IP Restrict wp-login.php to Keep Bots From Slowing You Down

1 minute read Published:

It’s something that is often overlooked, but for security and speed, you should IP restrict your /wp-login.php file. I’ve had many sites go down because there’s someone trying to brute force the admin login, and even if it doesn’t take them down entirely, it tends to slow them down. Why? With any finely tuned site, users are mostly hitting static files. CSS, JS, images, cached pages, and so on. When they hit /wp-login.

Sterilize Your Inputs, Protect Against SQL Injection

2 minute read Published:

I write this not with the intent of telling people how to hack, but with the hopes that people will realize how easy it is to protect against. How to Hack Poorly Coded Forms The basic idea in SQL injection is that the app puts together a database query based on the input you’ve entered. If you enter the right input, and the app doesn’t check for it, you can control the database.