Work

Blocklist Checker WordPress Plugin

HubSpot Private App
Plugin Development
REST API
WordPress

Developed a custom WordPress security plugin for an agency client to prevent banned users from accessing restricted content through form submissions. The plugin integrates with HubSpot CRM to perform real-time validation against a client's banned user database before allowing form access.

Blocklist Checker WordPress Plugin

Client: Digital Agency (Custom WordPress Development)

Role: Full-Stack WordPress Developer

Technologies: PHP, JavaScript, WordPress, HubSpot API, AJAX

Key Features Implemented

Real-Time Validation System

  • Built AJAX-powered validation that checks email addresses and phone numbers against HubSpot contacts in real-time
  • Implemented debounced input validation to optimize API calls and improve user experience
  • Created custom popup modals for banned users with branded messaging and support links

Security & Privacy Architecture

  • Enforced HTTPS requirements with automatic redirects for security compliance
  • Implemented rate limiting with IP hashing to prevent abuse
  • Built secure API key storage using WordPress Settings API with no frontend exposure
  • Added CSRF protection using WordPress nonces and comprehensive input sanitization

Template-Specific Loading

  • Configured plugin to only load on specific WordPress templates
  • Optimized performance by preventing unnecessary script loading on irrelevant pages

Advanced Phone Number Handling

  • Developed multi-format phone number validation supporting various US formats
  • Implemented intelligent phone number parsing and HubSpot API querying across multiple format variations

Administrative Controls

  • Created comprehensive admin settings panel with granular logging controls
  • Implemented separate toggles for debug logging, banned attempt logging, and rate limit logging
  • Built user-friendly configuration interface for HubSpot API integration

Technical Challenges Solved

  • API Rate Management: Designed efficient caching and rate limiting system to balance security with performance
  • Cross-Platform Compatibility: Ensured plugin works across different hosting environments with Cloudflare support
  • User Experience: Created seamless validation that doesn’t disrupt form flow while maintaining security
  • Privacy Compliance: Implemented ephemeral data storage with no long-term user data retention

Results

  • Successfully deployed security solution that prevents unauthorized access while maintaining smooth user experience
  • Reduced client’s support tickets related to banned user access attempts
  • Implemented scalable solution that handles high-traffic scenarios with proper rate limiting
  • Delivered comprehensive documentation and admin controls for easy client management

This project demonstrates expertise in WordPress plugin development, third-party API integration, security best practices, and creating user-friendly administrative interfaces.