Bookmark and Share

Updating wp-ban to include bad URLs

Posted: Sunday, September 6th, 2009 at 12:52 amUpdated: Friday, September 11th, 2009 at 8:20 am

Manually adding bad URL capability on wp-ban

Alrite, if you’re here, you’re either a code-warrior or you’re one of those unlucky enough to go through the easy way. My assumption is that you understand PHP enough. Here’s what you need to do.

Step 1. Edit wp-content/plugins/wp-ban/ban-options.php

  1. Backup BACKUP BACKUP your existing wp-ban directory.
    user@www:~/wp-content/plugins$ cp -R wp-ban wp-ban.bak
    
  2. Open wp-content/plugins/wp-ban/ban-options.php for editing using your favorite text editor.
  3. Somewhere on the following block
    if(!empty($_POST['Submit'])) {

    add the following lines. My recommendation is you add them in the appropriate sections of the block. However, I don’t see any issues if you’d like to put it right on the top of the section. Just make sure you don’t add at the end of the block.

    $banned_bad_urls_post = explode("\n", trim($_POST['banned_bad_urls']));
    
    // http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls
    if(!empty($banned_bad_urls_post)) {
    	$banned_bad_urls = array();
    	foreach($banned_bad_urls_post as $banned_bad_url) {
    		$banned_bad_urls[] = trim($banned_bad_url);
    	}
    }
    
    $update_ban_queries[] = update_option('banned_bad_urls', $banned_bad_urls);
    
    $update_ban_text[] = __('Banned Bad URLs', 'wp-ban');
    
  4. Then find this block.
    ### Determines Which Mode It Is
    switch($mode) {
    

    Under default: section add the following code. Again, I recommend adding them to the appropriate place of the default: section. If you like your code messy, there should not be any problems if you add all on the top of default: section.

    $banned_bad_urls = get_option('banned_bad_urls');
    
    $banned_bad_urls_display = '';
    
    // http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls
    if(!empty($banned_bad_urls)) {
    	foreach($banned_bad_urls as $banned_bad_url) {
    		$banned_bad_urls_display .= $banned_bad_url."\n";
    	}
    }
    
  5. Then add the HTML form for ban settings page on wp-admin. Find the <tr> section for Banned Exclude IPs row. Add the following HTML code.
    <?php // http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls ?>
    <tr>
    	<td valign="top">
    		<strong><?php _e('Banned Bad URLs', 'wp-ban'); ?>:</strong><br />
    		<?php _e('Start each entry on a new line.', 'wp-ban'); ?><br /><br />
    		<?php _e('Examples:', 'wp-ban'); ?><br />
    		<strong>&raquo;</strong> <span dir="ltr">includedir=http://</span><br /><br />
    		<?php _e('Notes:', 'wp-ban'); ?><br />
    		<strong>&raquo;</strong> <?php _e('Will match part of request URLs.', 'wp-ban'); ?><br />
    		<strong>&raquo;</strong> <?php _e('Make sure it\'s unique enough that it doesn\'t match your post URLs.', 'wp-ban'); ?>
    	</td>
    	<td>
    		<textarea cols="40" rows="10" name="banned_bad_urls" dir="ltr"><?php echo $banned_bad_urls_display; ?></textarea>
    	</td>
    </tr>
    
  6. Save the file. Then continue on to the next page for editing wp-ban.php file.

Pages: 1 2 3

2 Responses to “Updating wp-ban to include bad URLs”

  1. tygern8r Says:

    AWESOME!! Thanks for the work. I\’ve been getting nailed by some Koreans constantly trying the SERVER[DOCUMENT_ROOT] over and over again. Even though I\’ve banned them by IP, WP-Ban isn\’t banning them. Hopefully this will take care of them. If not, I\’ll just have to htaccess them.

  2. Maresa Says:

    Kewl 🙂 Glad you like it …

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.