, expires_at) VALUES (%s, %s, %s)",
+                    $this->blocked_bots_table_name,
+                    $ip_address,
+                    $current_time,
+                    $expires_at
+                )
+            );
+        }
         // phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
 
@@ -194 +288 @@
         $this->clean_old_blocked_bots(); // Ensure only current blocks are considered.
 
-        // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
-        $sql = "SELECT id, ip_address, blocked_at, expires_at FROM %i WHERE expires_at > %s ORDER BY blocked_at DESC";
+        // Check if hostname column exists to avoid SQL errors
+        $hostname_exists = $this->column_exists( $this->blocked_bots_table_name, 'hostname' );
+        $select_fields = $hostname_exists ? 
+            "id, ip_address, hostname, blocked_at, expires_at" : 
+            "id, ip_address, '' as hostname, blocked_at, expires_at";
+
+        // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
+        $sql = "SELECT {$select_fields} FROM %i WHERE expires_at > %s ORDER BY blocked_at DESC";
         $sql_params = array( $this->blocked_bots_table_name, current_time( 'mysql' ) );
 
@@ -320 +420 @@
 
         return ( $result > 0 );
+    }
+
+    /**
+     * Updates hostname for a specific blocked IP address.
+     *
+     * @param string $ip_address The IP address to update.
+     * @param string $hostname The hostname to set.
+     * @return bool True on success, false on failure.
+     */
+    public function update_blocked_bot_hostname( $ip_address, $hostname ) {
+        // Check if hostname column exists
+        if ( ! $this->column_exists( $this->blocked_bots_table_name, 'hostname' ) ) {
+            return false; // Cannot update if column doesn't exist
+        }
+
+        // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
+        $result = $this->wpdb->update(
+            $this->blocked_bots_table_name,
+            array( 'hostname' => $hostname ),
+            array( 'ip_address' => $ip_address ),
+            array( '%s' ),
+            array( '%s' )
+        );
+        // phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
+
+        return $result !== false;
+    }
+
+    /**
+     * Gets blocked IPs that have empty or null hostnames for background processing.
+     *
+     * @param int $limit Maximum number of IPs to return.
+     * @return array Array of IP addresses that need hostname resolution.
+     */
+    public function get_blocked_ips_without_hostnames( $limit = 10 ) {
+        // Check if hostname column exists
+        if ( ! $this->column_exists( $this->blocked_bots_table_name, 'hostname' ) ) {
+            return array(); // Return empty array if column doesn't exist
+        }
+
+        // phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- %i placeholder is valid since WordPress 6.2
+        $results = $this->wpdb->get_results(
+            $this->wpdb->prepare(
+                "SELECT ip_address FROM %i WHERE (hostname IS NULL OR hostname = '' OR hostname = '[No PTR Record]') AND expires_at > %s LIMIT %d",
+                $this->blocked_bots_table_name,
+                current_time( 'mysql' ),
+                $limit
+            ),
+            ARRAY_A
+        );
+        // phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
+
+        return wp_list_pluck( $results, 'ip_address' );
     }
 

edh-bad-bots/trunk/readme.txt

@@ -1 +1 @@
 === EDH Bad Bots ===
 Contributors: EncodeDotHost, nbwpuk
-Tags: Security, Bots
+Tags: Security, Bots, DNS, PTR, Hostname
 Requires at least: 6.2
 Tested up to: 6.8
-Stable tag: 1.4.2
+Stable tag: 1.4.3
 Requires PHP: 7.4
 License: GPLv2 or later
@@ -18 +18 @@
 
