Skip to content

Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security
  • Home
    • Welcome
    • Privacy Policy
  • Code base
    • PowerShellPowerShell code snippets, examples and info for Windows Server administrators. Maybe some AppCmd and DISM as well.
  • GNU Linux
    • MySQLMySQL performance tuning and optimization: optimize MySQL server and database
  • Security
  • Windows Server
  • WordPress
  • Donate

Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security
  • Home
    • Welcome
    • Privacy Policy
  • Code base
    • PowerShellPowerShell code snippets, examples and info for Windows Server administrators. Maybe some AppCmd and DISM as well.
  • GNU Linux
    • MySQLMySQL performance tuning and optimization: optimize MySQL server and database
  • Security
  • Windows Server
  • WordPress
  • Donate
You are here: Saotn.org ยป You searched for backdoor

Search Results for: backdoor

Set PHP handler accessPolicy (Request Restrictions) to Read in IIS

Disallow direct access to PHP files in wp-content/uploads/

  • Jan Reilink Jan Reilink
  • WordPress
  • 16 March 202024 August 2020

Secure wp-content/uploads in Linux Apache and Windows Server IIS

It’s recommended to disallow access to and execution of PHP files in wp-content/uploads folder. Preferably without the use of a security plugin. Blocking access to PHP files in WordPress wp-content/uploads folder is easily achieved with a .htaccess file on Linux Apache, or web.config accesssPolicy in Windows Server IIS, and here is how.

Read More »Disallow direct access to PHP files in wp-content/uploads/

Check WordPress Core files integrity

  • Jan Reilink Jan Reilink
  • WordPress
  • 16 December 20168 May 2020

Verify WordPress Core files md5 checksums against WordPress’ checksums API, using this standalone PHP file. I chose to use a standalone PHP script to check the md5sum of WordPress Core files against the API so you’re not dependent on a possibly hacked WordPress installation. This kind of guarantees the result can be trusted, as opposed to using a WordPress plugin. I think this is a better integrity check of WordPress Core files.

Read More »Check WordPress Core files integrity

HackRepair.com’s Bad Bots .htaccess in web.config for IIS

  • Jan Reilink Jan Reilink
  • Windows Server
  • 19 February 201622 January 2020

Jim Walker from HackRepair.com posted a 2016 version of his Bad Bots .htaccess on Pastebin. I offered Jim to translate his Bad Bots .htaccess to web.config, to be used with Windows Server IIS. And here it is, learn to protect your WordPress website with this web.config file!

Read More »HackRepair.com’s Bad Bots .htaccess in web.config for IIS

My WordPress web.config

  • Jan Reilink Jan Reilink
  • WordPress
  • 22 June 201524 September 2020

Do you host your WordPress website on Windows Server IIS? And are you having trouble with your web.config? I often receive questions about how to use a web.config file in WordPress on Windows Server, and which settings are important for a WordPress site. Maybe it’s because I’m a WordPress on Windows Server IIS enthusiast, so here is my web.config for your convenience (really, it’s not that special).

Read More »My WordPress web.config

Secure WordPress uploads folder, disable PHP execution

  • Jan Reilink Jan Reilink
  • Security
  • 19 April 201516 January 2020

Deny direct access to PHP files in wp-content/uploads/

The following PHP function secures your WordPress website by disabling the execution of PHP scripts in wp-content/uploads, on Windows Server IIS web servers. It creates a web.config file for this purpose.

Read More »Secure WordPress uploads folder, disable PHP execution

Exploit PHP’s mail() to get remote code execution

  • Jan Reilink Jan Reilink
  • Security
  • 7 September 201424 September 2019

Exploit PHP’s mail() function to perform remote code execution, under rare circumstances.

Read More »Exploit PHP’s mail() to get remote code execution

Grep for forensic log parsing and analysis on Windows Server IIS

  • Jan Reilink Jan Reilink
  • Security
  • 19 April 201317 June 2020

How to use GnuWin32 ported tools like grep.exe and find.exe for forensic log file analysis in Windows Server. In this article I’ll give some real live examples of using these ported GnuWin tools like grep.exe for logfile analysis on Windows servers. The article provides three example, as an alternative to LogParser, because finding spam scripts fast is often very important.

Read More »Grep for forensic log parsing and analysis on Windows Server IIS

7 Snippets to use .htaccess as a Web Application Firewall

  • Jan Reilink Jan Reilink
  • Windows Server
  • 3 August 20111 December 2020

.htaccess to secure your website

Here are 7 .htaccess snippets for you to secure your website, by using .htaccess as a kind of Web Application Firewall (WAF). You can use this information to block exploits and rogue HTTP requests on your website.

Read More »7 Snippets to use .htaccess as a Web Application Firewall

Navigation

  • Home
    • Welcome
    • Privacy Policy
  • Code base
    • PowerShell
  • GNU Linux
    • MySQL
  • Security
  • Windows Server
  • WordPress
  • Donate

Recent Posts

  • ASP.NET web application monitoring in Zabbix, part 2
  • Monitor IIS application pools in Zabbix, part 1
  • Disable Joomla Contacts component (com_contact) in MySQL / phpMyAdmin
  • Disable WordPress XCloner Plugin logger in MySQL / phpMyAdmin
  • Force HSTS in Apache .htaccess
  • .NET Core 2.1, 3.1, and .NET 5.0 updates are coming to Microsoft Update
  • Manually install OpenSSH in Windows Server

Proudly hosted by

Tags

.htaccess (18) AppCmd (10) ASP.NET (15) Bash (19) IIS (60) linux (21) MySQL (34) OPcache (8) optimization (18) performance (14) PHP (55) plugin (14) PowerShell (48) security (44) SQL Server (10) SSL (15) URL Rewrite (17) web.config (21) web application security (17) website (17) WinCache (9) Windows (17) Windows 10 (9) Windows Server 2016 (8) WordPress (30)

Tip: also visit

Sysadmins of the North
WordPress hosting, ASP.NET & ASP.NET Core hosting – @Vevida
Reilink.nl

Thanks!

Thank you for your visit! Don’t forget to share this site with your family, friends and co-workers :-)

Donations are more than welcome and will be used for research new posts and hosting.
If you like this site or encourage its development, please use the form above. Or you can transfer a direct donation via Paypal or bank wire-transfer IBAN: NL31 ABNA 0432217258 (Jan Reilink). Thanks! :-)

Search

Archives

Neve | Powered by WordPress

  • Home
  • Code base
  • GNU Linux
  • Security
  • Windows Server
  • WordPress
  • Donate