WordPress Plugin: Square Bracket Hack Prevention

The Square Bracket Hack Prevention plugin prevents a simple but very common exploit of WordPress, by adding in a .htaccess rule preventing hackers from adding a "[" to the URL.

A common attempt at a WPSOS exploit is to add a "[" to a URL, which can often break a site and expose an ability to inject code. This plugin stops it by banning all attempts at adding a "[" to the URL. It does so via adding code to the .htaccess file.

Additionally, upon the uninstallation of the plugin, the line is removed. And if the .htaccess file is not editable, then the admin user is warned.

The installation and use is very straightforward. You should:

1. Upload the folder `square-bracket-hack-prevention` to the `/wp-content/plugins/` directory
2. Activate the plugin through the 'Plugins' menu in WordPress

If you have any suggestions, please let us know! You can contact us via http://wpsos.io/.

Leave a Comment

Your email address will not be published. Required fields are marked *