All Good Things Must Come To An End

As you all know, I have been doing WordPress plugins and supporting it for the past 6 years. These 6 years of my life, I have been through my polytechnic education, my national service as well as my university education.

I just graduated from university in December 2009 and have been looking for full-time jobs. I am offered a full-time job and will be starting work on 1st February 2010.

I regret to say that I am NOT ABLE to provide support for my plugins anymore due to my full-time job commitment. I will leave this forum open and let the community help one another.

However, I WILL still update my plugins whenever I can and you still can report bugs to me via email and I will try to fix it.


« previous next »
Pages: [1]   Go Down

Author Topic: Patch to ban includedir=http:// or _PHPLIB[libdir]=http:// access  (Read 2357 times)

0 Members and 1 Guest are viewing this topic.

Offline mnirwan

  • Newbie
  • *
  • Posts: 2
    • View Profile
Patch to ban includedir=http:// or _PHPLIB[libdir]=http:// access
« on: 06 September 2009, 07:50 »
I've just added a patch to ban URL matching includedir=http:// and the likes. Wordpress is not vulnerable to such exploit. However, people who does that may try to do it like tons of time skewing your StatPress page views and / or wasting your bandwidth.

Check out my post below for how to do it.

http://www.microshell.com/website_internet/security/updating-wp-ban-to-include-bad-urls/

Thanks.
Logged

Offline GaMerZ

  • lesterchan.net
  • Administrator
  • *****
  • Posts: 11,536
    • View Profile
  • WordPress Version: WordPress 2.9.x
  • Theme Name: lesterchan.net v3.4
Re: Patch to ban includedir=http:// or _PHPLIB[libdir]=http:// access
« Reply #1 on: 06 September 2009, 13:33 »
Wow, that is a good one! Could you add in the code to the dev version, http://downloads.wordpress.org/plugin/wp-ban.zip and then I will commit it to the SVN =)

Also perhaps you can post your name and URL to appear in the credit section of the readme.html
Logged

++ lesterchan.net - Lester Chan's Website

I regret to say that I am not able to provide support for my plugins anymore due to my full-time job commitment. I will leave this forum open and let the community help one another.

Offline mnirwan

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: Patch to ban includedir=http:// or _PHPLIB[libdir]=http:// access
« Reply #2 on: 06 September 2009, 18:05 »
 :) Glad you like it. Attached is the zip source code that I've applied the patch for banning bad URLs on your dev version. Let me know if there are problems.

BTW, my name is Maresa Nirwan. For URL, you can put my blog http://www.microshell.com

Thanks
Logged

Offline GaMerZ

  • lesterchan.net
  • Administrator
  • *****
  • Posts: 11,536
    • View Profile
  • WordPress Version: WordPress 2.9.x
  • Theme Name: lesterchan.net v3.4
Re: Patch to ban includedir=http:// or _PHPLIB[libdir]=http:// access
« Reply #3 on: 07 September 2009, 04:19 »
Thanks! I will commit it to the SVN when I am free -D
Logged

++ lesterchan.net - Lester Chan's Website

I regret to say that I am not able to provide support for my plugins anymore due to my full-time job commitment. I will leave this forum open and let the community help one another.
Pages: [1]   Go Up
« previous next »