Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security
122 posts related to: Protect WordPress Media Files

Remove __MACOSX and .DS_Store from ZIP Files on Mac

[ The Cleaner ]

Zipping files on Apple/Mac is a chore because of all the hidden files and folders added by macOS. Like .DS_Store and __MACOSX are two of the most common files and folders that are added to zip files when compressed on macOS. The folder named __MACOSX especially is problematic because it contains duplicates of every file in the zip archive. So for example, if you use Finder to compress 20 files, the resulting zip file will contain the original 20 files, […] Continue reading »

7G Out of Beta

The 7G Firewall was released about a year ago as beta, and has had time now to mature/develop into a stable release. So this is just a heads up that 7G is now officially out of beta and ready for use in live/production environments. Continue reading »

7G Addon: Stop Aggressive Scanning for Uploads-Related Targets

Around the end of December 2019 and then now well into January of 2020, I’m seeing a massive spike in aggressive malicious scanning for uploads-related targets. In particular, there are massive numbers of requests for URL targets involving uploadify, plupload, and similar. Typical scans hitting upwards of 30K–50K requests per attack. Just relentless exploit scanning on steroids. Continue reading »

Stop WordPress from Changing .htaccess

[ Prevent WordPress Automatic .htaccess Modifications ]

In a recent tutorial, I explain how to Stop WordPress from modifying .htaccess. That post explains several ways to prevent WordPress from making changes to .htaccess. This post explains an even better way that is safe, effective, non-invasive, re-usable, and super simple. I’ve been using it on my own sites now for a few years and it works flawlessly. Continue reading »

Remove or Hide File Extension with .htaccess

A common question I get is how to change or hide file extensions using .htaccess. Apparently search engines prefer “pretty” permalink URL structures over query-strings and file extensions. This is one reason why WordPress provides an SEO-friendly permalink option for URLs; because it is preferred over the default plain query-string based format. From the Permalinks settings screen in the WordPress Admin Area: Continue reading »

How to Block IPs with 6G Firewall

This quick post is aimed at users of the 6G Firewall. The latest 6G update removes the IP-address blocking section to improve firewall compatibility and implementation. So now with the IP section removed, you may be asking “how to block an IP address with 6G?” Well good news, this tutorial explains how to do it. Continue reading »

.htaccess Redirect Examples

Finally put together a giant list of .htaccess redirect examples. It’s meant as a quick copy-&-paste resource for those who may be looking for an assortment of redirect techniques. Here you will find redirects via mod_alias and mod_rewrite. Examples include redirecting to and from any directory, subdirectory, resource, URL, and much more. Most of these examples are taken from my previous article, Stupid htaccess Tricks; other examples are taken from previous .htaccess tutorials here at Perishable Press. Enjoy! :) Continue reading »

7G Firewall : Log Blocked Requests

[ 7G Firewall (Beta) ]

This tutorial explains how to log requests that are blocked by the 7G Firewall. This is useful for testing, debugging, and just keeping an eye on things. Learn how to log requests from Apache mod_rewrite and download my custom 7G logging script. It’s a complete example that shows how to log rewrite requests via PHP. All open source and free :) Continue reading »

7G Firewall

[ 7G Firewall (Beta) ]

The 7G Firewall is here! 7G is now out of beta and ready for production sites. So you can benefit from the powerful protection of the latest nG Firewall (aka nG Blacklist). The 7G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. Continue reading »

Cleaning Up Google Search Results

[ Drawing: Abstract Entity Pursuing Clean Search Results ]

This post is about how I cleaned up an incorrect URL in the Google search results. My business site is basically a one-page portfolio site, located at the URL https://monzillamedia.com/. But in the Google search results, the URL was showing as https://monzilla.biz/, which did not exist. So all potential customers were getting an error page. Fortunately I was able to re-acquire the monzilla.biz domain and redirect all traffic to monzillamedia.com. Continue reading »

Automatic IP Blacklist

[ Automatic IP Blacklist ]

Recently a reader going by the name of Rock Star sent me a cool little PHP script that automatically updates your site’s .htaccess with a current list of bad IP addresses. This is useful because it gives you better “real time” protection against attacks and malicious requests. This tutorial shares the code and explains how to implement in two easy steps. Continue reading »

Difference between mod_alias and mod_rewrite

Most of the redirect techniques provided in my stupid .htaccess tricks article all use Apache’s alias module, mod_alias. You can also use mod_rewrite to redirect URLs. The main difference is that, with mod_alias, the server is responding to the client request with a redirect, so the client immediately is sent to the new location. Conversely, with mod_rewrite, the server simply returns the new content, so the client is not actually redirected anywhere. This makes mod_rewrite more advantageous because it happens […] Continue reading »

CLI Forward-Reverse Lookup

[ The circle is now complete. ]

In previous posts, I’ve explained how to verify identity of search engines and other bots, by looking up the host name and then doing a reverse lookup to cross-check the IP address. This is often referred to as a forward-reverse lookup, or something to that effect. The point is, there are plenty of free online tools available for performing forward-reverse IP/host lookups. And online tools are great, but it’s also possible to do forward/reverse lookups directly via the command line, […] Continue reading »

Blocking the “ReallyLongRequest” Bandit

[ Sneaky Bandit ]

While browsing server logs, I kept seeing these super long request URIs that begin with “YesThisIsAReallyLongRequest…” and then the request string just keeps going for like 1 kilobyte worth of characters. Not just a few times, but many. In other words, somebody is going around and repeatedly hitting servers with gigantic-size requests. Probably to test server response using other people’s servers. Ummm, yeah kinda malicious. So I did some research and then blocked the “ReallyLongRequest” Bandit. Continue reading »

Redirect Query String via .htaccess

In general, redirecting URLs is a piece of cake with Apache’s .htaccess. The only trick is redirecting based on the URL’s query-string value. Doing so requires slightly different directives that many people are not aware of, so it’s common to see a questions like, “why isn’t my redirect working for query strings?” This quick tutorial aims to clear up any confusion and explains how to redirect any URL based on its query string. Continue reading »

How to Redirect URLs

Want to redirect a URL from one location to another? This simple guide shows you how to do it with Apache/.htaccess, PHP, JavaScript, HTML, and more. Each redirect technique is briefly explained and includes ready-to-go, copy-&-paste examples. Just grab the code you need and use it in good health. May the redirects be with you! Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
Digging Into WordPress: Take your WordPress skills to the next level.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.