blog

Securing WordPress

Advanced WordPress Security, Minus the Plugins

As always make sure to take a full backup of your website before making any changes. The code snippets below are placed in the root directory of your WordPress Installation. You can use your Control Panel to edit the file or you can use an FTP Program to upload your changes or you can even use the Yoast SEO Plugin File Editor to make these changes.

Protect your .htaccess file

I’m mentioning this first because your .htaccess file is one of the most important files and it needs to be protected. Use the code snippet below to secure this file.

# Protect .htaccess
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>

Protect your wp-config.php file

This is another extremely important file to protect so make sure to include the code below in your .htaccess file.

# Protect wp-config.php
<files wp-config.php>
order allow,deny
deny from all
</files>

Protect your error_log file

It’s important to make sure that any error logs aren’t accessible.

# Protect error_log
<files error_log>
order allow,deny
deny from all
</files>

Watch the Video Tutorial

Protect your WordPress Website from SQL Injection

This provides protection against SQL Injection of your WordPress Database.

# Protect from SQL Injection
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

Prevent others from Hotlinking your Pictures.

This will help your website from being drained of it’s resources when others try and hotlink images. Make sure to change the URL example to your URL.

# Disable hotlinking of images
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?example.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$  [NC,F,L]

Restrict Direct Access to Plugin and Theme PHP files

This will ensure that PHP files can’t be directly accessed.

# Restrict Direct Access to Plugin and Theme PHP files
RewriteCond %{REQUEST_URI} !^/wp-content/plugins/file/to/exclude\.php
RewriteCond %{REQUEST_URI} !^/wp-content/plugins/directory/to/exclude/
RewriteRule wp-content/plugins/(.*\.php)$ - [R=404,L]
RewriteCond %{REQUEST_URI} !^/wp-content/themes/file/to/exclude\.php
RewriteCond %{REQUEST_URI} !^/wp-content/themes/directory/to/exclude/
RewriteRule wp-content/themes/(.*\.php)$ - [R=404,L]

Secure the wp-includes Directory

Your includes folder is important and is often targeted by hackers. Protect it with the code snippet below.

# Protect Include-Only files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

Don’t Let People Browse your Directories

This is a great way to prevent Directory Browsing.

# Disable directory browsing
Options All -Indexes

Block Author Scans

Sometimes hackers will try and scan your author listings. You can block that.

# BEGIN block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]
# END block author scans

Block WordPress XMLRPC Requests

If you’re not using this feature, then block it.

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

6G Firewall/Blacklist

This firewall was created by PerishablePress and provides amazing protection.

# 6G FIREWALL/BLACKLIST
# @ https://perishablepress.com/6g/

# 6G:[QUERY STRINGS]
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
 RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR]
 RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR]
 RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]
 RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR]
 RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR]
 RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR]
 RewriteCond %{QUERY_STRING} (\\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR]
 RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR]
 RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR]
 RewriteCond %{QUERY_STRING} (\'|\")(.*)(drop|insert|md5|select|union) [NC]
 RewriteRule .* - [F]
</IfModule>

# 6G:[REQUEST METHOD]
<IfModule mod_rewrite.c>
 RewriteCond %{REQUEST_METHOD} ^(connect|debug|move|put|trace|track) [NC]
 RewriteRule .* - [F]
</IfModule>

# 6G:[REFERRERS]
<IfModule mod_rewrite.c>
 RewriteCond %{HTTP_REFERER} ([a-z0-9]{2000,}) [NC,OR]
 RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC]
 RewriteRule .* - [F]
</IfModule>

# 6G:[REQUEST STRINGS]
<IfModule mod_alias.c>
 RedirectMatch 403 (?i)([a-z0-9]{2000,})
 RedirectMatch 403 (?i)(https?|ftp|php):/
 RedirectMatch 403 (?i)(base64_encode)(.*)(\()
 RedirectMatch 403 (?i)(=\\\'|=\\%27|/\\\'/?)\.
 RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&amp;?)/?$
 RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")
 RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\\|\s|\{|\}|\[|\]|\|)
 RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack)
 RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)
 RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$
 RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php
</IfModule>

# 6G:[USER AGENTS]
<IfModule mod_setenvif.c>
 SetEnvIfNoCase User-Agent ([a-z0-9]{2000,}) bad_bot
 SetEnvIfNoCase User-Agent (archive.org|binlar|casper|checkpriv|choppy|clshttp|cmsworld|diavol|dotbot|extract|feedfinder|flicky|g00g1e|harvest|heritrix|httrack|kmccrew|loader|miner|nikto|nutch|planetwork|postrank|purebot|pycurl|python|seekerspider|siclab|skygrid|sqlmap|sucker|turnit|vikspider|winhttp|xxxyy|youda|zmeu|zune) bad_bot

 # Apache < 2.3
 <IfModule !mod_authz_core.c>
 Order Allow,Deny
 Allow from all
 Deny from env=bad_bot
 </IfModule>

 # Apache >= 2.3
 <IfModule mod_authz_core.c>
 <RequireAll>
 Require all Granted
 Require not env bad_bot
 </RequireAll>
 </IfModule>
</IfModule>

# 6G:[BAD IPS]
<Limit GET HEAD OPTIONS POST PUT>
 Order Allow,Deny
 Allow from All
 # uncomment/edit/repeat next line to block IPs
 # Deny from 123.456.789
</Limit>

HackRepairs Blacklist

This is a Blacklist that is used in iThemes Security and created by HackRepair.

