Prevent exposure of wp-config.php
From July to September in 2015, 33 types of malicious requests to attempt exposing the
wp-config.php via vulnerable plugins and themes had been observed on my site. I analyzed all of them to identify if IP Location Block can block them or not.
Impact on server load caused by brute-force attacks
I have examined the load reduction performance against brute-force attacks by using IP Location Block. I report the result in this article.
Jetpack is the Swiss army knife for your WordPress site. Plentiful awesome features are served for free by hooking to WordPress.com.
In this article, I show some notes related to living with Jetpack and IP Location Block.
Analysis of Attack Vector against WP Plugins
On the WPScan Vulnerability Database maintained by Sucuri, we can find many new plugins and themes every month. Of course, WP-ZEP is not God Almighty against these. Then you may wonder about:
- Which attack can WP-ZEP prevent?
- How many attacks can WP-ZEP prevent?
I’m with you!!
So I picked up the latest 50 vulnerabilities from WPScan DB, and dig into each attack vector one by one to investigate which can be prevented or not by WP-ZEP.
Referrer Suppressor for external links
“Referrer Suppressor” which eliminate the browser’s referer is one of my favorite feature in IP Location Block.
It came to this plugin as a logical consequence of WP-ZEP. In this article, I’ll tell you the story.
How does WP-ZEP prevent zero-day attack?
IP Location Block is the only plugin which has an ability to prevent zero-day attack even if some of the plugins in a WordPress site have unveiled vulnerability. I call it “Zero-day Exploit Prevention for WordPress” (WP-ZEP).
In this article, I’ll explain its mechanism and also its limitations. Before that, I’ll mention the best practice of plugin actions.
Why so many WordPress plugins are vulnerable?
Source: © The WPScan Team
The above graph shows recent statistics of WordPress vulnerability from WPScan Vulnerability Database summarized by Sucuri which is a worldwide security company especially famous for analyzing vulnerability in WordPress.
Why so many vulnerabilities are there in WP plugins?
After reading the Sucuri Blog deeply and widely, I came to the conclusion that there is some kind of disuse and misuse of WordPress core functions.
I’d like to verify each vulnerability from this point of view.
CloudFlare & CloudFront API class library
When you use CloudFlare or CloudFront as a reverse proxy service, you can retrieve a visitor’s IP address and country code from their special offered environment variables.
In this article, I’ll show you how to make use of their services.
Shortcode for Geo Filtering