Block Unwanted Content on Any Website (Without Sacrificing Privacy)
I like to read. All sorts of stuff. Especially social media posts. I can sit for hours scrolling thru threads, but it gets annoying when there is someone spamming or pushing an agenda, or just being stupid in general. So I looked back my notes and remembered that most browsers can be customized with user-defined stylesheets. This tutorial explains an easy way to use your own custom CSS to block unwanted content on any website. It works without requiring logging […] Continue reading »
The 404 Web
Over the years, I’ve changed thousands of URIs. Maybe hundreds of thousands if you count changing everything over from http:// to https://. It always feels kinda wrong to modify URIs. Maybe that comes with a basic understanding that Cool URIs don’t change. But I also understand that, in reality, URIs change constantly. It’s just the nature of the World Wide Web, an endless perpetually evolving flow of digital information, URLs and links included. As stated by the W3C: Continue reading »
Notes on Logging Into WordPress.org via Authenticator App
So yesterday I got a new phone and could not log in to my account at WordPress.org. Why? Because I had enabled Two-factor authentication (2FA) on my account as an extra layer of security. I had been completing this 2FA step on my old phone using the Google Authenticator app, which works great. The problem is that I had not yet transferred my Authenticator codes to my new phone. So when I tried to log in to my WordPress.org account, […] Continue reading »
How to Block Darknet Market Spam
Lately my some of my WordPress-powered sites have been hit with a very specific brand of comment spam, which may be referred to as “darknet market spam”. The spam is simple but persistent. And there’s a LOT of it. Very annoying. Fortunately it is trivial to stop. Here are a few ways to block teh darknet market spam.. Continue reading »
Ultimate Block List to Stop AI Bots
More than you might think, AI (Artificial Intelligence) and ML (Machine Learning) bots are crawling your site and scraping your content. They are collecting and using your data to train software like ChatGPT, OpenAI, DeepSeek, and thousands of other AI creations. Whether you or anyone approves of all this is not my concern for this post. The focus of this post is aimed at website owners who want to stop AI bots from crawling their web pages, as much as […] Continue reading »
8G Firewall Update v1.4
Good news! The 8G Firewall is updated to version 1.4. This latest update resolves numerous false positives and bugs that have been reported since version 1.3, when 8G was taken out of beta and officially launched last year. Continue reading »
Examples of Email Phishing in 2024
I enjoy sharing the pathetic phishing emails that make it past my spam filters. After watching various waves of phishing campaigns come and go over the past 20 years, I have come to accept that it’s just a part of life on the Web. Phishing scams have been happening since the dawn of the Internet, with no signs of stopping anytime soon. About the best you can do is practice safe email handling practices and never open any links or […] Continue reading »
3 Ways to Disable WordPress XML-RPC for Better Security
I’ve written before about how to protect WordPress XML-RPC and why it’s important. In this quick post, I explain three easy ways to to disable WordPress XML-RPC to help improve the security of your WordPress-powered site. Continue reading »
8G Firewall Addon: Protect Against Rogue PHP File Attacks
Been getting hit with massive attacks on all sites. Very large VPN/proxy network. Relentless requests 24/7, thousands of requests every minute, just non-stop attacks. All URL requests targeting rogue PHP files. The attacks were weighing on precious server resources. Server held up fine but this nonsense needed to stop. So I wrote a tight little addon for my 8G Firewall. Blocks the entire attack with just a few clicks.. Continue reading »
Get Yourself Some Backup Internet Service Providers
As a full-time web developer and typical human being, I rely on the Internet for a great many things. So when the Internet is not available, my work (and play) comes to a grinding halt. Fortunately my primary ISP is pretty solid, but it still goes down every once in a while. So to maintain my workflow (and general sanity), having a backup Internet service provider is absolutely essential. Here’s one way to do it.. Continue reading »
Heavy Scans for Low-Hanging Fruit
I’ve been working on developing the 8G Firewall. Digging through log files and crunching the data, the big new trend I’m noticing is heavy scanning for easy targets, low hanging fruit. Bad actors are looking for any little hidden files stashed on your server. Mostly PHP files, also ZIP and RAR files, and other file formats commonly used for compressing and archiving content. Basically, anything that might contain useful information (like login credentials, database backups, email addresses, etc.). Also, 99% […] Continue reading »
BBQ Firewall – Count Blocked Requests
BBQ Firewall is built to be powerful, lightweight, fast and flexible. It’s code base is kept super lean, leaving extra functionality out of core while supporting new features via simple addons. For example, this tutorial shows how to use an addon to display the total number of blocked HTTP requests on the plugin settings page. This can help you get a basic idea of the plugin’s effectiveness. Continue reading »
Enable Logging for nG Firewall
This tutorial is for users of my nG Firewall, version 8G or better. It explains how to enable logging for all blocked requests. This is useful for testing, debugging, and keeping an eye on things. Takes only a few minutes to set up, and of course it’s all open source and 100% free for everyone :) Continue reading »
8G Firewall
After more than a year of beta testing, 8G Firewall is ready for use on production sites. So you can benefit from the powerful protection provided by the latest evolution of the nG Firewall (aka nG Blacklist). The 8G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. 8G is a lightweight (only 17KB) strong firewall that provides site security and peace of mind. […] Continue reading »
About nG Firewall
The nG Firewall is a carefully crafted set of security rules for Apache and Nginx servers. nG may be applied via your site’s public root .htaccess file, or added via server configuration file. Once added, 8G provides powerful server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. It’s a lightweight yet super strong firewall that improves site security and peace of mind. Continue reading »
Block Random String Comment Spam
Recently WordPress sites have been getting hammered with random-string comment spam. The attackers are clever, using random text strings for every vector except the payload, which usually is the URL used for the comment’s Name link. But for these weird comment spams, the apparent payload is the email address. It’s the only part of the comment that’s not made up of random gibberish. Continue reading »