# Start HackRepair.com Blacklist
 RewriteEngine on
 # Start Abuse Agent Blocking
 RewriteCond %{HTTP_USER_AGENT} "^Mozilla.*Indy" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Mozilla.*NEWT" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^$" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Maxthon$" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SeaMonkey$" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Acunetix" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^binlar" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^BlackWidow" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Bolt 0" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^BOT for JCE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Bot mailto\:[email protected]\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^casper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^checkprivacy" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^ChinaClaw" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^clshttp" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^cmsworldmap" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Custo" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Default Browser 0" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^diavol" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^DIIbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^DISCo" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^dotbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Download Demon" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^eCatch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EirGrabber" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EmailCollector" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EmailSiphon" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EmailWolf" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Express WebPictures" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^extract" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^ExtractorPro" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EyeNetIE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^feedfinder" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^FHscan" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^FlashGet" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^flicky" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^g00g1e" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^GetRight" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^GetWeb\!" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Go\!Zilla" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Go\-Ahead\-Got\-It" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^grab" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^GrabNet" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Grafula" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^harvest" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^HMView" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Image Stripper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Image Sucker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^InterGET" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Internet Ninja" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^InternetSeer\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^jakarta" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Java" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^JetCar" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^JOC Web Spider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^kanagawa" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^kmccrew" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^larbin" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^LeechFTP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^libwww" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Mass Downloader" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^microsoft\.url" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^MIDown tool" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^miner" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Mister PiX" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^MSFrontPage" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Navroad" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NearSite" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Net Vampire" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NetAnts" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NetSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NetZIP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^nutch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Octopus" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Offline Explorer" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Offline Navigator" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^PageGrabber" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Papa Foto" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^pavuk" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^pcBrowser" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^PeoplePal" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^planetwork" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^psbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^purebot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^pycurl" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^RealDownload" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^ReGet" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Rippers 0" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^sitecheck\.internetseer\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SiteSnagger" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^skygrid" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SmartDownload" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^sucker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SuperBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SuperHTTP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Surfbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^tAkeOut" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Teleport Pro" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Toata dragostea mea pentru diavola" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^turnit" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^vikspider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^VoidEYE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Web Image Collector" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebAuto" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebBandit" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebCopier" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebFetch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebGo IS" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebLeacher" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebReaper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebSauger" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Website eXtractor" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Website Quester" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebStripper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebWhacker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebZIP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Widow" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WPScan" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WWW\-Mechanize" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WWWOFFLE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Xaldon WebSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Zeus" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^zmeu" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "360Spider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "CazoodleBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "discobot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "EasouSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ecxi" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "GT\:\:WWW" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "heritrix" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "HTTP\:\:Lite" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "HTTrack" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ia_archiver" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "id\-search" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "IDBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Indy Library" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "IRLbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ISC Systems iRc Search 2\.1" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "LinksCrawler" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "LinksManager\.com_bot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "linkwalker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "lwp\-trivial" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "MFC_Tear_Sample" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Microsoft URL Control" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Missigua Locator" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "MJ12bot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "panscient\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "PECL\:\:HTTP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "PHPCrawl" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "PleaseCrawl" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "SBIder" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "SearchmetricsBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "SeznamBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Snoopy" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Steeler" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "URI\:\:Fetch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "urllib" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Web Sucker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "webalta" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "WebCollage" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Wells Search II" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "WEP Search" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "XoviBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "YisouSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "zermelo" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ZyBorg" [NC,OR]
 # End Abuse Agent Blocking
 # Start Abuse HTTP Referrer Blocking
 RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?semalt\.com" [NC,OR]
 RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?kambasoft\.com" [NC,OR]
 RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?savetubevideo\.com" [NC]
 # End Abuse HTTP Referrer Blocking
 RewriteRule ^.* - [F,L]
 # End HackRepair.com Blacklist, http://pastebin.com/u/hackrepair

Final Thoughts

Securing your WordPress Website isn’t hard to do as long as you follow Cyber Security best practices and use the right Security Plugins or the code above. As always make sure you take a full backup of your website before making any changes.

Work together for cyber security!

