Bookmark and Share
Home > Website / Internet > Security > Updating wp-ban to include bad URLs

Updating wp-ban to include bad URLs

Posted: Sunday, September 6th, 2009 at 12:52 amUpdated: Friday, September 11th, 2009 at 8:20 am

Manually adding bad URL capability on wp-ban

Alrite, if you’re here, you’re either a code-warrior or you’re one of those unlucky enough to go through the easy way. My assumption is that you understand PHP enough. Here’s what you need to do.

Step 1. Edit wp-content/plugins/wp-ban/ban-options.php

  1. Backup BACKUP BACKUP your existing wp-ban directory. 
    user@www:~/wp-content/plugins$ cp -R wp-ban wp-ban.bak
  2. Open wp-content/plugins/wp-ban/ban-options.php for editing using your favorite text editor.
  3. Somewhere on the following block 
    if(!empty($_POST['Submit'])) {

    add the following lines. My recommendation is you add them in the appropriate sections of the block. However, I don’t see any issues if you’d like to put it right on the top of the section. Just make sure you don’t add at the end of the block.

    $banned_bad_urls_post = explode("\n", trim($_POST['banned_bad_urls']));

// http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls
if(!empty($banned_bad_urls_post)) {
	$banned_bad_urls = array();
	foreach($banned_bad_urls_post as $banned_bad_url) {
		$banned_bad_urls[] = trim($banned_bad_url);
	}
}

$update_ban_queries[] = update_option('banned_bad_urls', $banned_bad_urls);

$update_ban_text[] = __('Banned Bad URLs', 'wp-ban');
  4. Then find this block. 
    ### Determines Which Mode It Is
switch($mode) {

    Under default: section add the following code. Again, I recommend adding them to the appropriate place of the default: section. If you like your code messy, there should not be any problems if you add all on the top of default: section.

    $banned_bad_urls = get_option('banned_bad_urls');

$banned_bad_urls_display = '';

// http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls
if(!empty($banned_bad_urls)) {
	foreach($banned_bad_urls as $banned_bad_url) {
		$banned_bad_urls_display .= $banned_bad_url."\n";
	}
}
  5. Then add the HTML form for ban settings page on wp-admin. Find the <tr> section for Banned Exclude IPs row. Add the following HTML code. 
    <?php // http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls ?>
<tr>
	<td valign="top">
		<strong><?php _e('Banned Bad URLs', 'wp-ban'); ?>:</strong><br />
		<?php _e('Start each entry on a new line.', 'wp-ban'); ?><br /><br />
		<?php _e('Examples:', 'wp-ban'); ?><br />
		<strong>&raquo;</strong> <span dir="ltr">includedir=http://</span><br /><br />
		<?php _e('Notes:', 'wp-ban'); ?><br />
		<strong>&raquo;</strong> <?php _e('Will match part of request URLs.', 'wp-ban'); ?><br />
		<strong>&raquo;</strong> <?php _e('Make sure it\'s unique enough that it doesn\'t match your post URLs.', 'wp-ban'); ?>
	</td>
	<td>
		<textarea cols="40" rows="10" name="banned_bad_urls" dir="ltr"><?php echo $banned_bad_urls_display; ?></textarea>
	</td>
</tr>
  6. Save the file. Then continue on to the next page for editing wp-ban.php file.

Pages: 1 2 3

2 Responses to “Updating wp-ban to include bad URLs”

  1. tygern8r Says: September 8th, 2009 at 7:55 am

    AWESOME!! Thanks for the work. I\’ve been getting nailed by some Koreans constantly trying the SERVER[DOCUMENT_ROOT] over and over again. Even though I\’ve banned them by IP, WP-Ban isn\’t banning them. Hopefully this will take care of them. If not, I\’ll just have to htaccess them.

  2. Maresa Says: September 8th, 2009 at 11:53 am

    Kewl :-) Glad you like it …

Leave a Reply

Security Code: