WordPress Security

I’ve been going through all my websites and installing Jeff Starr’s: 5G Blacklist. It is pasted into the .htaccess file at the server root. The blacklist is a list of known malicious entities that are constantly attempting to break into websites.  It is formatted in some very clever GREP code that attempts to filter out all malicious server requests, and allow all legitimate ones through.  That’s not a simple task.  Jeff puts all this together in his spare time, and makes it available for free.

I hope it will prevent my sites getting hacked.  I want all my sites to continue to look good on my portfolio.  I also sent email to all the owners of those sites, and said I installed this ‘firewall’, and if it caused any problems, email me.

Update: 10 weeks after installing this bit of code, I’ve had no reports of frustration from clients.  On one of my own sites I did have some issues with saving changes to WordPress settings: when I saved I got 403 errors, but then I was able to get back to the admin screen.  I deleted the Blacklist, when ended the 403s, and then pasted the blacklist back into the .htaccess and the problem was remained solved.. I know, .htaccess is odd and mysterious. If you are reluctant to mess with your .htaccess, you could always buy Starr’s book: .htaccess made easy.

Leave a Reply