Save 25% on Wizard’s SQL for WP w/ code: WIZARDSQL
Web Dev + WordPress + Security
148 posts related to: Block Greasy Uploads Scanner

How to Block IPs with 6G Firewall

This quick post is aimed at users of the 6G Firewall. The latest 6G update removes the IP-address blocking section to improve firewall compatibility and implementation. So now with the IP section removed, you may be asking “how to block an IP address with 6G?” Well good news, this tutorial explains how to do it. Continue reading »

.htaccess Redirect Examples

Finally put together a giant list of .htaccess redirect examples. It’s meant as a quick copy-&-paste resource for those who may be looking for an assortment of redirect techniques. Here you will find redirects via mod_alias and mod_rewrite. Examples include redirecting to and from any directory, subdirectory, resource, URL, and much more. Most of these examples are taken from my previous article, Stupid htaccess Tricks; other examples are taken from previous .htaccess tutorials here at Perishable Press. Enjoy! :) Continue reading »

ALL Security is Security Thru Obscurity

[ Stormtroopers Keeping Things Secure. ]

obĀ·scure adjective 1. not discovered or known about; uncertain. In the purely literal sense, the concept of obscurity applies to every transaction on the Web. The HTTP request knows not, nor could possibly know, the actual response it will receive from the server. There is only expected response. Online nothing is certain until it is. Continue reading »

7G Firewall : Log Blocked Requests

[ 7G Firewall (Beta) ]

This tutorial explains how to log requests that are blocked by the 7G Firewall. This is useful for testing, debugging, and just keeping an eye on things. Learn how to log requests from Apache mod_rewrite and download my custom 7G logging script. It’s a complete example that shows how to log rewrite requests via PHP. All open source and free :) Continue reading »

7G Firewall

[ 7G Firewall (Beta) ]

The 7G Firewall is here! 7G is now out of beta and ready for production sites. So you can benefit from the powerful protection of the latest nG Firewall (aka nG Blacklist). The 7G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. Continue reading »

Ultimate Comment Blacklist for WordPress: How to Stop Spam Without Plugins

[ WordPress Ultimate Comment Blacklist ]

How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just wanna “get ’er done”, although each active plugin requires additional maintenance and server resources. Continue reading »

Cleaning Up Google Search Results

[ Drawing: Abstract Entity Pursuing Clean Search Results ]

This post is about how I cleaned up an incorrect URL in the Google search results. My business site is basically a one-page portfolio site, located at the URL https://monzillamedia.com/. But in the Google search results, the URL was showing as https://monzilla.biz/, which did not exist. So all potential customers were getting an error page. Fortunately I was able to re-acquire the monzilla.biz domain and redirect all traffic to monzillamedia.com. Continue reading »

Automatic IP Blacklist

[ Automatic IP Blacklist ]

Recently a reader going by the name of Rock Star sent me a cool little PHP script that automatically updates your site’s .htaccess with a current list of bad IP addresses. This is useful because it gives you better “real time” protection against attacks and malicious requests. This tutorial shares the code and explains how to implement in two easy steps. Continue reading »

Enable PHP fsockopen with CSF

[ Mr. PHP fsockopen CSF ]

Recently started some sites with Liquid Web hosting, everything going extremely well all around. There was one hiccup (at least for me) where PHP’s fsockopen was not working. At the time, I was trying to figure out why the Whois Lookup feature used by Blackhole Bad Bots was not working. Initial investigation revealed that fsockopen() external HTTP requests were getting blocked somewhere. Everything else worked, including making the requests via cURL. Continue reading »

Difference between mod_alias and mod_rewrite

Most of the redirect techniques provided in my stupid .htaccess tricks article all use Apache’s alias module, mod_alias. You can also use mod_rewrite to redirect URLs. The main difference is that, with mod_alias, the server is responding to the client request with a redirect, so the client immediately is sent to the new location. Conversely, with mod_rewrite, the server simply returns the new content, so the client is not actually redirected anywhere. This makes mod_rewrite more advantageous because it happens […] Continue reading »

404 Fix: Block Nuisance Requests for Non-Existent Files

[ Han Solo shutting up C-3PO in Empire Strikes Back ]

As I’ve written before, blocking nuisance requests can help save you money by cutting down on wasted server resources, memory, and so forth. It also saves you time, as your server access and error logs won’t be full of nuisance request spam. So you will have more resources and time for things that matter, like running your business, helping customers, improving code, etc. So to continue the proud tradition of blocking malicious traffic, this post builds upon previous blocking techniques […] Continue reading »

Blocking the “ReallyLongRequest” Bandit

[ Sneaky Bandit ]

While browsing server logs, I kept seeing these super long request URIs that begin with “YesThisIsAReallyLongRequest…” and then the request string just keeps going for like 1 kilobyte worth of characters. Not just a few times, but many. In other words, somebody is going around and repeatedly hitting servers with gigantic-size requests. Probably to test server response using other people’s servers. Ummm, yeah kinda malicious. So I did some research and then blocked the “ReallyLongRequest” Bandit. Continue reading »

Blackhole for Bad Bots – Quick Start

[ Black Hole (Figurative) ]

Welcome to the Quick Start Guide for the standalone PHP version of Blackhole for Bad Bots. This post basically is a condensed summary of the original Blackhole tutorial. So if you are new to the concept of blocking bad bots, check out the original tutorial. Otherwise, for those that are familiar, the following guide should simplify things and help you get started with Blackhole as quickly as possible. Continue reading »

Redirect Query String via .htaccess

In general, redirecting URLs is a piece of cake with Apache’s .htaccess. The only trick is redirecting based on the URL’s query-string value. Doing so requires slightly different directives that many people are not aware of, so it’s common to see a questions like, “why isn’t my redirect working for query strings?” This quick tutorial aims to clear up any confusion and explains how to redirect any URL based on its query string. Continue reading »

How to Redirect URLs

Want to redirect a URL from one location to another? This simple guide shows you how to do it with Apache/.htaccess, PHP, JavaScript, HTML, and more. Each redirect technique is briefly explained and includes ready-to-go, copy-&-paste examples. Just grab the code you need and use it in good health. May the redirects be with you! Continue reading »

Detect Attacks with PHP and .htaccess

This tutorial explains how to detect and block security threats via .htaccess, and then pass that information to a PHP script for further processing. This is a powerful technique that combines the power of Apache with the flexibility of PHP. Enabling you to do things like log all unwanted traffic, send email reports for blocked requests, create a UI to display logged data, and just about anything else you can imagine. It’s an excellent way to keep a close eye […] Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
Banhammer: Protect your WordPress site against threats.
Thoughts
DIY: Monitor File Changes via Cron working perfectly for over a decade.
Mastodon social is a trip. Glad I found it.
As a strict rule, I never use cache plugins on any of my sites. They cause more problems than they solve, imho. Just not worth it.
Currently on a posting spree :)
6 must come before 7.
My top three favorite-to-write coding languages: CSS, PHP, JavaScript.
If you’re not 100% sure that you can trust something, you can’t.
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.