Save 10% on our Pro WordPress plugins with discount code: 10PERCENT
Web Dev + WordPress + Security
142 posts related to: 6G Firewall Beta

Cleaning Up Google Search Results

[ Drawing: Abstract Entity Pursuing Clean Search Results ]

This post is about how I cleaned up an incorrect URL in the Google search results. My business site is basically a one-page portfolio site, located at the URL https://monzillamedia.com/. But in the Google search results, the URL was showing as https://monzilla.biz/, which did not exist. So all potential customers were getting an error page. Fortunately I was able to re-acquire the monzilla.biz domain and redirect all traffic to monzillamedia.com. Continue reading »

Automatic IP Blacklist

[ Automatic IP Blacklist ]

Recently a reader going by the name of Rock Star sent me a cool little PHP script that automatically updates your site’s .htaccess with a current list of bad IP addresses. This is useful because it gives you better “real time” protection against attacks and malicious requests. This tutorial shares the code and explains how to implement in two easy steps. Continue reading »

Enable PHP fsockopen with CSF

[ Mr. PHP fsockopen CSF ]

Recently started some sites with Liquid Web hosting, everything going extremely well all around. There was one hiccup (at least for me) where PHP’s fsockopen was not working. At the time, I was trying to figure out why the Whois Lookup feature used by Blackhole Bad Bots was not working. Initial investigation revealed that fsockopen() external HTTP requests were getting blocked somewhere. Everything else worked, including making the requests via cURL. Continue reading »

Difference between mod_alias and mod_rewrite

Most of the redirect techniques provided in my stupid .htaccess tricks article all use Apache’s alias module, mod_alias. You can also use mod_rewrite to redirect URLs. The main difference is that, with mod_alias, the server is responding to the client request with a redirect, so the client immediately is sent to the new location. Conversely, with mod_rewrite, the server simply returns the new content, so the client is not actually redirected anywhere. This makes mod_rewrite more advantageous because it happens […] Continue reading »

404 Fix: Block Nuisance Requests for Non-Existent Files

[ Han Solo shutting up C-3PO in Empire Strikes Back ]

As I’ve written before, blocking nuisance requests can help save you money by cutting down on wasted server resources, memory, and so forth. It also saves you time, as your server access and error logs won’t be full of nuisance request spam. So you will have more resources and time for things that matter, like running your business, helping customers, improving code, etc. So to continue the proud tradition of blocking malicious traffic, this post builds upon previous blocking techniques […] Continue reading »

Blocking the “ReallyLongRequest” Bandit

[ Sneaky Bandit ]

While browsing server logs, I kept seeing these super long request URIs that begin with “YesThisIsAReallyLongRequest…” and then the request string just keeps going for like 1 kilobyte worth of characters. Not just a few times, but many. In other words, somebody is going around and repeatedly hitting servers with gigantic-size requests. Probably to test server response using other people’s servers. Ummm, yeah kinda malicious. So I did some research and then blocked the “ReallyLongRequest” Bandit. Continue reading »

Blackhole for Bad Bots – Quick Start

[ Black Hole (Figurative) ]

Welcome to the Quick Start Guide for the standalone PHP version of Blackhole for Bad Bots. This post basically is a condensed summary of the original Blackhole tutorial. So if you are new to the concept of blocking bad bots, check out the original tutorial. Otherwise, for those that are familiar, the following guide should simplify things and help you get started with Blackhole as quickly as possible. Continue reading »

Redirect Query String via .htaccess

In general, redirecting URLs is a piece of cake with Apache’s .htaccess. The only trick is redirecting based on the URL’s query-string value. Doing so requires slightly different directives that many people are not aware of, so it’s common to see a questions like, “why isn’t my redirect working for query strings?” This quick tutorial aims to clear up any confusion and explains how to redirect any URL based on its query string. Continue reading »

How to Redirect URLs

Want to redirect a URL from one location to another? This simple guide shows you how to do it with Apache/.htaccess, PHP, JavaScript, HTML, and more. Each redirect technique is briefly explained and includes ready-to-go, copy-&-paste examples. Just grab the code you need and use it in good health. May the redirects be with you! Continue reading »

Detect Attacks with PHP and .htaccess

This tutorial explains how to detect and block security threats via .htaccess, and then pass that information to a PHP script for further processing. This is a powerful technique that combines the power of Apache with the flexibility of PHP. Enabling you to do things like log all unwanted traffic, send email reports for blocked requests, create a UI to display logged data, and just about anything else you can imagine. It’s an excellent way to keep a close eye […] Continue reading »

Block Greasy Uploads Scanner

Whether you’re running WordPress or not, your site may be getting hit by endless scanning for your site’s uploaded files and similar nonexistent resources. Specifically, the “Greasy Uploads Scanner” endlessly scans sites for nonexistent resources in the /uploads/ directory, even if the directory itself doesn’t exist. Just mindless scanning for all sorts of weird files. It steals your server resources and threatens your site security. We hates them. And we wants to block them. Continue reading »

How to Block Bad Bots

Suffering from spammers, content scrapers, bandwidth leeches, and other bad bots? Got some loser stalking your chat forum? Site getting scanned by endless malicious requests? In this tutorial, you’ll learn how to block bad bots and users with minimal effort. Keeping the trash away from your site is gonna free up valuable server resources, conserve bandwidth, and improve the overall security and quality of your site. Continue reading »

WordPress .htaccess file

[ WordPress .htaccess file ]

The WordPress core uses .htaccess for two things: Permalinks and Multisite. This means that .htaccess is only required if you have enabled either of these features. Otherwise, .htaccess is entirely optional for default WordPress installations. Beyond the WP core, many plugins also use the .htaccess file for custom directives involving rewrites, redirects, custom headers, file compression, and much more. In many cases, such plugins add their .htaccess rules to your .htaccess file automatically, behind the scenes. Continue reading »

Block Proxy Visits with PHP

[ Block Proxy Visits with PHP ]

I wrote recently about how to block proxy visits with WordPress. That article provides a simple, plug-&-play script that you can drop into WordPress-powered site. This article goes further with two effective techniques for blocking proxy visits to your site using only a few lines of PHP. These techniques work for any PHP-enabled site, including WordPress, Drupal, Joomla, and many others. And they’re both easy to implement. Just a few minutes and your site can be relatively free of most […] Continue reading »

Worst IPs: 2016 Edition

[ Worst IPs: 2016 Edition ]

A little late this year, but following tradition here is my list of the absolute worst IP addresses from 2016. All in nice numerical order for easy crunching. These IPs are associated with all sorts of malicious activity, including exploit scanning, email harvesting, brute-force login attacks, referrer spam, and everything in between. Really obnoxious stuff that degrades your site’s performance and potentially threatens security. Continue reading »

.htaccess Cleanup

Once again I am cleaning up my sites’ .htaccess files. I do this from time to time to remove old redirects, refresh blacklists, and update security and SEO-related directives. It’s tedious work, but the performance and security benefits make it all worthwhile. This post shares some of the techniques that were added, removed, or replaced from .htaccess, and explains the reasoning behind each decision. I do this for the sake of reference, and hopefully it will give you some ideas […] Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
BBQ Pro: The fastest firewall to protect your WordPress.
Thoughts
W3C.org has a very thorough list of accessibility tools.
The more you wake up, the more you realize you are still asleep.
7G Firewall v1.4 now available!
I would pay twice as much for a shorter/smaller/lighter phone.
Taking a much needed break in August :)
The Web was better before social media.
WP 5.8 Gutenberg/Block Widgets is breaking many sites. Fortunately Disable Gutenberg makes it easy to restore Classic Widgets with a click.
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.