A few months ago, many WordPress sites were attacked with some extremely malicious code. While searching for a good solution, I discovered the following gem of a plugin in the pastebin repository:
<?php /* Plugin Name: Block Bad Queries */
if (strlen($_SERVER['REQUEST_URI']) > 255 ||
strpos($_SERVER['REQUEST_URI'], "eval(") ||
strpos($_SERVER['REQUEST_URI'], "base64")) {
@header("HTTP/1.1 414 Request-URI Too Long");
@header("Status: 414 Request-URI Too Long");
@header("Connection: Close");
@exit;
} ?>This script checks for excessively long request strings (i.e., greater than 255 characters), as well as the presence of either “eval(” or “base64” in the request URI. These sorts of nefarious requests were implicated in the September 2009 WordPress attacks.
To protect your site using this lightweight script, save the code as a plugin and activate in the WordPress Admin area. Once active, this plugin will silently and effectively close any connections for these sorts of injection-type attacks.
For further protection against malicious code, automated attacks, and other cracker nonsense, check out my 4G Blacklist.
Merry Christmas!
Source: Perishable Press
Take your WordPress skills to the next level with Digging into WordPress!
Related articles
- Blacklist Candidate Number 2008-01-02
- Comprehensive Reference for WordPress NoNofollow/Dofollow Plugins
- Optimize WordPress: Pure Code Alternatives for 7 Unnecessary Plugins
- Blacklist Candidate Number 2008-02-10
- Blacklist Candidate Number 2008-03-09
- Three Unsolved WordPress Mysteries
- Blacklist Candidate Number 2008-04-27
Read more: http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/