How to use PHP code to prevent malicious URL requests on a WordPress site
Learn how to protect WordPress sites from malicious URL requests. This article explains how to use a short code snippet to protect WordPress sites from malicious URL requests.
Protecting your WordPress site from malicious URL requests
Always perform a backup before you make any changes to the theme files. If you break any codes, it will be easier to revert your site to its last good known state. Alternatively, you could also create a child theme. Read this link on how to create a child theme: https://www.a2hosting.com/blog/wordpress-child-theme/
Follow the steps below to edit your Theme setting file to protect WordPress site from malicious URL requests:
- Log in to your WordPress site with an administrator account.
- On the Dashboard in the left sidebar, click Appearance, and then click Theme Editor:
- On the Theme Editor , select the Theme you want to edit from the dropdown:
- The files for this selected theme are listed on the right column under Theme Files. Click on the file named “functions.php”:
- Insert the following code to the end of functions.php file and click Update File Button to save the changes:
global $user_ID; if($user_ID) { if(!current_user_can('administrator')) { if (strlen($_SERVER['REQUEST_URI']) > 255 || stripos($_SERVER['REQUEST_URI'], "eval(") || stripos($_SERVER['REQUEST_URI'], "CONCAT") || stripos($_SERVER['REQUEST_URI'], "UNION+SELECT") || stripos($_SERVER['REQUEST_URI'], "base64")) { @header("HTTP/1.1 414 Request-URI Too Long"); @header("Status: 414 Request-URI Too Long"); @header("Connection: Close"); @exit; } } }
Article Details
- Product: All accounts
- Level: Beginner
Grow Your Web Business
Subscribe to receive weekly cutting edge tips, strategies, and news you need to grow your web business.
No charge. Unsubscribe anytime.
Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.