WordPress.org

Support

Support » Plugins and Hacks » [Resolved] [Plugin: BulletProof Security] Updating .htaccess Only

[Resolved] [Plugin: BulletProof Security] Updating .htaccess Only

  • Tranny
    Participant

    @tranny

    Hello Ed,

    I’ve been looking at the plugin for a while but remain slightly apprehensive regarding its use. Not because of the plugin, but because of the type of site I have. I wanted to ask though:

    I would still like to strengthen my installation any way I can but do not wish to install entire plugin, would I be able to take the # FILTER REQUEST METHODS and the # QUERY STRING EXPLOITS codes from your .htaccess file and paste it into mine without compromising any functionality? I would just like to prevent SQL injection and keep the blog as impenetrable as possible without bloating it up too much. WOuld these two parts of your .htaccess file, when added to mine do me good without causing anything bad?

    http://wordpress.org/extend/plugins/bulletproof-security/

Viewing 1 replies (of 1 total)
  • Plugin Author AITpro
    Participant

    @aitpro

    Yep you can take the .htaccess filter code out and add it to your current .htaccess file(s). BulletProof is not doing anything new in website security that hasn’t been around for years. It is just a compilation of the best most effective filters I could put together and to make it a no brainer for anyone who is not familiar with .htaccess, i just turned into a one click thing. When i first went looking for an .htaccess file and code for my websites years ago I was totally confused by the documentation I found on the Apache site and didn’t really find a site with a ready made complete solution. So you can take or leave whatever filters you want to use. If you are worried about certain words being filtered out of a site search then remove the SQL syntax / words individually. Like “order” for example. The critical SQL commands to block are “insert” and some of the others. Personally I prefer to have any SQL commands blocked that could cause damage to my sites, but it is up to each person to decide what kind of risks they want to take.

Viewing 1 replies (of 1 total)
  • The topic ‘[Resolved] [Plugin: BulletProof Security] Updating .htaccess Only’ is closed to new replies.