Skip to main contentSkip to footer
reportedIP
Developer Documentation ReportedIP REST API & Ecosystem
API v2

Changelog

A complete history of API changes, new features, and deprecations. We follow semantic versioning — major versions may introduce breaking changes.

v2.5.1 May 2026
  • Fixed Quota counters no longer double-charge. POST /report used to bump both the daily check counter and the daily report counter on the same call, eating into the check quota every time a customer reported an IP. /report now charges only the report quota — the check quota is reserved for actual reputation lookups.
  • Fixed POST /bulk-check now charges N against the daily check quota where N is the number of valid IPs in the request (previously +1 regardless of payload size). Calls that would exceed the remaining quota return HTTP 429 without incrementing the counter.
  • Fixed POST /bulk-report now charges N against the daily report quota where N is the number of submitted reports (previously did not increment the report counter at all). Calls that would exceed the remaining quota return HTTP 429 before any report is inserted.
  • Fixed Tier-gated feature endpoints (GET /blacklist, /blacklist-categories, /blacklist-stats, /reports/{ip}, /trends) no longer consume the check quota. They are sold as separate “Threat Feed” / analytics features in the pricing plan and were never supposed to count as checks.
  • Fixed Root-cause idempotency guard. WordPress core invokes the permission_callback twice per request — once during dispatch and a second time from rest_send_allow_header() in the rest_post_dispatch filter to build the Allow: header. This caused every authenticated call to double-charge the check quota. The guard now skips the second increment when the first has already succeeded for the same request.
  • Changed API Reference page now documents the quota cost of every endpoint inline (“Charges +1 against the check quota”, “Charges +N against the report quota”, or “Does not count against any daily quota”). A summary callout at the top of the page lists which endpoints touch which counter.
v2.5.0 May 2026
  • Added bundle_balance, bundle_eligible, inclusive_limit, inclusive_used and inclusive_available fields on /relay-quota, /relay-mail and /relay-sms responses for both Mail and SMS — clients can now render the prepaid bundle saldo next to the inclusive monthly counter.
  • Added Top-level mail_bundle_balance and sms_bundle_balance on /relay-quota. The latter complements the existing field that older Hive clients already read but the service did not populate.
  • Added Public documentation for the 2FA relay endpoints (GET /relay-quota, POST /relay-mail, POST /relay-sms) including auth, parameters, examples and the full HTTP error matrix (401 / 402 / 403 / 429).
  • Changed /relay-quota now exposes the prepaid bundle saldo so the Hive dashboard can render the “+ X credits in your bundle balance” line for both Mail and SMS.
  • Note bundle_balance is a signed integer. Refunded charges produce negative balances which block further sends until a new bundle is purchased — this is the documented Stripe-refund protection (charge.refunded webhook).
v2.4.0 May 2026
  • Added Public pricing page with shortcode [reportedip_pricing]: side-by-side tier comparison, monthly/yearly toggle, in-place Stripe Checkout for upgrades.
  • Added Dashboard hero KPIs: glance-and-go panel showing active plan, API checks today, reports today, and 2FA mail/SMS quotas with progress bars.
  • Added Unified member-area navigation via [reportedip_user_nav] across Dashboard, My Logs, Pricing, Docs and Account pages.
  • Added Cron pipeline self-monitoring: heartbeat job, queue-depth detection (mail/SMS/Stripe/reputation), stuck-lock detector, daily watchdog.
  • Added External cron trigger endpoint POST /v1/cron/tick with bearer-token auth as a bypass when WP-Cron stalls.
v2.3.0 April 2026
  • Added Business tier at 39 € / month (389 € / year): 100,000 API checks/day, 5,000 reports/day, 15 domains, 2,500 included 2FA mails/month, 75 included 2FA SMS/month, white-label setup wizard, WooCommerce integration, GDPR export tool, priority support 12 h SLA.
  • Added Stripe billing integration: subscription checkout for PRO and Business plans, Stripe Customer Portal for plan management, automated invoicing, prepaid SMS bundles (50 / 200 / 500).
  • Added 2FA mail relay: managed SMTP delivery for Hive plugin authentication mails, 500 included for PRO, 2,500 for Business, fair-use unlimited for Enterprise.
  • Added 2FA SMS relay (reportedIP managed relay) with EU-only geo restriction (toll-fraud protection), 25 included for PRO, 75 for Business, prepaid bundles available.
  • Added New REST endpoints under /v2/billing/*: checkout-session, portal-session, subscription, invoices, sms-credits, enterprise-request, reactivate-subscription.
  • Added Enterprise self-service request workflow with custom-pricing checkout via dedicated enterprise_request_id branch.
  • Changed Tier raised limits: PRO is now 25,000 checks/day · 1,000 reports/day · 3 domains (was 25,000 / 1,000 / 1).
v2.2.0 February 2026
  • Changed Hive plugin rebrand: the customer-side WordPress plugin is now ReportedIP Hive (formerly reportedip-client). New repo at github.com/reportedip/reportedip-hive. The text-domain, class prefix and option keys all moved to reportedip-hive.
  • Added Hive 2FA suite: TOTP (authenticator apps), email codes, SMS codes, WebAuthn / passkeys, recovery codes, trusted devices.
  • Added 12-sensor security monitor in Hive (block escalation, geo anomaly, password strength, REST monitor, scan detector, app-password monitor, WooCommerce monitor, hide-login, user enumeration).
  • Added Hive setup wizard (6 steps) with mode selection: Local Shield (offline-only) vs Community Network (sync with reportedip.de).
v2.1.0 November 2025
  • Added Admin endpoints: POST /clear-address for IP record deletion, POST /whitelist for managing trusted IPs.
  • Added GET /statistics authenticated endpoint with per-user usage analytics.
  • Added Threat-categories statistics endpoint and blacklist-stats endpoint with confidence-band breakdowns.
v2.0.0 March 2025
  • Added Public endpoints: /check-public, /search-public, /stats-public, /attack-map-data
  • Added Honeypot integration with confidence bonus for trusted automated reporters
  • Added Bulk check endpoint for Professional+ users (up to 1,000 IPs per request)
  • Added Bulk report endpoint for Enterprise users with CSV format support
  • Added Trend data endpoint with time series analysis
  • Added Detailed reports per IP endpoint for Professional+ users
  • Added Blacklist export in TXT, JSON, and CSV formats
  • Added Rate limit headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
  • Changed Confidence score calculation now includes time dampening with configurable half-life
  • Changed Report aggregation with burst protection (5-minute window for duplicate reports)
  • Deprecated /blacklist-detailed — redirects to /blacklist
  • Deprecated /blacklist-combined — redirects to /blacklist?source=all
  • Deprecated /blacklist-export/git — redirects to /blacklist?format=txt
v1.0.0 January 2025
  • Added Core IP check endpoint (/check)
  • Added IP report endpoint (/report)
  • Added API key authentication system
  • Added Basic blacklist endpoint (/blacklist)
  • Added 30 predefined threat categories with severity levels
  • Added User roles: Free, Contributor, Professional, Enterprise (Business added later in v2.3.0)
  • Added API key verification endpoint (/verify-key)
Security Focused
GDPR Compliant
Made in Germany
Back to Docs