We’ve developed a new security plugin for WordPress which blocks all traffic to your site except for genuine content.
We estimate that this plugin already blocks over 1,000,000 requests per month for our hosting clients!
One website suggests that each web request costs 0.2 grams of carbon dioxide. If that’s correct then we’re already saving the planet 200Kg of CO2 per month!
We’ve been planning to create this plugin because we’ve been seeing a tidal wave of requests for files on WordPress sites that is heavily increasing the load on servers at best and allowing hackers to compromise sites or worse.
Examples of these requests are as follows …
- Attempts to download backup files
- Attempts to download the database
- Attempts to locate plugins with security holes
- Attempts to locate themes with security holes
- Attempts to locate other malicious code
Our plugin uses Apache’s .htaccess file to lock the WordPress site down to only serve genuine content. We have plans to make the plugin work with a Nginx server.
The plugin can be downloaded from the official WordPress repository.
We would like as much feedback on the plugin as possible so would be delighted if you would let us know if you discover any issues.