WordPress.org

Support

Support » How-To and Troubleshooting » Firewall Scripts – To Stop Hackers

Firewall Scripts – To Stop Hackers

Viewing 8 replies - 1 through 8 (of 8 total)
  • Not exactly what you are looking for perhaps, but AskApache.com has a great plugin that disallows direct request to certain files, folders, commands, etc.

    Does it work for WordPress 2.6? On the plugin page it states compatible up to 2.5.1

    When I installed the plugin I was getting alot errors on my 2.6 wordpress site.

    Thanks

    I have used it since 2.1.3 and I still use it with 2.6. What kind of errors to you get?

    I’m getting these erros: It might be due to the way my server is setup?

    thanks

    Warning: file(/home/xxx/public_html/.htpasswda1) [function.file]: failed to open stream: No such file or directory in /home/xxx/public_html/wp-content/plugins/askapache-password-protect/askapache-password-protect.php on line 715

    Warning: implode() [function.implode]: Invalid arguments passed in /home/xxx/public_html/wp-content/plugins/askapache-password-protect/askapache-password-protect.php on line 715

    Warning: fopen(/home/xxx/public_html/.htpasswda1) [function.fopen]: failed to open stream: Permission denied in /home/xxx/public_html/wp-content/plugins/askapache-password-protect/askapache-password-protect.php on line 717

    Warning: fclose(): supplied argument is not a valid stream resource in /home/xxx/public_html/wp-content/plugins/askapache-password-

    [ FAILED ] Create image test file

    [ FAILED ] Create 401 test file

    Warning: fwrite(): supplied argument is not a valid stream resource in /home/xxx/public_html/wp-content/plugins/askapache-password-protect/askapache-password-protect.php on line 740

    Warning: fwrite(): supplied argument is not a valid stream resource in /home/xxx/public_html/wp-content/plugins/askapache-password-protect/askapache-password-protect.php on line 741

    [ FAILED ] mod_security capability detection

    etc

    Those are errors after activating the plugin, when it does the initial tests, right? I don’t get these errors myself. Perhaps it’s a CHMOD thing, since the plugin is going to edit the htaccess file in the root, create one in the admin folder, etc. Hopefully mr. AskApache will be reading along soon…

    You might be interested in this —

    http://www.seoegghead.com/software/wordpress-firewall.seo

    We wrote it for ourselves and released it. Still a bit beta, but it works. I don’t claim it will get everything, but will stop most obvious published attacks, might save you from a bad plugin, and buy you some time before upgrading.

    Regards,
    Jaimie.

    The firewall looks interesting – I’ll definitely check into that, I hadn’t heard of it before now. Check this out too though:
    Maximum Security for WordPress – it helps keep WordPress secure by blocking SQL injection, XSS attacks, locking down user accounts, removing sensitive info from a site, also includes firewall and intrusion prevention system, and a lot more.

    Yes Gangleri the issue is from file permissions. The new update (coming soon) should fix it.. I wrote about the hold up in detail here if your interested.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Firewall Scripts – To Stop Hackers’ is closed to new replies.
Skip to toolbar