 - **Automatic Bot Detection**: Identifies bad bots using a hidden trap URL technique
-- **Smart Blocking System**: Blocks misbehaving bots for 30 days automatically
+- **Smart Blocking System**: Blocks misbehaving bots with configurable duration (default 30 days)
+- **Advanced DNS Resolution**: PTR record lookups with DNS over HTTPS (DoH) support for hostname identification
 - **Dual-Level Blocking**: Server-level `.htaccess` blocking AND PHP-level blocking for maximum effectiveness
 - **Configurable Blocking Methods**: Choose between `.htaccess` blocking (Apache) or PHP-only blocking (Nginx compatible)
 - **IP Whitelist Management**: Protect trusted IPs from ever being blocked
-- **Clean Admin Interface**: Easy-to-use dashboard with tabbed navigation
+- **Enhanced Admin Interface**: Clean dashboard with hostname display, manual hostname updates, and debug tools
+- **Background Processing**: Automated hostname resolution via WordPress cron jobs
 - **Zero False Positives**: Legitimate search engine bots that follow robots.txt rules are never affected
 - **Database Optimization**: Automatic cleanup of expired blocks to maintain performance
@@ -35 +37 @@
 3. **Hidden Link Placement**: Places an invisible link to the trap URL in your site's footer
 4. **Bot Detection**: When bad bots ignore robots.txt and follow the hidden link, they're identified
-5. **Automatic Blocking**: Detected bot IPs are blocked for 30 days with immediate effect
-6. **Legitimate Bot Protection**: Good bots (like Googlebot) respect robots.txt and never trigger the trap
+5. **Automatic Blocking**: Detected bot IPs are blocked with configurable duration and immediate effect
+6. **Hostname Resolution**: PTR record lookups identify the hostname/organization behind blocked IPs
+7. **Legitimate Bot Protection**: Good bots (like Googlebot) respect robots.txt and never trigger the trap
 
 ## Installation
@@ -57 +60 @@
 
 #### Blocked Bots Tab
-- View all currently blocked IP addresses
+- View all currently blocked IP addresses with hostnames
 - See when each IP was blocked and when the block expires
+- Manually update missing hostnames for better identification
+- Force refresh all hostnames to clear cache and re-resolve
+- Debug hostname resolution issues (when WP_DEBUG is enabled)
 - Manually unblock IPs if needed
 
 #### Options Tab
 - **`.htaccess Blocking`**: Enable/disable server-level IP blocking via `.htaccess` file
+- **Block Duration**: Configure how many days to block detected bots
 - Configure blocking method based on your server setup (Apache vs Nginx)
 - Server-level blocking bypasses caching for immediate effect
@@ -70 +77 @@
 - Best practices for managing IPs
 - Information about `.htaccess` blocking options
+- Unique trap URL for caching plugin exclusion
 
 ### Requirements
 
-- WordPress 5.0 or higher
+- WordPress 6.2 or higher
 - PHP 7.4 or higher
 - MySQL 5.6 or higher
@@ -85 +93 @@
 The plugin creates two custom database tables:
 
-- `wp_edhbb_blocked_bots`: Stores blocked IP addresses with expiration dates
+- `wp_edhbb_blocked_bots`: Stores blocked IP addresses with expiration dates and hostnames
 - `wp_edhbb_whitelisted_ips`: Stores permanently whitelisted IP addresses
+
+### DNS Resolution System
+
+The plugin includes an advanced DNS lookup system:
+
+#### DNS over HTTPS (DoH) Support
+- **Primary providers**: Cloudflare DNS, Google DNS
+- **Secure queries**: HTTPS-encrypted DNS requests for enhanced privacy
+- **Fallback system**: Automatic fallback to traditional DNS methods
+
+#### PTR Record Lookups
+- **Reverse DNS**: Converts IP addresses to hostnames for better identification
+- **IPv4 and IPv6 support**: Full support for both IP versions
+- **Caching**: Results cached for 1 hour to improve performance
+- **Background processing**: Automated hostname resolution via WordPress cron
 
 ### Blocking Methods
@@ -122 +145 @@
 - **Server-Level Blocking**: `.htaccess` blocking prevents blocked requests from reaching PHP
 - **Whitelist Filtering**: Whitelisted IPs are excluded from `.htaccess` rules automatically
+- **DNS Caching**: Hostname lookups cached to reduce DNS query overhead
+- **Background Processing**: Hostname resolution runs in background to avoid delays
 
 ## API Hooks
@@ -131 +156 @@
 - `wp_footer`: Hidden link injection
 - `admin_menu`: Admin page registration
+- `edhbb_update_hostnames_cron`: Background hostname resolution
 
