Search Engine Spider and User Agent Identification with “Ultimate User Agent Blacklist”

Search Engine Spider and User Agent Identification with “Ultimate User Agent Blacklist”

 

A user-agent is software (a software agent) that is acting on behalf of a user.
In many cases, a user-agent acts as a client in a network protocol used in communications within a client–server distributed computing system.

 

For more information view wiki
http://en.wikipedia.org/wiki/User_agent

 

Automated Agents is called as Bots.
http://user-agents.org has a complete list of all latest spiders/bots/user agents.
There are some more and those are anonymous (not known and have very different names).

 

If you develop a website and want to make the site accessible by some specific user agent or bots of a country, then you can update the information in your root .htaccess file.

 

As, Bot blocking blacklists are useless in some way as some rogue spiders just generate random user-agent strings so we will never have them in our list to start with, but We have tried list out as much as we can in the below zip file.

 

Ultimate User Agent Blacklist

 

What you have to done is, unzip the file and paste the code in your root .htaccess file, it will protect your website from unwanted crawling/indexing by anonymous bots.

 

If your website uses WordPress open-source, then can also use “Better WP Security” plug-in.
Just need to download and install the plug-in and go to “Better WP Security – Ban Users” Tab and enable “Enable Default Banned List”, you can also update the list according to your needs.

 

But please be careful before doing same, as it may affect your website’s core files and plug-in, So before doing this backup your website’s files and database.

 

Disable All WordPress Updates Notifications

First of all, there is no benefit of disabling plugin updates.

 

It is very important as I have previously said in the posts that you should keep your WordPress version as well as plugins up to date. If you don’t keep, then your site could be susceptible to security vulnerabilities or performance issues.

 

But as we are developers like this ability because we do not want the clients to upgrade a plugin himself (If it may breaks the site :-)) although this is not a good reason.
We are potentially risking security, performance, and additional features all because of a fear that the site will break down due to an upgrade, it’s bad it’s it?

 

Another reason that developers disable plugin updates is if they have customized the core files. You can also use a plugin like WP Manage plugins which allows you to disable plugin updates for specific plugins.

 

But if you want to hide all the updates related notifications, just all the below codes in your theme’s “functions.php” file.

 

<?php

//Disable WordPress Theme Updates 3.0+
remove_action( ‘load-update-core.php’, ‘wp_update_themes’ );
add_filter( ‘pre_site_transient_update_themes’, create_function( ‘$a’, “return null;” ) );
//Un-schedule all previously-scheduled cron jobs for WordPress themes versions/updates check
wp_clear_scheduled_hook( ‘wp_update_themes’ );

 

//Disable WordPress Plugin Updates 3.0+
remove_action( ‘load-update-core.php’, ‘wp_update_plugins’ );
add_filter( ‘pre_site_transient_update_plugins’, create_function( ‘$a’, “return null;” ) );
//Un-schedule all previously-scheduled cron jobs for WordPress plugin versions/updates check
wp_clear_scheduled_hook( ‘wp_update_plugins’ );

 

//Diasable WordPress Core Updates 3.0+
add_filter( ‘pre_site_transient_update_core’, create_function( ‘$a’, “return null;” ) );
//Un-schedule all previously-scheduled cron jobs for wordpress versions/updates check
wp_clear_scheduled_hook( ‘wp_version_check’ );

?>

Prevent spaces and specific unwanted substrings in WordPress usernames

You can prevent spaces and specific unwanted sub strings in WordPress usernames (restrict usernames wordpress), you have to prepared a regexp for this.

Prepare your regular expression and use the same in the below function.

After that put this function in your theme’s “functions.php” that’s it.

 

//Custom Function
/*
* add a filter to invalidate a username with spaces or have admin in keyword
*/

add_filter(‘validate_username’,’bpdev_restrict_space_in_username’,10,2);

function bpdev_restrict_space_in_username($valid, $user_name){

//check if there is an space in username
if ( preg_match(‘/\s|admin/’,$user_name) )
return false;//if yes, then we can say it is an error
return $valid;//otherwise return the actual validity
}

If you need any further help in this, left your comment.

Remove WordPress version number from the head section and RSS feeds & also from version parameter in JS and CSS files

Remove WordPress version number from the head section and RSS feeds & also from version parameter in JS and CSS files

 

By default WordPress adds a Meta tag in the headers which displays the current using WordPress version number.

This version number is added just for tracking the site on WordPress, it is not required by your application, but this information can be very much useful to hacker to identify which version of WordPress you are using.

If you are not using latest WordPress version, the hackers can target the known vulnerabilities in that version to hack your site.
You can check all the Vulnerability in “Open Sourced Vulnerability Database” founded at http://osvdb.org/

 

There are various ways that can be used to remove this information below is the best one.

 

Add these following codes to in your functions.php file of your theme according to your requirements.

<?php

/* Function to hide WordPress version number
*  from the head section and RSS feeds on your site.
*/

function my_remove_version_info() {
return ”;
}
add_filter(‘the_generator’, ‘my_remove_version_info’);
?>

 

Remove the “ver” parameter from all enqueued CSS and JS files in the page

<?php

/* remove wp version param from any enqueued scripts (css/js)*/
function vc_remove_wp_ver_css_js( $src ) {
if ( strpos( $src, ‘ver=’ ) )
$src = remove_query_arg( ‘ver’, $src );
return $src;
}
add_filter( ‘style_loader_src’, ‘vc_remove_wp_ver_css_js’, 9999 );
add_filter( ‘script_loader_src’, ‘vc_remove_wp_ver_css_js’, 9999 );
?>

 

Remove only the “ver” parameters which have WordPress version number from all enqueued CSS and JS files in your page.

<?php

/* remove wp version param from any enqueued scripts (css/js)*/
function vc_remove_wp_ver_css_js( $src ) {
if ( strpos( $src, ‘ver=’ . get_bloginfo( ‘version’ ) ) )
$src = remove_query_arg( ‘ver’, $src );
return $src;
}
add_filter( ‘style_loader_src’, ‘vc_remove_wp_ver_css_js’, 9999 );
add_filter( ‘script_loader_src’, ‘vc_remove_wp_ver_css_js’, 9999 );
?>

 

It is always recommended that you have the most updated version of WordPress.