Author: Leon Wimmenhoeve
404 Not Found errors detected on your homepage
The 404 Blocking rule in Really Simple Security’s Firewall helps protect your site against malicious scanning attempts by blocking IP addresses that generate too many 404 Not Found errors while scanning your site for vulnerabilities (a detailed explanation is available here). If you see the following notice appear on the Really Simple Security Dashboard, this means that the plugin has detected 404 Not Found errors on the homepage of your site. In such cases, the plugin automatically deactivates the 404 Blocking
Our journey towards Really Simple Security
Really Simple SSL has rebranded to Really Simple Security as of version 9.0. Rogier Lankhorst originally launched Really Simple SSL in 2015 as a simple and performant solution to migrate WordPress sites to HTTPS/SSL. Back in 2015, getting WordPress sites up and running over HTTPS/SSL was often a cause for headaches. Website owners had to configure various aspects such as enabling a (performant) redirect from http to https, getting rid of mixed content and account for server-specific variables; to adjust
Suspected bots causing 404 errors
You might have received the following notice in your Really Simple SSL Dashboard about suspected bots triggering large numbers of “404 Not Found” errors on your site: This article explains why the plugin has built-in detection for large amounts of 404 pages being triggered, and the reasons why these are unlikely to be triggered by legitimate (human) visitors; but rather by bots. Finally, we will cover how to configure the Firewall in Really Simple SSL Pro to block bots that
Upgrade to 8.0
Really Simple SSL Pro 8.0: Another step towards Really Simple Security Perhaps it is one of the larger open secrets in WordPress, Really Simple SSL has been transitioning from a single-purpose SSL plugin towards a full-featured Security Plugin over the past year. As SSL encryption has really become a standard and need-to-have for any website, we felt that Really Simple SSL was in the unique position to introduce a Really Simple Security plugin to the WordPress ecosystem. We recognize (and
LiteSpeed Cache and Security Headers
If you are using LiteSpeed cache you may have problems updating your security headers. This is because LiteSpeed cache will prevent the loading of our advanced-headers.php file. The solution for this is to add rsssl_after_saved_fields to the “Purge All Hooks” list in the LiteSpeed cache settings. This will purge the LiteSpeed cache on every save of the Really SImple SSL settings. NOTE: This will not work for CSP learning mode because learning mode changes the headers without a manual save