Hacking

prevent hacking?

No. There are a ton of plugins that can help in that regard though.

Perhaps your search-fu no worky.

There’s a search function?

you wouldn’t know it ?? I can see you are acclimating well to being around longer than a day or two. It can turn you smug, you know.

That old saying “when youve walked in someones shoes..” really applies around here. ??

Well whooami,

We’ve certainly had quite a history together over the past few months or so, but I think we’ve come to a pretty good common understanding with a mutual respect.
??

I searched already with no luck. and you take that Female simon cowell of word press thing to serious. i hope your getting payed.

Please, also review Hardening_WordPress.

Thanks for the help Michael

I suppose I could give you the link to this plugin.

thanks

And this site also has some good stuff:
https://blogsecurity.net/

i just upgraded to v2.5 after my 2.1.1 was infiltrated. while preparing for the changes/upgrade i did create a htaccess configure for the wp-admin directory as described in hardening wordpress. but fortifying the directory made this too difficult for humans who wish to access the site for comments.

if we are just trying to stop robots isn’t there code that goes into wp-admin that filters out characters like single quote, double quote, slash, back slash, semi colon, extended character like NULL, carry return, new line, etc. this setup makes it tough on sql injections without normal humans even knowing about the extra security.

also wish there was a way to make a new registration have to confirm via an email response. i get so many fake registrations.

Always make sure that you have the latest version of WordPress. I know this can be frustrating depending on your specific setup, but that’s really the first step in security.

i get so many fake registrations.

I can provide the ultimate fix for that. I have stopped using deadbolt even since this is so much better.

Im not to sure about it being pluginable though, but if youre game to modifying 1-2 files, it is the show stopper for spam registrations (and I can prove it from my post logs).

And just something along those same lines.. try and find that captcha thing that works on the registration .. isnt there one, wasnt there one??

The spam registrations are scripted and easily thwarted by adding anything to the current registration fields. That or removing/renaming something. You just need to check, on the other side of the form submission that what you asked for was what you received.
—

Edit: on second glance, it might be 3 files, but done correctly,.. maybe ill write this up, and include some really good commenting.

You might even do most of the work, with the custom fields for registration plugin, if there was one, is there one?? ??

whoo, no offense but you can talk yoda-like… anyway, a little more registration write up would indeed be beneficial and appreciated.

back to the htaccess barrier == is it effective to include some of this code to limit bot entries to just jpgs, pngs, and not executable codes, etc.? here are tips – any opines on some of these tips?

https://www.askapache.com/htaccess/security-with-apache-htaccess.html

you can talk yoda-like

ahahh, like Yoda from star wars?? ?? Thats cool.

I could have explained in more detail, but you would have probably ended up confused (more).