Increased proportion of cyber crime due to the increased use of the internet and the rising violence in the gaming universe is a danger bell for all. Experts have expressed their views on the need to work together and to work together for the cyber security, students, parents, teachers, headmasters and administrators.

In order to raise awareness about the growing violence due to cyber crime and gaming, Aahan Foundation organized a seminar on ‘Cyber Cares Givers‘ in Bhaidas Auditorium in Vile Parle Sponsor by NMIMS, under the initiative ‘Responsible Netism‘. Appeared to the guests present at the meeting. This seminar is well known psychologist Dr. Harish Shetty, Deputy Commissioner of the Cyber ​​Crime Cell of Mumbai Police, Akbar Pathan, Cyber ​​Forensic Expert Sanyog Shelar, Ahama Foundation’s Unmesh Joshi and Sonali Patankar were also present. NMIS College was a co-organizer of this seminar.

At the beginning of this seminar, Unmesh Joshi highlighted the games and how the revolulation of game started. He said that there are so many complaints about gaming being received and it is necessary for the parents to have parental control over them. Deputy Commissioner of Police, Mumbai Police, Akbar Pathan, underlined that under the cyber crime, children are being targeted. He said that security, information and awareness for cyber security are very important. He also advised not to give any password and OTP to anyone on social networking site.

Akbar Pathan Sir also took cognizance of the type of cyber crime and its review. He appealed to contact the Mumbai Police’s 98208 10007 helpline numbers and report the cyber crime. Cyber ​​Forensic Expert Sanyog Shelar, who was involved in the games and the care that needs to be taken, guided the audience. Personal information is currently being played while playing many online games. He instructed to take precautions when giving them. He urged parents to constantly talk to children about games and Internet usage. He said that parental control is necessary for how long the children play games.

Man cheated by the psychiatrist, who is coming forward to fight for cyber security. Dr. Harish Shetty has done this. Explain how the role of parents in this fight is important, make sure to know how to use things like internet, gadgets, do not fall prey to all the children, and communicate with the children in a spirited manner. The schools should maintain the status of a child safety policy, he said. Sonali Patankar informed about the measures implemented by Aahan Foundation.

Legendary Pokémon Go

Pokemon Go Fest took place in Chicago’s Grant Park July 22, and while technical issues prevented many attendees from getting the most out of the event, the expected rollout of Legendary Pokemon did take place.

Specifically, players around the world can now capture Lugia and Articuno by participating in Legendary Raids that may appear at Gyms near them. Niantic also revealed the next two Legendary Pokemon coming to the game “soon”: Zapdos and Moltres.

So Pokemon Legendary can impact on children interview with Zee News as Cyber Expert

Dangerous that can be digital footprint

Though the current time is of social media, the digital footprint that is emerging is not seriously considered. There is currently a possibility of getting a job lost, due to the shock that has been broken.

There was a rule that a large company of web designing could not work together with the Committed Cupels. Chandan and Sadhana (names have changed) The same academic batch. Incidentally, having a job in a single company increased the intimacy with each other. The social account also used to comment on one another; But he was not yet comedited. According to FB, his relationship with the office was seen by the management of the office and both of them were afflicted, so one person was told to leave his job. This was a shock for both of them. They did not want to do such posting when they were not commuted; Because they decided to establish their relationship status before the management sealed them.

Chandan and Sadhana were in a dilemma all of a sudden to hurry to share everything on social media. He had not thought about the consequences of your posting in the future. Posting in the language of social media is called ‘digital footprint’. That means life experiences, memories or traumatized accounts. You can be called a digital album of what memories are remembered for going forward in life. Humans must be ‘social’; But he should have a limit. If you exceed the limit, the result will be affected by anybody.

It is the youth’s interest to go to where you eat, what to eat, whatever happens on the occasion. There are many reasons behind creating this virtual image, marketing yourself, show off. It is a virtual attempt to tell about the situation, the person’s personal experience, and how soon it is going on in our life, telling me how much fun I am. Then you can get real happiness in the moment or not, as soon as you get it, your updates are given in mobile hands immediately.

To prevent viruses

So far, if you’re using a pirated window on your computer, now include the original Windows 10.

Go to the Computer Control Panel and go to System and Security and make sure that the settings of Windows Firewall are correct.

Upload any good company’s antivirus software to the computer. Also, follow the settings and follow the full Computer Scan.

When you turn on the computer, the antivirus updates most of the software. So do not cancel the update even if there is any disturbance.

Do not keep the computer or laptop’s default password. For example … abc, 123, characteristic words, your birth date, words in the English dictionary, etc. are not included as a password.

Never keep a password in your computer or browser. If you have a message like ‘do you want to save this password’, answer ‘no’.

Address bar – where the URL is included; If there is a sign of the locked lizard in the beginning, then it is not possible to know that the website is safe.

