![[ Stormtroopers Keeping Things Secure. ]](https://perishablepress.com/wp/wp-content/images/2019/security-obscurity.jpg)
ob·scure adjective 1. not discovered or known about; uncertain. In the purely literal sense, the concept of obscurity applies to every transaction on the Web. The HTTP request knows not, nor could possibly know, the actual response it will receive from the server. There is only expected response. Online nothing is certain until it is. Continue reading »
![[ 7G Firewall (Beta) ]](https://perishablepress.com/wp/wp-content/images/2019/7G-firewall.png)
This tutorial explains how to log requests that are blocked by the 7G Firewall. This is useful for testing, debugging, and just keeping an eye on things. Learn how to log requests from Apache mod_rewrite and download my custom 7G logging script. It’s a complete example that shows how to log rewrite requests via PHP. All open source and free :) Continue reading »
The 7G Firewall is here! 7G is now out of beta and ready for production sites. So you can benefit from the powerful protection of the latest nG Firewall (aka nG Blacklist). The 7G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. Continue reading »
![[ WordPress Ultimate Comment Blacklist ]](https://perishablepress.com/wp/wp-content/images/2019/wordpress-comment-blacklist.jpg)
How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just wanna “get ’er done”, although each active plugin requires additional maintenance and server resources. Continue reading »
![[ Automatic IP Blacklist ]](https://perishablepress.com/wp/wp-content/images/2018/automatic-ip-address-blacklist.jpg)
Recently a reader going by the name of Rock Star sent me a cool little PHP script that automatically updates your site’s .htaccess with a current list of bad IP addresses. This is useful because it gives you better “real time” protection against attacks and malicious requests. This tutorial shares the code and explains how to implement in two easy steps. Continue reading »
![[ Mr. PHP fsockopen CSF ]](https://perishablepress.com/wp/wp-content/images/2018/mr-php-fsockopen-csf.jpg)
Recently started some sites with Liquid Web hosting, everything going extremely well all around. There was one hiccup (at least for me) where PHP’s fsockopen was not working. At the time, I was trying to figure out why the Whois Lookup feature used by Blackhole Bad Bots was not working. Initial investigation revealed that fsockopen() external HTTP requests were getting blocked somewhere. Everything else worked, including making the requests via cURL. Continue reading »
![[ Han Solo shutting up C-3PO in Empire Strikes Back ]](https://perishablepress.com/wp/wp-content/images/2018/stop-nuisance-requests.jpg)
As I’ve written before, blocking nuisance requests can help save you money by cutting down on wasted server resources, memory, and so forth. It also saves you time, as your server access and error logs won’t be full of nuisance request spam. So you will have more resources and time for things that matter, like running your business, helping customers, improving code, etc. So to continue the proud tradition of blocking malicious traffic, this post builds upon previous blocking techniques […] Continue reading »
![[ Sneaky Bandit ]](https://perishablepress.com/wp/wp-content/images/2018/reallylongrequest-bandit.gif)
While browsing server logs, I kept seeing these super long request URIs that begin with “YesThisIsAReallyLongRequest…” and then the request string just keeps going for like 1 kilobyte worth of characters. Not just a few times, but many. In other words, somebody is going around and repeatedly hitting servers with gigantic-size requests. Probably to test server response using other people’s servers. Ummm, yeah kinda malicious. So I did some research and then blocked the “ReallyLongRequest” Bandit. Continue reading »
![[ WP Cron HTTP Auth ]](https://perishablepress.com/wp/wp-content/images/2018/wp-cron-http-auth.jpg)
Welcome to the official homepage for my free WordPress plugin, WP Cron HTTP Auth. This page explains what the plugin does, how it works, and where to download and get support. The plugin actually is very simple, however, so there is not a lot to explain. If you are looking for plugin documentation, visit WP Cron HTTP Auth at WordPress.org. There you will find installation steps, support forum, translation tools, and more. Continue reading »
![[ Disable WP REST API ]](https://perishablepress.com/wp/wp-content/images/2018/disable-rest-api.jpg)
Welcome to the official homepage for my free WordPress plugin, Disable WP REST API. This page explains what the plugin does, how it works, how to test the plugin, and why anyone would anyone on earth want to disable the REST API, for crying out loud, all explained on this page. If that sounds like you, you’re in the right place. If you are looking for plugin documentation, visit Disable WP REST API at WordPress.org. There you will find installation […] Continue reading »
![[ Contact Form X ]](https://perishablepress.com/wp/wp-content/images/2018/contact-form-x.jpg)
Welcome to the official homepage for my free WordPress plugin, Contact Form X (CFX). This is a more personal look at the plugin, aimed at readers who are familiar with my work. Here you’ll find some screenshots, cool features, and of course some rambling backstory (because there is one). If you are looking for official plugin documentation, visit Contact Form X at WordPress.org. There you will find docs, download, installation steps, support forum, translation tools, and more. Continue reading »
I’ve been super busy this year, cranking out some useful new plugins. Nothing as awesome as Banhammer Pro, but some pretty useful new plugins nonetheless. So I’m launching a total of five new WordPress plugins. The first four basically are utility plugins designed to make WordPress life easier. The 5th and final plugin (for awhile at least), is Contact Form X, which I am now using as the contact form here at Perishable Press. Contact Form X I know what […] Continue reading »
![[ Disable Gutenberg ]](https://perishablepress.com/wp/wp-content/images/2018/disable-gutenberg.jpg)
For those still in the dark, WordPress 5.0 will bring HUGE changes to the post editor. Dubbed Gutenberg, the new WP post editor replaces the entire “classic” post editing screen. So as of WordPress 5.0 and beyond, the “Edit Post” screen will be completely replaced by a giant WYSIWYG content builder called “Gutenberg”. So much more is being replaced than just the content editor. The list of things that are replaced by Gutenberg include the RTE/Visual Editor, Plain Text Editor, […] Continue reading »
![[ Custom Fields for Gutenberg ]](https://perishablepress.com/wp/wp-content/images/2018/gutenberg-custom-fields.jpg)
Currently Gutenberg does not display the Custom Fields meta box. Before Gutenberg, in WordPress 4.9 and earlier, the “Edit” screens in the WP Admin Area optionally displayed the Custom Fields meta box. The Custom Fields meta box is employed by millions of sites, themes and plugins. Including my own collection of WordPress plugins, which use custom fields for Posts, Pages, and many Custom Post Types. Basically Custom Fields are a critical part of WordPress functionality, so I wrote a plugin […] Continue reading »
