Tag: website security

How to prevent Tor users from viewing or commenting on a WordPress site

The Tor network is an important tool for anonymity, privacy, and censorship circumvention, which in some countries is being fought even at the state level. But Tor is a public tool, so it can sometimes be used for online trolling and bullying. This article will show you how: prevent Tor users from commenting on your WordPress site prevent Tor users...

iThemes Security locked out a user – how to login to WordPress admin when user is banned (SOLVED)

iThemes Security is a plugin for WordPress that makes it difficult for hackers to attack the site and collect information. Among other features, iThemes Security has protection against brute-form paths (search for “hidden” folders and files), as well as protection against hacking user credentials by brute force passwords. Once set up, the iThemes Security plugin usually works fine and doesn't...

How to block access to my site from a specific bux site or any other site with negative traffic

There are situations when negative traffic comes from certain sites, for example, from bux sites or simply from sites that you don't like. In some cases, such traffic can be dealt with, but not always. Quite often, there are tasks like “go to a search engine, enter such and such a query, go to such and such a site” in...

How to protect my website from bots

In the article “How to block by Referer, User Agent, URL, query string, IP and their combinations in mod_rewrite” I showed how to block requests to a site that match several parameters at once – on the one hand, it is effective against bots, on the other – practically eliminates false positives, that is, when a regular user who is...

How to block by Referer, User Agent, URL, query string, IP and their combinations in mod_rewrite

As part of the fight against the influx of bots to the site (see the screenshot above), I had to refresh my knowledge of mod_rewrite. Below are examples of mod_rewrite rules that allow you to perform certain actions (such as blocking) for users who meet a large number of criteria at once – see the most recent example to see...

Redirect to HTTPS not working in WordPress

This is not an obvious problem, because for some pages the redirect to HTTPS works, but for some it does not. I ran into this problem on WordPress quite by accident. Therefore, if you are a webmaster with WordPress sites, then I would recommend that you check your sites too. Redirecting from HTTP to HTTPS is quite simple, you need...

How to use Kali Linux to check web-sites

The essence of securing websites comes down to finding problems before a hacker does and fixing it before a hacker exploit it. Hackers are looking for problems with the security of websites (site vulnerabilities) with the help of specialized programs (‘tools’). Since these programs are “dual-use” - that is, they can be used to ensure the security of sites or...
Loading...
X