aniksz
Forum Replies Created
-
Now I can Understand… I should unlock it before any settings changes and then re lock it
Let me ask a question here since I’m also having this problem now…
if I activate root folder BulletProof Mode again and lock my root .htaccess file on the BPS Edit/Upload/Download page to prevent this issue from happening repeatedly then will it hamper some plugins functionality like W3 Total cache or YOAST SEO plugin, as these plugins needs to be modified on a regular basis. OR should I install and set up all these plugins and then activate root folder BulletProof Mode again and lock my root .htaccess file on the BPS Edit/Upload/Download page
thanks
anikForum: Plugins
In reply to: [BulletProof Security] Protecting Login Page from Brute Force Login Attackssorry to bother u again… having some issue related this
I’ve added
// Simple Query String Login page protection
function example_simple_query_string_protection_for_login_page() {
$QS = ‘?mySecretString=foobar’;
$theRequest = ‘http://’ . $_SERVER[‘SERVER_NAME’] . ‘/’ . ‘wp-login.php’ . ‘?’. $_SERVER[‘QUERY_STRING’];// these are for testing
// echo $theRequest . ‘
‘;
// echo site_url(‘/wp-login.php’).$QS.’
‘;if ( site_url(‘/wp-login.php’).$QS == $theRequest ) {
echo ‘Query string matches’;
} else {
header( ‘Location: http://’ . $_SERVER[‘SERVER_NAME’] . ‘/’ );
}
}
add_action(‘login_head’, ‘example_simple_query_string_protection_for_login_page’);to my themes function.php file and replace mySecretString=foobar with my own secret key. I’m also able to login through it… but it seems
that log in is still possible through wp-login.phpdo I need to change or add anything else ???
Forum: Plugins
In reply to: [BulletProof Security] Protecting Login Page from Brute Force Login Attacksok… let me try it. thank you again 🙂
Forum: Plugins
In reply to: [BulletProof Security] Protecting Login Page from Brute Force Login Attacksya… our site only allows 4 admins to login and does not allow any other visitors to register but we do have allow comment from reader using disqus comment system in our site… does Simple Query String Login page protection code is still our best solution ???
Forum: Plugins
In reply to: [BulletProof Security] do I need to lock directory from cPanelthanks a lot… Now I have the security practice best suited for my site…
thanks again
anikForum: Plugins
In reply to: [BulletProof Security] Changing /wp-admin url paththank you 🙂
Forum: Plugins
In reply to: [BulletProof Security] Changing /wp-admin url paththanks a lot 🙂
will you plz let me know that is BPS works as a complete security suite or do I need to add some other layer/ plugin to the site… plz recommend anything good
anik
Forum: Plugins
In reply to: [BulletProof Security] Changing /wp-admin url pathhow I can use this code you mentioned earlier in this thread to secure my site???
// Simple Query String Login page protection
function example_simple_query_string_protection_for_login_page() {
$QS = ‘?mySecretString=foobar’;
$theRequest = ‘http://’ . $_SERVER[‘SERVER_NAME’] . ‘/’ . ‘wp-login.php’ . ‘?’. $_SERVER[‘QUERY_STRING’];// these are for testing
// echo $theRequest . ‘
‘;
// echo site_url(‘/wp-login.php’).$QS.’
‘;if ( site_url(‘/wp-login.php’).$QS == $theRequest ) {
echo ‘Query string matches’;
} else {
header( ‘Location: http://’ . $_SERVER[‘SERVER_NAME’] . ‘/’ );
}
}
add_action(‘login_head’, ‘example_simple_query_string_protection_for_login_page’);thanks
anikthanks for the suggestions…I’m concerned now and ditching that downloaded theme. Security should be top priority other than beautification…
thanks again 🙂
Forum: Fixing WordPress
In reply to: my changes in style.css doesn't take any effectsorry for my late replying
thanks a lot… it was really a caching issue. I turned off all the options in w3 total cache and got my results.thanks again 🙂
grt help, might go for pinblack
thnx a lot…
Forum: Installing WordPress
In reply to: Where to find wp-config.php file???thnx a lot 🙂