Thanks for the positive review! Any questions, just ask!
Thread Starter
Bliss7
(@bliss7)
Hi Srussel13,
Hope to get a security based update on the plugin soon 🙂
Looks like the bots and hackers are targeting it by far the most on my site. I see soooo many access attempts hitting the plugin all the time. Hope you can look at hardening it.
Can you give me any additional information? Specifically, where in the plugin you are seeing these attacks?
Thread Starter
Bliss7
(@bliss7)
The top two files getting hit by bots all the time are:
URL……/wp-content/plugins/iire-social-icons/includes/iire_social_widget_styles.php
URL……/wp-content/plugins/iire-social-icons/includes/iire_social_shortcode_styles.php
They are right behind xmlrpc.php as the most accessed files.
These two files are loaded into the WordPress footer and generate the CSS styles (icon size, background color, margins, padding, etc) for the icons.
The parameters that are set in the Widget/Shortcode Designer are passed to the output of the widget or shortcode.
Since the output of these scripts is strictly CSS, there are no other functions or scripts in these teo files that should pose a security risk. WordPress will notify me if they see anything unusual.
If you have any ideas on how to make the bots ignore these two scripts, I’m certainly open to suggestions.