WordPress Protection

[lnxcode]

[Advanced Users Only]

The below code is a update for your .htaccess file - it can help against attacks using wordpress against wordpress.

Just add the few lines into your .htaccess file:

Code:

SetEnvIfNoCase User-Agent "^WordPress" bad_bot 

 
Order Allow,Deny 
Allow from all 
Deny from env=bad_bot 

Please note that the above code works on seeing the browser. If you have Wordpress signature in your browser (a referring agent) then it will be shown as a 403.

[lnxcode]

Quote:

Originally Posted by lnxcode

[Advanced Users Only]

The below code is a update for your .htaccess file - it can help against attacks using wordpress against wordpress.

Just add the few lines into your .htaccess file:

Code:

SetEnvIfNoCase User-Agent "^WordPress" bad_bot 

 
Order Allow,Deny 
Allow from all 
Deny from env=bad_bot 

Please note that the above code works on seeing the browser. If you have Wordpress signature in your browser (a referring agent) then it will be shown as a 403.

One such attack today:


212.24.63.241 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=640 HTTP/1.1" 403 2931 "-" "WordPress/2.1.2"
212.24.48.138 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=703 HTTP/1.1" 403 2931 "-" "WordPress/1.9"
212.24.62.166 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=1102 HTTP/1.1" 403 2931 "-" "WordPress 1.9"
62.213.115.1 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=530 HTTP/1.1" 403 2931 "-" "WordPress/2.1.2"
212.24.32.233 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=1384 HTTP/1.1" 403 2931 "-" "WordPress/1.9"
62.213.115.1 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=530 HTTP/1.1" 403 2931 "-" "WordPress/2.1.2"
62.213.71.245 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=119 HTTP/1.1" 403 2931 "-" "WordPress 1.9"
62.213.117.194 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=4190 HTTP/1.1" 403 2931 "-" "WordPress/1.9"
62.213.113.233 - - [19/Dec/2007:17:14:19 -0500] "POST /wp-trackback.php?p=2837 HTTP/1.1" 403 2931 "-" "WordPress/1.9"
62.213.71.246 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=639 HTTP/1.1" 403 2931 "-" "WordPress 2.1.2"
212.24.48.72 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=3352 HTTP/1.1" 403 2931 "-" "WordPress/2.1.2"
212.24.48.142 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=199 HTTP/1.1" 403 2931 "-" "WordPress/2.0"
217.23.133.25 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=3246 HTTP/1.1" 403 2931 "-" "WordPress/2.0"
62.213.115.2 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=3533 HTTP/1.1" 403 2931 "-" "WordPress/2.0"
62.213.71.247 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=1427 HTTP/1.1" 403 2931 "-" "WordPress 2.1.2"
62.213.115.2 - - [19/Dec/2007:17:14:20 -0500] "POST /wp-trackback.php?p=3533 HTTP/1.1" 403 2931 "-" "WordPress/2.0"
62.213.116.116 - - [19/Dec/2007:17:14:21 -0500] "POST /wp-trackback.php?p=3484 HTTP/1.1" 403 2931 "-" "WordPress/2.0"

[lnxcode]

Yet another update: Does WordPress scrape sites? | ExpressionEngine Community Forums

[Scott]

Hmmm thanks for the tip.