Who’s been sniffing around your WordPress website?

Pinocchio-sniffing Photo by Joe Penniston via FlickrThis week will be more tech-based than creative because those evil excuses for humankind, aka hackers, phishers, etc, force the good folk of the internet to take further measures to stay safe.

The latest consolidation of their evil effort can be best described as ‘sniffing’; they perpetually sniff around your website looking for weaknesses.

Again, this is why I’m not ashamed to promote our Web Maintenance Package but today I want to point you to some bonus code that allows you to apply a little extra tech love to your site, thanks to the great people behind the Bulletproof Security plugin which I’ve written about before.

I’ll sniff, huff and puff to mimic your site

Yes, I’m mixing metaphors and cartoon characters here but I’m happy to if it gets the point across.

From the sniffing through Pinocchio’s long nose to the huffing and puffing of the Big Bad Wolf,  hackers and their ‘bots’ are scouring your site looking for outdated plugins, weak passwords or other points of entry.

One of these attacks is the MIME sniffing attack in which the bad guys upload a file to a site that is poorly configured and then use that uploaded file to wreak havoc. Likewise, a driveby download attack is one where they load code into your site that masquerades as normal, harmless buttons but when pressed can download viruses etc into visitors’ computers.

The extra payload of badness with these hacks is that they mimic your site and damage your name as well as the computers of visitors.

Knock knock, who’s there? Just some lazy SEO spammer types

Another annoying issue at the moment is called referrer spam.

If you are diligent and look at the Google Analytics summary we place in the dashboard of your WordPress websites, you will see a running summary of activity and in the Top Referrers section you might sometimes see those creepy sites like semalt.com, buttons-for-your-website.com, 4webmasters.org, etc.

These are basically annoying sites sending enquiries to your site for no reason other than to pique your curiosity so you visit them back where either they will earn money from your traffic or, worse still, inject dangerous code into your computer.

Once again, the great people behind Bulletproof Security have created some bonus code to stop this nonsense.

If you want to install these bonus codes yourself, you will need the following:

  • A WordPress website running Bulletproof Security (all Baker Marketing websites come with this as standard)
  • About 10 minutes.

There are instructions for two separate bits of code to add to certain parts of the Bulletproof Security settings:

Of course, you can ask us to do this for you, just sing out.

The important thing is you will have some bonus protection to help your site live happily ever after.




  1. Gianfranco

    Do i have that extra security you wrote about?

    • Steve Davis

      Hi Gianfranco

      No, not be default. These settings are a new offer that only just became available. Have a crack at installing them or sing out for help if you needed.



Submit a Comment

Your email address will not be published. Required fields are marked *

Chat With Us On Messenger