How to Protect WordPress Against Malicious URL Requests

This snippet is great for security to protect your WordPress site against malicious URL requests.

Instructions
Add this to your functions.php file.

global $user_ID; if($user_ID) {
	if(!current_user_can('administrator')) {
		if (strlen($_SERVER['REQUEST_URI']) > 255 ||
			stripos($_SERVER['REQUEST_URI'], "eval(") ||
			stripos($_SERVER['REQUEST_URI'], "CONCAT") ||
			stripos($_SERVER['REQUEST_URI'], "UNION+SELECT") ||
			stripos($_SERVER['REQUEST_URI'], "base64")) {
				@header("HTTP/1.1 414 Request-URI Too Long");
				@header("Status: 414 Request-URI Too Long");
				@header("Connection: Close");
				@exit;
		}
	}
}

How to Protect WordPress Against Malicious URL Requests

Leave a Reply Cancel reply

WordPress Snippet Info

Recent Comments

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Display the Total Number of WordPress Posts for Custom Post Type

How to Show Most Popular WordPress Posts Without a Plugin

WordPress Code Snippets

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Exclude the Current WordPress Post from WP_Query

How to Show the Current Time in Local Language in WordPress

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Show WordPress Featured Image Caption Without a Plugin

WordPress Plugins

WordPress Tutorials

Latest Content

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Exclude the Current WordPress Post from WP_Query

How to Show the Current Time in Local Language in WordPress

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Show WordPress Featured Image Caption Without a Plugin

Most Read

How to Exclude the Current WordPress Post from WP_Query

How to Remove the WordPress Author Prefix from Slug

How to Show the Current Time in Local Language in WordPress

How to Display WordPress “Site Name” and “Description” in Templates

How to Display Content for Mobile or Desktop Only Using WordPress “wp_is_mobile”.

How to Show WordPress Featured Image Caption Without a Plugin

Editors recommended

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Exclude the Current WordPress Post from WP_Query

How to Show the Current Time in Local Language in WordPress

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Show WordPress Featured Image Caption Without a Plugin

Your IP: 2a03:b0c0:3:d0::1b42:f001

How to Protect WordPress Against Malicious URL Requests

Leave a Reply Cancel reply

Related articles.

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Remove the WordPress Author Prefix from Slug

How to Redirect a WordPress User to a Specific URL After Login Based on User Role

How to Show Number of WordPress Queries and Page Load Time

How to Restrict User Access to WordPress Templates

How to Change the WordPress Author URL-/Slug Base

WordPress Snippet Info

Recent Comments

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Display the Total Number of WordPress Posts for Custom Post Type

How to Show Most Popular WordPress Posts Without a Plugin

WordPress Code Snippets

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Exclude the Current WordPress Post from WP_Query

How to Show the Current Time in Local Language in WordPress

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Show WordPress Featured Image Caption Without a Plugin

WordPress Plugins

WordPress Tutorials

Latest Content

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Exclude the Current WordPress Post from WP_Query

How to Show the Current Time in Local Language in WordPress

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Show WordPress Featured Image Caption Without a Plugin

Most Read

How to Exclude the Current WordPress Post from WP_Query

How to Remove the WordPress Author Prefix from Slug

How to Show the Current Time in Local Language in WordPress

How to Display WordPress “Site Name” and “Description” in Templates

How to Display Content for Mobile or Desktop Only Using WordPress “wp_is_mobile”.

How to Show WordPress Featured Image Caption Without a Plugin

Editors recommended

How to include a PHP file in WordPress

How to Remove the Product-Category Slug in WordPress WooCommerce

How to Exclude the Current WordPress Post from WP_Query

How to Show the Current Time in Local Language in WordPress

How to Restrict WordPress Media Library Access to User’s Own Uploads

How to Show WordPress Featured Image Caption Without a Plugin