Wordress security plugin

The recent attacks on WordPress has compelled me to write a WordPress security plugin, in order to protect my blog and make every other WordPress blog safer. So if you want to get involved please let me know and I’ll include your attack vectors in the code.

I shall release more details soon (the name etc) but in the meantime have a look at who’s been attacking me :-

So might want to add those people to a block list 🙂

I will be releasing the plugin soon on the main WordPress site once I have completed it.

10 Responses to “Wordress security plugin”

  1. David Kierznowski writes:

    Gareth, we are currently working on a WordPress Security plugin for BlogSecurity. If your keen to join the team drop me an email.

  2. Gareth Heyes writes:

    Hi David, I’ve just emailed you. Yeah I’d love to join the team. Anything to improve WordPress security.

  3. Tim Van Wassenhove writes:

    Initially i thought about using a blacklist too.. But it grows rather fast.. These days i use the akismet plugin…

    Anyway, here is a list with ips of users that annoyed me with spam:

  4. Gareth Heyes writes:

    Hi Tim

    My list had nothing to do with spam but rather SQL injection attacks and XSS attacks. Akismet is a anti-spam plugin and is nothing to do with protecting against web attacks.

    But thanks for the list I shall store that for further examination.

    I don’t get any spam on my blog 😉
    Cause I wrote my own plugin:-

  5. Mark writes:

    Try Bad Behaviour. No need to re-invent the wheel!

  6. Gareth Heyes writes:

    Thanks Mark I’ve looked at that before but my plugin is completely different, I think there’s been some confusion when I posted.

    My plugin detects and prevents XSS, SQL injection and redirection etc, the blacklist I emailed was from attackers using these methods on the spanner.

    My code actually patches a lot of WordPress variables as well as offering banning by IP address, the plugin will prevent future attacks on WordPress as well.

  7. 0x000000 writes:

    I think we need a different approach rather then blocking IP’s most IP’s are hijacked servers, trojanized PC’s et al.

    Gareth let me know how far you are with the project we have in mind, i have a few new ticks up my sleeve to not only detect bad behavior but also to block and redirect it, instead of permanently blocking it.

    Cause my htaccess with blocked IP’s is around 18KB now, and my index page is around 7KB 🙂 but this is temporary I have plenty of new ideas to stop ’em all for good.

  8. Gareth Heyes writes:

    Ronald sounds cool!

    I shall be in touch, still working on the code but a prototype should be ready soon.

  9. Pierre writes:

    anti spam system based on the IP are really a bad idea. Almost everyone uses dynamic IPs and ends to be blocked only because a stupid script kiddie got the same IP in the past.

    askimet and similar systems work well (while not being perferct, but there is no perfect solution).

  10. Gareth Heyes writes:

    Hi Pierre it isn’t a anti-spam system and my plugin doesn’t just submit IP’s blind, I do some checks on them.

    The bans will be removed once the WordPress attacks calms down. My plugin will handle attacks by patching and filtering the WordPress code.

    This is a security plugin not a anti spam plugin.