Hi guys this is my first post on wpcult the great site Austin built. Hope you guys find it usefull.
If you run a blog using the wordpress software then your blog is a target to hackers. Below I will list some hacks and just how they can help you keep your business/site safe.
The following is code to Block Bad Queries and protect your blog from malicious URL Requests.
Place the following code into a text file and name it what ever you like for example blockbadqueries.php upload it to your plugin folder and activate it in your wordpress admin just as you would any other Plugin
<?php
/*
Plugin Name: Block Bad Queries
Plugin URI: http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
Description: Protect WordPress Against Malicious URL Requests
Author URI: http://perishablepress.com/
Author: Perishable Press
Version: 1.0
*/
global $user_ID; if($user_ID) {
if(!current_user_can(‘level_10’)) {
if (strlen($_SERVER[‘REQUEST_URI’]) > 255 ||
strpos($_SERVER[‘REQUEST_URI’], “eval(“) ||
strpos($_SERVER[‘REQUEST_URI’], “CONCAT”) ||
strpos($_SERVER[‘REQUEST_URI’], “UNION+SELECT”) ||
strpos($_SERVER[‘REQUEST_URI’], “base64”)) {
@header(“HTTP/1.1 414 Request-URI Too Long”);
@header(“Status: 414 Request-URI Too Long”);
@header(“Connection: Close”);
@exit;
}
}
}
?>
This Great plugin was made by Jeff Starr of Digging into WordPress
Protecting your blog with .htaccess
.htaccess files have lots of possibilities. below is some code that will help protect your wordpress from modification of _REQUEST and/or GLOBALS and scripts injection.
This is real simple just paste the following code into your .htaccess file. Always make a backup of your .htaccess before editing, better to be safe.
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
Thanks to Oussama for this great hack
The market for wireless sensor networks is growing rapidly, but it’s still somewhat restricted by…
Pinterest is an electronic scrapbooking website that was specifically created for people to post up…
Would you like a recipe, if it…
Pinterest is a social media website where users share their favorite images from around the…
Having a web presence is extremely important when it comes to marketing your business, and…
Chances are you have a Facebook and Twitter account, but what about LinkedIn? Do you…
View Comments
I'm having no end of problems with my wordpress blog I think it may have been something I'd done rather that a virus or hack. Will play with it and will let you know if I fix it
nice work, you work a lot on your posts!
nice work, you work a lot on your posts!. carry on
nice work, you work a lot on your posts! i hope want to more good in future
I see this post is old so not sure if this is ganna save. Quick question: was the first script a plugin? Should I follow that link and get a plugin there? And the 2nd, the .htaccess; is that an alternative - just choose one or the other?
And if I use the .htaccess, does it matter where it is in that file ; does it need to be first?
Thanks in advance.
Thanks. I never thought of using the .htaccess in that way. That's extremely helpful!
Thanks for sharing. Nice job
Great first post! Congrats!
Nice tips and trick.
I like this blog.
Welcome to the site.And you are right about hacking.Mow a days hacking is becoming more and more common.