Skip to:

bbPress Security

  • Can I use this wp plugin for bbpress?

    < ?php


    Plugin Name: Block Bad Queries

    Plugin URI:

    Description: Protect WordPress Against Malicious URL Requests

    Author URI:

    Author: Perishable Press

    Version: 1.0


    global $user_ID;

    if($user_ID) {

    if(!current_user_can(‘level_10’)) {

    if (strlen($_SERVER) > 255 ||

    strpos($_SERVER, “eval(“) ||

    strpos($_SERVER, “CONCAT”) ||

    strpos($_SERVER, “UNION+SELECT”) ||

    strpos($_SERVER, “base64”)) {

    @header(“HTTP/1.1 414 Request-URI Too Long”);

    @header(“Status: 414 Request-URI Too Long”);

    @header(“Connection: Close”);






    And tell me how can I make my forums more secure?

    Nedd Tips and Tricks!!

    And did anyone make any security concern plugin for bbpress?



Viewing 2 replies - 1 through 2 (of 2 total)

  • chrishajer


    I think it would probably work if you changed the user check to reflect bbPress users and not WordPress users and levels.

    _ck_ posted something similar a while back on the trac site about blocking long query strings. Maybe she will post here about this.

    simple WordPress and bbPress security plugin to block long requests



    Someone copied my plugin (they used ALL of my lines then added a few) but they defeated the entire purpose.

    Their code only runs if there is an active user, if someone is not logged in and there is a loophole, the code would run unchallenged.

    Plus they exclude admin, so if there is a hacked account, the code is also bypassed.

    Here is my improved version of my original code

    if (strlen($_SERVER['REQUEST_URI'])>255 ||
    header('HTTP/1.1 414 Request-URI Too Long');
    header('Status: 414 Request-URI Too Long');
    header('Connection: Close');

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.
Skip to toolbar