- Protect Against Malicious POST Requests
Whether you like it or not, there are scripts and bots out there hammering away at your sites with endless HTTP “POST” requests. POST requests are sort of the opposite of GET requests. Instead of getting some resource or file from the server, data is being posted or sent to […]
- Protect Against Humans.txt Query-String Scans
I woke up this morning to the sound of thousands of 404 requests hitting the server. It’s sad that there are kiddies out there who have nothing better to do than buy some pathetic $50 script and then sit there like an imbecile harassing people for hours on end. But […]
- Testing HTTP Requests
Just a quick post with some tips for troubleshooting and testing HTTP requests. For example, if you have a plugin that sends requests behind the scenes via Ajax or cURL or whatever, it’s nice to have a way to view request details such as headers, the response, and everything in […]
- Book Sale!
As mentioned, I’ve been super busy updating stuff, and have new versions available for Digging Into WordPress, .htaccess made easy, and The Tao of WordPress. To celebrate the updates, I’m having a “Fall Sale” on all books, with combo deals available for bundled books.
- New Design and Updated Content
I’m getting back into the swing of things around here, now stepping it up with a new design, new tools, and lots of updated (and new) content, demos, scripts, and more. Here is a quick rundown of the new design and updated projects..
- 2013 IP Blacklist
When time allows, I like to post my collections of the worst IP addresses for the current year. Certainly, there are pros and cons to using an IP blacklist. In general, IPs are easily spoofed, change frequently, and are therefore unreliable as a general security strategy. But as a short-term […]
- New Design in Progress
My new book is doing well, so I have some time to work on my sites. Here at Perishable Press, I’ll be working on a redesign, refreshing some older content, and posting some new articles.
- 5G Blacklist 2013
Update: Check out the new and improved 6G Firewall 2016! Following up on much feedback (and this post), here is an update for the 5G Blacklist for 2013. As explained in the 2012 article (and elsewhere), the 5G Blacklist helps reduce the number of malicious URL requests that hit your […]
- (Please) Stop Using Unsafe Characters in URLs
- What I did in 2012
It’s been an amazing year across the board. Here is a quick recap of some of the things I did in 2012. I don’t keep a journal of every little detail, but here are some of the things I remember specifically setting out to do, sort of organized by month.
- Blacklist Candidate 2012-11-13: Evil Scanner Edition
It’s been awhile since I’ve posted one of my Blacklist Candidate series articles. It’s always fun for me to talk (or write) about security related issues, especially when a quick slab of .htaccess can be used to take care of business. And that’s exactly what we have in this edition […]
- BBQ: Protect Against Malicious URL Requests
Block Bad Queries (BBQ) is a simple script that protects your website against malicious URL requests. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution that works great for sites where .htaccess […]
- New Book!
I’m proud to announce the launch of my new book on .htaccess, titled .htaccess made easy. It’s a book I’ve been wanting to write for years, since first getting hooked on .htaccess way back in 2006. Since then, I’ve learned a lot about .htaccess, Apache, security, and web-design in general […]
- Media Temple (dv) 4.0 Migration & Optimization
About a month ago, I received an email letting me know that my host, Media Temple, is discontinuing their (dv) Dedicated Virtual 3.0-3.5 servers. Everyone hosted on the old servers must migrate to the new (dv) 4.0 servers. The friendly (mt) email says: The migration is a fairly simple process […]
- 6G Beta
Update: Check out the new and improved 6G Firewall 2016! Since releasing the 5G Blacklist earlier this year, malicious server scans and bad requests have surged with more novel attacks than I’ve seen since first getting into this stuff six years ago. In other words, now is the time to […]
- Add Google+ Share Button to Any Site
g+ Share button Word on the streets is that the new Google+ Share button is the best way yet to benefit from Google’s myriad social-media services and all-important search-engine. And Google makes it SO easy to add the new Share button to your website. This article explains what it is, […]
SPRING2018Shop Books »