 ### Filters
@@ -148 +174 @@
 │       └── admin-script.js      # Admin page JavaScript
 ├── includes/
-│   ├── class-edh-admin.php      # Admin functionality
-│   ├── class-edh-blocker.php    # Bot detection and blocking
-│   └── class-edh-database.php   # Database operations
-├── changelog.txt
+│   ├── class-edhbb-admin.php    # Admin functionality
+│   ├── class-edhbb-blocker.php  # Bot detection and blocking
+│   ├── class-edhbb-database.php # Database operations
+│   └── class-edhbb-dnslookup.php # DNS/PTR lookup system
 ├── edh-bad-bots.php            # Main plugin file
 ├── LICENSE
-└── README.md
+└── readme.txt
 ```
 
 ## Screenshots
 1. Allow list management
-2. Block list management
-3. Options Page
+2. Block list management with hostname display
+3. Options Page with configurable settings
 
 ## Contributing
@@ -174 +200 @@
 ## Changelog
 
+### Version 1.4.3
+- **New**: Advanced DNS lookup system with DNS over HTTPS (DoH) support
+- **New**: PTR record resolution for hostname identification of blocked IPs
+- **New**: Background hostname resolution via WordPress cron jobs
+- **New**: Manual hostname update buttons in admin interface
+- **New**: Force refresh all hostnames feature with cache clearing
+- **New**: Configurable block duration (days) in Options tab
+- **New**: Enhanced admin interface with hostname display in blocked bots table
+- **New**: Debug information panel for hostname resolution troubleshooting
+- **New**: Support for both IPv4 and IPv6 PTR lookups
+- **Enhancement**: Improved blocked bots table with hostname column
+- **Enhancement**: Better identification of blocked bots through hostname resolution
+- **Enhancement**: Automatic database migration system for hostname column
+- **Enhancement**: Fallback DNS resolution methods for better compatibility
+- **Enhancement**: DNS query caching for improved performance
+- **Fix**: Updated queries to gracefully handle missing columns during migration
+- **Fix**: Added backward compatibility for existing installations
+- **Fix**: Improved error handling and logging for database migrations
+
 ### Version 1.4.2
- - Fixed Internal.LineEndings.Mixed in class-edhbb-blocker.php
+- Fixed Internal.LineEndings.Mixed in class-edhbb-blocker.php
 
 ### Version 1.4.1
- - Fixed blank admin page
+- Fixed blank admin page
 
 ### Version 1.4.0
@@ -186 +231 @@
 
 ### Version 1.3.0
- - Bringing up to WordPress coding standards
+- Bringing up to WordPress coding standards
 
 ### Version 1.2.3
- - Added instructions to the "Help" tab for excluding the unique trap URL from caching plugins.
-
+- Added instructions to the "Help" tab for excluding the unique trap URL from caching plugins.
 
 ### Version 1.2.2
@@ -261 +305 @@
 
 ### How long are bots blocked for?
-Bots are automatically blocked for 30 days. You can manually unblock them earlier if needed.
+Bots are blocked for a configurable duration (default 30 days) that you can adjust in the Options tab. You can manually unblock them earlier if needed.
 
 ### Can I protect my own IP address?
@@ -269 +313 @@
 `.htaccess` blocking (default) blocks bots at the server level before WordPress loads, making it faster and more effective. PHP blocking works during WordPress initialization and is compatible with Nginx servers.
 
+### What is hostname resolution and why is it useful?
+The plugin performs PTR record lookups to identify the hostname/organization behind blocked IP addresses. This helps you understand what types of bots are being blocked (e.g., "crawl-66-249-66-1.googlebot.com" vs unknown IPs) for better analysis and decision-making.
+
+### How does the DNS over HTTPS feature work?
+The plugin uses secure HTTPS-encrypted DNS queries via providers like Cloudflare and Google DNS for enhanced privacy and reliability when resolving hostnames. It automatically falls back to traditional DNS methods if DoH is unavailable.
+
 ### Does this affect site performance?
-The plugin is designed for minimal performance impact. Server-level `.htaccess` blocking actually improves performance by stopping blocked requests before they reach PHP. Database operations are optimized with automatic cleanup.
+The plugin is designed for minimal performance impact. Server-level `.htaccess` blocking actually improves performance by stopping blocked requests before they reach PHP. DNS lookups are cached and processed in the background to avoid delays.
 
 ### Will this work with caching plugins?
@@ -280 +330 @@
 ### Is it safe for my .htaccess file?
 Yes! The plugin uses unique markers (`# BEGIN EDH Bad Bots Block` / `# END EDH Bad Bots Block`) to safely manage its rules without affecting other configurations. Rules are automatically removed on deactivation.
+
+### Can I manually update hostnames for blocked IPs?
+Yes! In the "Blocked Bots" tab, you can use the "Update Missing Hostnames" button to resolve hostnames for IPs that don't have them, or "Force Refresh All Hostnames" to clear the cache and re-resolve all hostnames.