Blocking external POST requests.


Malicious POST requests from a different domain can be a security threat and the intent behind this attempt is to hack a website. We could easily block these attempts with a very simple step. So, let’s see how this can be done.

I assume you opened the .htaccess file already and this is the file where we will add codes. Please copy these following codes and paste them into your .htaccess file, save the file. Yes, from now on, you are protected from such malicious attacks. 

Here the codes are,

<IfModule mod_rewrite.c>
	RewriteCond %{REQUEST_METHOD} POST
	RewriteCond %{REQUEST_URI} (wp-comments-post|wp-login)\.php [NC]
	RewriteCond %{HTTP_REFERER} !(.*)novicecamp.com [NC,OR]
	RewriteCond %{HTTP_USER_AGENT} ^$
	RewriteRule .* - [L]
</IfModule>

Note: You are seeing it is written novicecamp.com in that code, please delete it and add your domain there (the website you want to protect). 

Thanks for reading.

4 thoughts on “Blocking external POST requests.

  • March 5, 2019 at 5:06 pm
    Permalink

    Hiya, I’m really glad I have found this info. Nowadays bloggers publish just about gossips and net and this is actually frustrating. A good website with exciting content, that is what I need. Thank you for keeping this website, I will be visiting it. Do you do newsletters? Cant find it.

    Reply
    • March 5, 2019 at 6:21 pm
      Permalink

      Thank you Christian Spellane. I was also thinking about adding newsletters but I forgot it. Thanks for reminding me of it. I will add it soon.

      Reply
  • March 16, 2019 at 12:10 pm
    Permalink

    Howdy! Do you use Twitter? I’d like to follow you if that would be ok.I’m absolutely enjoying your blog and look forward to new updates.

    Reply
    • March 16, 2019 at 2:54 pm
      Permalink

      Thank you “Marine Morten”. Since this is a new website and I am still working hard to implement it. I will add shares and newsletters soon and a few more functionalities.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *