Skip to main content

Messing with WordPress SPAM Bots

If you have a WordPress based blog, or otherwise use WordPress as a CMS for your website, you are either getting a lot of bad user accounts being created or noticing a lot of knocking on your wp-login.php page. WordPress has a nice feature which allows you to install WordPress in a directory other than the root one. For example, your site is served from http://blog.example.com, but WordPress can be installed in http://blog.example.com/wpcms. In past versions of WordPress, prior to 3.8 or maybe be older than that, unless you knew the exact path to where WordPress was installed you could not get to the dashboard. That has changed! Now even if WordPress is installed in some random directory, if you navigate to http://blog.example.com/wp-login.php you will be redirected to the actual WordPress login page. Convenient, but not helpful when dealing with SPAM bots.


The majority of SPAM bots are configured to assume that WordPress is installed in the root directory so that's where they will try to either register on your site or login to the WordPress dashboard. With newer versions of WordPress, they do not even have to make any guesses. If you have an older version of Wordpress, or for security reason want to overwrite the new auto-redirect behavior add the lines below to the .htaccess file in the directory from which your site is served. Not the directory in which WordPress is installed.

RedirectMatch 301 ^/wp\-login\.php$ http://localhost/
RedirectMatch 301 ^/wp\-admin$ http://localhost/

What the above lines do is to redirect anyone or anything that tries to login or register at wp-login.php, or access the WordPress dashboard at wp-admin, to itself. Though not the best security solution, it is a solution to deal with both. Unless that is, someone is specifically targeting your website and putting some effort in figuring out it structure. If this is your situation, then check out How to protect wp-login.php using .htaccess and .htpasswd?

Comments

Popular posts from this blog

Format MAC Address [JavaScript]

I am currently working on a project which will allow users to register their Wi-Fi enabled, non-web browser enabled, devices on the network. These are devices like printers, Apple TV, and Xbox*. One of the data points that have to be collected from the user is the device MAC address. The project customer wants that address to be properly formatted when they see it in the support ticket.

We have several options. We can format the address either on the back-end after the form has been submitted. Or we can format it on the front end via a separate text field for each character pair, but that is too many fields to handle. A better solution is to use a single field and format the user input at the time of input or upon submit. In those cases, the former is better because the data will already be formatted when the overall form input is being validation after the user clicks the “Submit” button.

We are going to format the user input as it is being provided, thus having proper data when vali…

SNOOZ: Sound. Sleep.

I was on the Snooz Kickstarter page today, revisiting the project’s details and timeline progress. The device, which is a white-noise generating machine, recently became available for pre-order. Snooz is meant to be an alternative to having a TV or a stationary fan running at bed time. In my case, I bought it for my wife so we can get the TV out of the bedroom.

Whilst on the comments page I read the following comment, posted recently by Ken Tran:

I'm not a fan of the new fabric design. ...
I must disagree. If you take a look at the original design, which is all plastic and no style, I must say it is fugly. It is all utilitarian - not something I rally want to look at or see when I walk into the room. The final design, seen on the right, is something that beacons to be explored, looked at, utilized.

I am a big fan of Bang & Olufsen. They use fabric from Kvadrat in their line of products. Incorporating soft materials like fabric or leather in something which is meant to be place…

Balloon Flowers of 2014

We have Balloon Flowers (platycodon grandiflorus) in a half barrow pot. They are one of my favorite flowers that we have around the house. Simply because of how the flower forms. It starts as a small ball, which slowly grows into the shape of a hot air balloon, and once it opens it looks like it had exploded.

[gallery type="rectangular" link="file" ids="2611,2612,2622,2615,2613,2614,2616,2617,2618,2619,2610,2620,2621"]

I planted the flowers from the pictures above about seven years, ago.