WordPress Plugin: Square Bracket Hack Prevention

The Square Brack­et Hack Pre­ven­tion plu­g­in pre­vents a sim­ple but very com­mon exploit of Word­Press, by adding in a .htac­cess rule pre­vent­ing hack­ers from adding a “[“ to the URL.

A com­mon attempt at a WPSOS exploit is to add a “[“ to a URL, which can often break a site and expose an abil­i­ty to inject code. This plu­g­in stops it by ban­ning all attempts at adding a “[“ to the URL. It does so via adding code to the .htac­cess file.

Addi­tion­al­ly, upon the unin­stal­la­tion of the plu­g­in, the line is removed. And if the .htac­cess file is not editable, then the admin user is warned.

The instal­la­tion and use is very straight­for­ward. You should:

1. Upload the fold­er ‘square-brack­et-hack-pre­ven­tion‘ to the ‘/wp-con­tent/­plu­g­in­s/‘ direc­to­ry
2. Acti­vate the plu­g­in through the ‘Plu­g­ins’ menu in Word­Press

If you have any sug­ges­tions, please let us know! You can con­tact us via http://wpsos.io/.