Hi guys this is my first post on wpcult the great site Austin built. Hope you guys find it usefull.
If you run a blog using the wordpress software then your blog is a target to hackers. Below I will list some hacks and just how they can help you keep your business/site safe.
The following is code to Block Bad Queries and protect your blog from malicious URL Requests.
Place the following code into a text file and name it what ever you like for example blockbadqueries.php upload it to your plugin folder and activate it in your wordpress admin just as you would any other Plugin
<?php
/*
Plugin Name: Block Bad Queries
Plugin URI: http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
Description: Protect WordPress Against Malicious URL Requests
Author URI: http://perishablepress.com/
Author: Perishable Press
Version: 1.0
*/
global $user_ID; if($user_ID) {
if(!current_user_can(‘level_10’)) {
if (strlen($_SERVER[‘REQUEST_URI’]) > 255 ||
strpos($_SERVER[‘REQUEST_URI’], “eval(“) ||
strpos($_SERVER[‘REQUEST_URI’], “CONCAT”) ||
strpos($_SERVER[‘REQUEST_URI’], “UNION+SELECT”) ||
strpos($_SERVER[‘REQUEST_URI’], “base64”)) {
@header(“HTTP/1.1 414 Request-URI Too Long”);
@header(“Status: 414 Request-URI Too Long”);
@header(“Connection: Close”);
@exit;
}
}
}
?>
This Great plugin was made by Jeff Starr of Digging into WordPress
Protecting your blog with .htaccess
.htaccess files have lots of possibilities. below is some code that will help protect your wordpress from modification of _REQUEST and/or GLOBALS and scripts injection.
This is real simple just paste the following code into your .htaccess file. Always make a backup of your .htaccess before editing, better to be safe.
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
Thanks to Oussama for this great hack
Using a WordPress theme for a website comes with plenty of advantages. One great feature…
How can you link QR codes to digital content? When a QR code is read…
As a writer, or as a business owner doing some serious blogging, you probably wish…
Is WordPress Easy for Beginners? Yes, WordPress in all fairness is clean for novices to…
With time and innovation, WordPress has undergone a lot of changes and is now completely…
With the recession taking over the majority of economies across the globe, securing your job…
View Comments
I'm having no end of problems with my wordpress blog I think it may have been something I'd done rather that a virus or hack. Will play with it and will let you know if I fix it
nice work, you work a lot on your posts!
nice work, you work a lot on your posts!. carry on
nice work, you work a lot on your posts! i hope want to more good in future
I see this post is old so not sure if this is ganna save. Quick question: was the first script a plugin? Should I follow that link and get a plugin there? And the 2nd, the .htaccess; is that an alternative - just choose one or the other?
And if I use the .htaccess, does it matter where it is in that file ; does it need to be first?
Thanks in advance.
Thanks. I never thought of using the .htaccess in that way. That's extremely helpful!
Thanks for sharing. Nice job
Great first post! Congrats!
Nice tips and trick.
I like this blog.
Welcome to the site.And you are right about hacking.Mow a days hacking is becoming more and more common.