WordPress Firewall 2 Plugin to Enhance Protection of WordPress Blogs


I present to you the important and powerful “WordPress Firewall 2” plugin that enhances the protection and security of WordPress. This explanation is a gift from Brother Muhammad Al-Omari, due to a conversation between us about protecting WordPress in a secure manner. A thousand thanks to Brother Muhammad Al-Omari for this most wonderful addition. Now let’s get to the heart of the matterI no longer use add-ons for protection. My blog has been disabled for a while. I am using other methods just to clarify the matter

The work of the extension is to prevent malicious requests, which may lead to hacking the blog or obtaining dangerous information that leads to penetration of the blog or the server as a whole, of course its work is done without the need to modify .htaccess, so protection is through php and this addition is also useful in the case of One of the plugins is infected with vulnerabilities and we have mentioned the importance of upgrading the plugin in the next post 15 plugin infected with serious security vulnerabilities in WordPress 2011

Addition features in order as found on the plugin control page:

Security - security filters

Folder Skip Protection for reading sensitive files and folders that may contain dangerous information such as:

../wp-config.php
../../etc/passwd

Prevent and block the use of any kind of SQL Injection, such as commands:

union select, concat(, /**/, etc.)

Preventing the use of dangerous functions that may lead to obtaining the information of the admin of the blog and then hacking it, and is a patch for the vulnerability that was discovered in WordPress recently related to PingBack, for example:

wp_, user_login

As for filtering, Block WordPress specific terms causes problems with plugins and themes when you want to modify something that will automatically redirect you to the error page and the home page depending on the settings that you will makeIt is recommended to install the plugin for owners of WordPress 3.0.4 and earlier bloggers

Preventing the use of field truncation loopholes, despite their low risk and difficulty in detecting them, but out of caution!

Prevent the upload of dangerous files and other malicious files such as:

.php, .exe

Preventing the exploitation of File Include loopholes, which are considered the most dangerous and powerful gaps, but with the activation of this option, it may affect the work of some add-ons, as mentioned by the programmer.

You have the option if any strange behavior is detected from what we mentioned, so that it appears to the hacker, either the 404 error page or is transferred to the home page

protection

You also have the option to send an alert message to your e-mail where any malicious behavior has been suspected, with the person’s IP number, the current page and the page from which he came, with the link to the exploitation

email wrraning - WordPress Magazine

The extension puts your IP number in the whitelist so that it does not conflict with your work during the development or testing of the magazine

ipwhitlits - WordPress Magazine

The addition we will need in a future post, God willing, to complete some tasks, it will be very useful and importantLink to the WordPress Firewall 2 plugin page on the official WordPress site WordPress.org

If there is any query please put a comment? And don’t forget to subscribe to our mailing list, thank you very much

Peace, mercy and blessings of God

Leave a Comment