WordPress users, please note WordPress has a new urgent release update.
If you allow registration to you WordPress site, then I would recommend you to download and replace xmlrpc.php.
WordPress 2.3.3 has other minor bug fixes as well, but if you are just looking for the security fix, then downloading xmlrpc.php should be good enough.
Per WordPress: “a [...]

• 0 Comments

Each wordpress version has it’s known vulnerabilities. It’s a good practice to show as little info about your site installation as possible.
You don’t want to make your site an easy target. right?
Well, ideally you should always upgrade to the latest version, but to be honest a lot of us put this at the end [...]

• 9 Comments

The Block Magazine Wordpress Theme is a new theme promoted by Adii.
I took a look and like some of it’s features, specially on the sidebar Adii added Domtab integration into the sidebar to display either Recent Articles, Popular Articles or Most Commented Articles.
You can edit it to display anything you like. This is like jquery [...]

• 3 Comments

Many WordPress based websites have great themes, however I always come across some popular sites, where I think: “If they offer this or that feature, that could be perfect”
The good news is that Wordpress plugins can make up for almost any missing functionality. Many Wordpress theme creators even add plugins to their theme download to [...]

• 6 Comments

Wordpress is now very popular due to it’s ease of use, and the increasing number of themes and plugins freely available for download by the user community.
I knew that allowing comments, or visitors to upload photos can present additional risks to your wordpress site. Yesterday, I read a post by Alistair Croll that presented another [...]

• 4 Comments

David Kierznowski from BlogSecurity.net asked me to become a blogSec guest blogger, and write about my experiences with some blogs getting hacked.
Getting hacked can cause a lot of headache, specially if you don’t know what to do about it.
Unfortunately, most bloggers and site owners don’t really care about it, as they don’t care about backups.
When [...]

• 6 Comments

I just installed this plugin after reading Josh Lowensohn’s article about it.
This is a great plugin that will allow you to add an additional channel of distribution to your content. Audio ( voice of your content ).
Installation is pretty simple and quick, however you will need to proof listen to your post in addition to [...]

• 4 Comments

If your table prefix is “wp_” or “wp1_” or even “wordpress_”, then changing it will bring your Wordpress site security to a higher level.
By default Fantastico installation sets “wp_” as a prefix for each Wordpress table name. Since this is a known vulnerability, malicious users can exploit your data easily.
They specifically look for the wp_options [...]

• 67 Comments

wp-config.php is located in the main directory of your Wordpress installation and used by Wordpress to access the database.
This file includes your user id , password, and database name unencrypted.
Even though it is a .php file, meaning no one should be able to see it’s content from the browser, it just [...]

• 10 Comments