Latest TweetsTheme update! shapeSpace v2.4 shapeSpace.io #WordPress #theme
Perishable Press
Category: Security
Found 138 matching results
Page 1 of 9

How to Block IPs with 6G Firewall

This quick post is aimed at users of the 6G Firewall. The latest 6G update removes the IP-address blocking section to improve firewall compatibility and implementation. So now with the IP section removed, you may be asking “how to block an IP address with 6G?” Well good news, this tutorial explains how to do it. Continue »

Bluehost, Sitelock, SSL, and .htaccess

Apparently, Bluehost partnered with a company called SiteLock sometime last year. Supposedly Sitelock is a “website scanner that proactively checks for malicious threats and vulnerabilities”. I guess the service operates on Bluehost servers, and today they sent a scary email letting me know that “malware was detected” on my Bluehost site. Here’s the thing though. […] Continue »

ALL Security is Security Thru Obscurity

ob·scure /əbˈskyo͝or/ adjective 1. not discovered or known about; uncertain. In the purely literal sense, the concept of obscurity applies to every transaction on the Web. The HTTP request knows not, nor could possibly know, the actual response it will receive from the server. There is only expected response. Online nothing is certain until it […] Continue »

7G Firewall : Log Blocked Requests

This tutorial explains how to log requests that are blocked by the 7G Firewall. This is useful for testing, debugging, and just keeping an eye on things. Learn how to log requests from Apache mod_rewrite and download my custom 7G logging script. It’s a complete example that shows how to log rewrite requests via PHP. […] Continue »

7G Firewall (Beta)

The beta version of 7G Firewall is here! It’s been a long time coming, and now you can help test the next incarnation of the nG Firewall (aka nG Blacklist). The 7G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats […] Continue »

WordPress Error Fix: “Call to undefined function get_header()”

I’m seeing a big increase in bot attacks targeting theme files directly. First they get the URL to your theme directory. There are numerous ways for a bot to get this information. For example most themes include assets like CSS and JavaScript files, and the link includes the full URL. So then once they have […] Continue »

Ultimate Comment Blacklist for WordPress: How to Stop Spam Without Plugins

How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just […] Continue »

Automatic IP Blacklist

Recently a reader going by the name of Rock Star sent me a cool little PHP script that automatically updates your site’s .htaccess with a current list of bad IP addresses. This is useful because it gives you better “real time” protection against attacks and malicious requests. This tutorial shares the code and explains how […] Continue »

Enable PHP fsockopen with CSF

Recently started some sites with Liquid Web hosting, everything going extremely well all around. There was one hiccup (at least for me) where PHP’s fsockopen was not working. At the time, I was trying to figure out why the Whois Lookup feature used by Blackhole Bad Bots was not working. Initial investigation revealed that fsockopen() […] Continue »

Twitter Login Verification Bug

A few days ago, I was unable to log in to my Perishable Twitter account. My login credentials simply did not work. I’ve been successfully logging into Twitter since 2007 with no problems. So it was surprising at first, and then I figured it was some sort of weird Twitter bug. So I began investigating […] Continue »

404 Fix: Block Nuisance Requests for Non-Existent Files

As I’ve written before, blocking nuisance requests can help save you money by cutting down on wasted server resources, memory, and so forth. It also saves you time, as your server access and error logs won’t be full of nuisance request spam. So you will have more resources and time for things that matter, like […] Continue »

1password vs. Dashlane

I was a 1password user for years. Thought it was great, everything I needed without not too much bloat, ads, etc. Then one day 1password locked everyone out. As in can’t log in with the master password. So no access to any passwords, notes or anything. Business shut down. Thought I was hacked. Not a […] Continue »

WordPress and the Blank Target Vulnerability

For those who haven’t yet noticed, WordPress now adds rel=”noopener” attributes for any external links added via the link Quicktag in the Visual/RTE. So if you enable the option, “Open link in a new tab”, WordPress automatically will add the rel noopener attribute to the link. This is to protect against CORS and other exploits […] Continue »

Blocking the “ReallyLongRequest” Bandit

While browsing server logs, I kept seeing these super long request URIs that begin with “YesThisIsAReallyLongRequest…” and then the request string just keeps going for like 1 kilobyte worth of characters. Not just a few times, but many. In other words, somebody is going around and repeatedly hitting servers with gigantic-size requests. Probably to test […] Continue »

Wireless Camera Notes

Momentum Cam Over the years, I’ve gone through quite a few wireless wi-fi security cameras. Not because I am a gadget/new-tech junkie, but because all of the cameras I have tried so far work for awhile and then stop working, or never work properly in the first place. So in an effort to not repeat […] Continue »

New WordPress Plugin: Banhammer!

Banhammer makes monitoring traffic and banning visitors crazy easy and fun. Say your forum is being harassed some dirtbag. Or your admin directory is crawling with bad bots. Or some script kiddie is trying to brute-force your login page. Don’t just sit there and watch it happen.. drop the Banhammer on those fools and block […] Continue »

« Previous Posts 1239