Never open links from e-mail or any other website. Know who has sent a link exactly before opening.

To reduce the memory of e-mail

Find Big Mail is a good option for finding large files in Gmail. The app works to automatically search for files that need to be deleted.
Visit www.findbigmail.com this website.

• After clicking the e-mail address on the homepage, click on Find Big Mail.
• After that, Google will ask for confirmation of this service.
• If not logged in, click the password and select Access Access.
• After that this service will start scanning your inbox. There is an email notification when the scanning is done.
• In the Inbox, there are several options like ‘Sent Mail’ etc. On the left, there are some more options that will appear. If the new options are not displayed, then the label will be displayed in three new options.

FindBigMail-Top, FindBigMail-1MB, FindBigMail-10MB
• Clicking on any one of the above options is to clean up unneeded e-mail and the Gmail inbox will help you to have a good amount of time. If you use these tips, it can help you get rid of the sudden loss of sudden e-mail.

‘Super lock’ on Facebook

Everyone expresses a Facebook feel. So the trend of sharing all things on Facebook is growing. Women are also joining hands with Facebook. The increase in the number of women abusing the photos posted on Facebook. But the security of the photos can be maintained using the available options on Facebook.

How Safe is Facebook on Facebook?

Many people quiz questions about the privacy settings of photos on Facebook. Many hacks are found in Facebook’s privacy settings. For example, one account can be seen from what is happening on anyone else’s account. Nobody can stop this type of effort even after trying.

Privacy settings required..

Go to your profile on Facebook. Then go to Photos and select Album option. Then go to the profile picture and click on the edit option on the right. There you will see an option like this with the option of public, friend. Click on it. These photos can then be viewed on your mobile or tab. However, they can not take the screen shot to save the photo. This feature is available on Android. However, the choice of screen shots is available on desktop and iPhone. Facebook’s privacy features remain more efficiently on Android. You can also do the above mentioned actions in the profile picture.

Mobile ‘Hacking’ beware!

Recently, many people prefer to surf the Internet from mobile phones. The number of internet users is increasing due to the cheap Internet access on mobile. That’s why hackers have now turned their mobile to mobile users instead of computers. Mobile cyber attacks are on the rise. In this situation, mobile security has become a key issue. In this regard we will learn about this article.

How Mobile Phone Get Hacked?

  • Mobile phones with GSM technology can be used to make hacking hardware comfortably, so that the phone gets hacked in hackers.
  • Mobile hacking is sent to hackers by some specific ‘link’ (malware) citizens, and citizens are asked to call mail and message sent on that link. Generally speaking, people are contacted by the government office and making contact with the citizens.

‘Cyber Stocking’ Be Watchful!

In this type of ‘Cyber Stocking’ the victim is harassed through the Internet.

Earlier, violence was being done by women on the basis of dowry, family violence, rigging, sexual harassment at work, and persecution by unilateral love, and now it has included internet harassment.

The internet continues to be the type of sending messages before sending or sending obscene messages to women; But now email has become a big medium for this. Blackmailing, threatening or attempting to engage in pornographic intercourse especially for girls, such type is being done more frequently than ever from emails. In most cases, the person who is close to or acquainted with the woman is familiar with it. However, this group is making ‘cyber stockings’ by creating fake accounts.

In this type of ‘cyber stocking’ the victim is harassed through the Internet. In such cases, making phone calls, doing bad things against a person or writing a sentence on his / her body. Most of the time, the culprit in this manner is a disloyal, one-sided love, but at times the humiliated person has done such a thing even with the feeling of vengeance. In this case, the victim’s personal information, family information, phone number and the victim’s diary can be collected by collecting information about it and using that information to hurt the victim. This type of personal information has also been posted on the Internet’s sex service or dating services website

Sonu, do not you trust me?

There are no names that will ever be viral on the Internet. For the past few days there is a viral storm, they say these words. Sonu, do not you trust me? What is this song done? And most notably, you do not want to clutter on YouTube and Personal Whatsapp chat, which is why they started viral by shooting their own Sonu Song in their group. In the same group going to Trekking. Originally this song of old trekking. He got a new tadka now. How did he sit, why did he have no meaning in this viral net trend? There is no logic of why it is viral. But this Sonu Song has become so viral that many of the songs in Gujarati, Hindi, Punjabi and Bhojpuri languages ​​have been translated into Marathi.

And how to sing a song, a song, after all, as a group, sings with a stinging rhythm. At present, there is some craze for this song that quotes are started from him in politics and social work. Speaking to speak, the fanatics began to say to each other .. Sonu, do not you trust me? And the ’round-trip’ journey that started from this question has come with some viral whirlwind that you also think it will be seen as a song. Do not you trust me, Sonu? If you want to enjoy this fun, go to YouTube, and watch all the videos, Sonu, do not you trust me?