(Specifically #4, #3 and #2 are security related.)

I used to use the plugin Bad Behaviour; however I’ve since removed it since it was incorrectly shutting some users out. On one occasion it even locked me out!

When I read your post it made me think about the necessity of such code. So much so that I had a DM conversation with one of the WordPress developers on Twitter. Their response reads, “It’ll protect from a narrow subset of attacks for sure but the best thing is to keep s/ware up to date!”.

I’m no coder and I’m cautious at the best of times when adding additional code to my WordPress sites. I applaud your contribution and made my earlier comment to suggest that people should feel encouraged to use several solutions and not just one. Something you did in fact cover in your article which I missed originally, “Once the plugin is activated, it will silently and effectively close any connections for this type of injection attack.”
.-= Rob´s last blog ..How to: Use Twitter to get better customer service =-.

I know I may be somewhat of a code and security freak, so please bear with me

Thanks a lot for visiting and your awesome input.

The script is really in direct response to many sites being exploited by malicious code injections last year. Though, I do agree that the method is pretty aggressive, but useful nonetheless. As for false positives, after doing some further investigation, there have been rare cases where the alarms went off but no true “threat” existed. I would love for you to share your knowledge on the subject and you are free to link as long as it is relevant. Its all about sharing information that proves to be useful for all.

Thanks again for commenting, hope to see you here again.

There are a number of plugins that can help secure your installation in less aggressive manner. I covered some of these on a post I wrote recently (that I won’t link to right here since that would be blatant self promotion – if you are interested, then please let me know and I’ll forward over details).

I personally would worry about false positives when using code such as that detailed above. Looking forward to seeing more content from you and great theme.
.-= Rob´s last blog ..Visual Voicemail: An open letter to Vodafone UK =-.

Secure Your WordPress Blog Against Malicious URL Request – Important Security Plugin…

Secure Your WordPress Blog Against Malicious URL Request…