Forgotten Password Attack On WordPress
The WordPress Firewall plugin notified me of a new attack on my WordPress site today; an attempt to inject a file named “fgiwfi.php” via a “password_forgotten.php” injection. This was quickly followed by another e-mail alerting me to an attack from the same IP using the same forged link on another of my pages, but this [...]
Wanted: Enhanced Theme Preview Plugin
WordPress has a nice feature that allows you to preview your site in a different theme, but you must click on each individual theme to preview it. There are plugins and even the ?preview_theme= method available as well. But one feature I have not seen yet is the ability to scroll through the various themes [...]
TinyMCE Advanced Editor And MarkItUp
I love the TinyMCE Advanced Editor plugin for the WordPress Admin functions with posts and pages. So, I was dismayed when I lost its cool functionality recently. I went so far as to deactivate all my plugins, but I still could not get the toolbars to appear in the edit pages again. Today, I took [...]
Defending Against A SQL Injection Attack
One of my sites came under a SQL Injection attack today. The attacker used the following to attempt to attempt access: /wp/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58), 666,CHAR(58))+FROM+wp_users+where+id=1/* I have the SEO Egghead WordPress Firewall and Lester Chan’s WP Ban plugin, so the notification of an attempt and the ability to block it were quick, but protection began early. Changing [...]
WordPress As An E-Commerce Platform
I have maintained two commercial websites for over a year by using Java Servlets to serve up the pages. I maintained news releases, kept a Frequently Asked Questions section, integrated third-party tools for forums, support tickets and the like and updated the content frequently (i.e. spent a lot of time compiling, ftp’ing files, etc.) Recently, [...]
Bugs Dashboard
WMPNJ Software
