We launched a new IT training category! Check out the 140+ courses now.

Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Firewalling your site

From: WordPress 3: Developing Secure Sites

Video: Firewalling your site

In this screencast, we're going to protect our site with a powerful htaccess firewall. The 5G firewall by Perishable Press is designed especially for WordPress-powered sites, and is very effective at blocking a plethora of bad bots, requests, user agents, and IP addresses. Here in our FTP/file editor, we want to open the htaccess file in the root directory. Notice the existing PERMALINK rules at the top of the file. To add the firewall, grab the code from the provided file, copy everything, and then paste into your htaccess file, like so.

Firewalling your site

In this screencast, we're going to protect our site with a powerful htaccess firewall. The 5G firewall by Perishable Press is designed especially for WordPress-powered sites, and is very effective at blocking a plethora of bad bots, requests, user agents, and IP addresses. Here in our FTP/file editor, we want to open the htaccess file in the root directory. Notice the existing PERMALINK rules at the top of the file. To add the firewall, grab the code from the provided file, copy everything, and then paste into your htaccess file, like so.

No modifications are required. The 5G firewall is ready to protect your site, right out of the box. Just save and upload the file to your server and return to the browser to make sure that everything is still working. The pages are loading just fine. Let's jump into the Admin and click around a little bit. This is always a good idea to check your site for proper functionality after working with your htaccess file. Everything is working great, and our site is now protected by a strong firewall.

Although the technique is simple, there's actually a lot going on in the code. Let's continue with a quick walkthrough of the 5G firewall. The first section of the code checks the query string, part of the requested URL, and blocks lots of the bad stuff. This is a key part of the firewall. The next section checks the user agent making the request and blocks some of the worst known user agents. Note that this is the same block of code used in our previous screencast.

There's no need to include it twice. Next, the code looks at the main part of the URL, which is everything but the query string. If you include only one part of this firewall, this would be it, and maybe the query string section. It blocks a ton of garbage from getting through. Lastly, the firewall blocks a short list of known terrible IP addresses. It's included as more of an example of how to block them. If you find a bad IP address that you would like to block, you simply add another line, like so.

For default installations of WordPress, the 5G firewall is a safe and powerful way to protect your site. It plays nice with many plug-ins and is easily adjusted if and when issues arise. For more information and help with the 5G firewall, visit perishablepress.com. Using the techniques in this screencast, we've protected our site with a strong firewall that blocks tons of ill requests, spammers, leechers, bandwidth thieves, and other nonsense. As expected, filtering out the garbage saves system resources and helps keep your site safe and secure for valued visitors.

Show transcript

This video is part of

Image for WordPress 3: Developing Secure Sites
WordPress 3: Developing Secure Sites

36 video lessons · 11500 viewers

Jeff Starr
Author

 

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Join now Already a member? Log in

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed WordPress 3: Developing Secure Sites.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferences from the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.