How to use PHP code to prevent malicious URL requests on a WordPress site

Learn how to protect WordPress sites from malicious URL requests. This article explains how to use a short code snippet to protect WordPress sites from malicious URL requests.

Protecting your WordPress site from malicious URL requests

Always perform a backup before you make any changes to the theme files. If you break any codes, it will be easier to revert your site to its last good known state. Alternatively, you could also create a child theme. Read this link on how to create a child theme:

Follow the steps below to edit your Theme setting file to protect WordPress site from malicious URL requests:

  1. Log in to your WordPress site with an administrator account.
  2. On the Dashboard in the left sidebar, click Appearance, and then click Theme Editor:


  4. On the Theme Editor , select the Theme you want to edit from the dropdown:


  6. The files for this selected theme are listed on the right column under Theme Files. Click on the file named “functions.php”:


  8. Insert the following code to the end of functions.php file and click Update File Button to save the changes:

    global $user_ID; if($user_ID) {
        if(!current_user_can('administrator')) {
            if (strlen($_SERVER['REQUEST_URI']) > 255 ||
                stripos($_SERVER['REQUEST_URI'], "eval(") ||
                stripos($_SERVER['REQUEST_URI'], "CONCAT") ||
                stripos($_SERVER['REQUEST_URI'], "UNION+SELECT") ||
                stripos($_SERVER['REQUEST_URI'], "base64")) {
                    @header("HTTP/1.1 414 Request-URI Too Long");
                    @header("Status: 414 Request-URI Too Long");
                    @header("Connection: Close");

Get Managed WordPress Hosting

Article Details

Other Articles in This Category

Show More

Related Articles

Show More

Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.

Usamos cookies con el fin de personalizar para usted nuestro sitio Web y analizar el uso de éste. Usted acepta esto haciendo clic en “Acepto” o al continuar usando el sitio Web. Hay más información sobre cookies en nuestra política de privacidad.