Become Wordpress Professional - Your Ultimate Wordpress Guide

Thursday, 21 March 2013

Strengthen Wordpress Site Security by 5G Firewall

add 5G firewall in WordPress
In this tutorial you will learn about implementing an extra security layer for your WordPress site by adding powerful .htaccess firewall, the 5G firewall is designed specially for WordPress powered sites and it is very effective in blocking bad bots request for user agents and unwanted IP address.

First of all open up your online web host Cpanel account and open up .htaccess file in the root directory of your site.


<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteCond %{QUERY_STRING} (environ|localhost|mosconfig|scanner) [NC,OR]
 RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC,OR]
 RewriteCond %{QUERY_STRING} boot\.ini  [NC,OR]
 RewriteCond %{QUERY_STRING} echo.*kae  [NC,OR]
 RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
 RewriteCond %{QUERY_STRING} \=\\%27$   [NC,OR]
 RewriteCond %{QUERY_STRING} \=\\\'$    [NC,OR]
 RewriteCond %{QUERY_STRING} \.\./      [NC,OR]
 RewriteCond %{QUERY_STRING} \:         [NC,OR]
 RewriteCond %{QUERY_STRING} \[         [NC,OR]
 RewriteCond %{QUERY_STRING} \]         [NC]
 RewriteRule .* - [F]

<IfModule mod_setenvif.c>
 SetEnvIfNoCase User-Agent ^$ keep_out
 SetEnvIfNoCase User-Agent (casper|cmsworldmap|diavol|dotbot)   keep_out
 SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
 SetEnvIfNoCase User-Agent (libwww|planetwork|pycurl|skygrid)   keep_out
  Order Allow,Deny
  Allow from all
  Deny from env=keep_out

<IfModule mod_alias.c>
 RedirectMatch 403 (https?|ftp|php)\://
 RedirectMatch 403 /(cgi|https?|ima|ucp)/
 RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
 RedirectMatch 403 (\,|//|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\|)
 RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
 RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php
 RedirectMatch 403 (base64|crossdomain|localhost|wwwroot)
 RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae)
 RedirectMatch 403 \.well\-known/host\-meta
 RedirectMatch 403 /function\.array\-rand
 RedirectMatch 403 \)\;\$\(this\)\.html\(
 RedirectMatch 403 proc/self/environ
 RedirectMatch 403 msnbot\.htm\)\.\_
 RedirectMatch 403 /ref\.outcontrol
 RedirectMatch 403 com\_cropimage
 RedirectMatch 403 indonesia\.htm
 RedirectMatch 403 \{\$itemURL\}
 RedirectMatch 403 function\(\)
 RedirectMatch 403 labels\.rdf

# 5G:[BAD IPS]
 Order Allow,Deny
 Allow from all
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from 91.121.
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from
 Deny from

Definition of 5G Firewall code

Copy above code and note that there are no modifications required and the 5G firewall is ready to protect your WordPress site. Copy and Paste the code and save it. After done return to the browser and open your site and navigate to confirm everything is perfect or not. If everything is working great then the code is working fine and your WordPress site is protected with strong firewall.

You May Also Like: Protecting Comment Spamming in Wordpress

There is actually a lot going in the code. Lets continue with the quick walk through with 5G code. The first section of the code checks the query string and the requested URL and blocks the bad stuff. This first section is the key part of the 5G firewall.

The next section check the user agent making the request and blocks the most known bad user agents. Note that this is the same block of code we used in previous tutorial that is about blocking bad bots. So if you already have the code in .htaccess then there is no need to add the code again.

Why 5G Firewall is useful for WordPress

Lastly the firewall blocked the short list of known bad IP addresses and if you find any bad IP, you can add it in to the list using the same way. For default Installation of WordPress the 5G firewall is safe and powerful way to protect you site. This code can be friendly and nice with many plugins without causing conflicts.


Post a Comment

Please Avoid Spamming. Comments will be moderated before they are published.