Wordpress – Ways of the nix's

Google FLoC is a major security concern

Google is rolling out Federated Learning of Cohorts (FLoC) for the Chrome browser.

Debugging PHP-Mailer in WordPress

Handle the lack of information about errors in the wordpress phpmailer implementation

Installing WordPress from the command line

Sometimes you just need a step-by-step guide to copy+paste

Backup wordpress before upgrading

That’s what the title says, but what is the best way to do it..

Custom Post Type with Taxonomy

Posts and pages are two sides of the same coin, the main difference is that posts (a.k.a blog-posts) are sorted by date and have optional categories or tags, pages do not. Under the hood they are both called post_types but they have been initialized with different parameters. We will be creating our own post type… Continue reading Custom Post Type with Taxonomy

Useful SQL statements for everyday WordPress administration

Sometimes you just don’t have access to a fancy GUI like phpMyAdmin but you still need to make changes to the WordPress database. This article is about those times.

Customize WordPress Login CSS

I Wrote a plugin that attaches a hook to the login page and adds custom CSS. The plugin can be administered from your admin menu “Settings/ASBRA Login Plugin”. Simply add your CSS rules and click the “Save Changes” button.

Securing WordPress with .htaccess

Leaving your wp-login.php script or wp-admin folder accessible from the internet allows for bruteforcing of your passwords My way of solving this is by creating a randomly named folder e.g. “asbra” with som php code that sets a cookie which is required by the .htaccess file.

Unhacking a Hacked WordPress Site

A collection of commands to help you determine if you’ve been hacked, the same commands can be used to find obfuscated code and dangerous php in any other CMS system such as Joomla or Drupal.

xmlrpc.php

I was seeing lots of Warnings about POST-request to xmlrpc.php in the logfiles of modSecurity for apache. Turns out that wordpress uses the XML-RPC protocol that was created in 1998, the problem with having this enabled is that it encourages hackers to try and guess your password by making hundreds or thousands of login attempts… Continue reading xmlrpc.php