Posted By

BoNzO on 03/10/10


Tagged

wordpress code


Versions (?)

Who likes this?

1 person have marked this snippet as a favorite

BrianCoyDesign


Block malicious URL Requests on Wordpress


 / Published in: PHP
 

URL: http://www.wprecipes.com/wordpress-plugin-protect-your-blog-from-malicious-url-requests?utm_source=twitterfeed&utm_medium=twitter&utm_campaign=Designely

  1. <?php
  2. /*
  3. Plugin Name: Block Bad Queries
  4. Plugin URI: http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
  5. Description: Protect WordPress Against Malicious URL Requests
  6. Author URI: http://perishablepress.com/
  7. Author: Perishable Press
  8. Version: 1.0
  9. */
  10. global $user_ID; if($user_ID) {
  11. if(!current_user_can('level_10')) {
  12. if (strlen($_SERVER['REQUEST_URI']) > 255 ||
  13. strpos($_SERVER['REQUEST_URI'], "eval(") ||
  14. strpos($_SERVER['REQUEST_URI'], "CONCAT") ||
  15. strpos($_SERVER['REQUEST_URI'], "UNION+SELECT") ||
  16. strpos($_SERVER['REQUEST_URI'], "base64")) {
  17. @header("HTTP/1.1 414 Request-URI Too Long");
  18. @header("Status: 414 Request-URI Too Long");
  19. @header("Connection: Close");
  20. @exit;
  21. }
  22. }
  23. }
  24. ?>

Report this snippet  

You need to login to post a comment.