You might have noticed from your dashboard that WordPress released yesterday 2.5.1 which they say has a “very important security fix”. They haven’t disclosed exactly what the fix is about. If you have already installed 2.5, then you better rush with upgrading to 2.5.1. I personally didn’t install 2.5 yet, because I tested with it [...]

• 3 Comments

This version follows 2.3. I don’t know why they skipped 2.4… maybe because of all the major changes in the admin area. Yes, the admin area changed to allow less cluttering. However if you do a lot with wordpress, I would recommend you to test first before upgrading. It could take a little of getting [...]

• 1 Comment

I am pleased to announce my first E-Book, that I am offering to anyone interested in building a secure WordPress site. This E-Book will cover points that are overlooked by many, who install WordPress scripts, yet most of the points discussed are crucial for the security of your site. E-book format: I created this E-Book [...]

• 10 Comments

WordPress is becoming more popular day by day, has evolved from a blogging to a CMS platform. I started learning about it from customers who sign up for my Hosting Service. More and more use WordPress than any other script offered. It amazed me how easily you can make your site unique by adding some [...]

• 2 Comments

If you allow users to register to your WordPress site, then I would suggest you to look at the “Roles Manager Plugin” WordPress Version 2.0 introduced the concept of Roles. Each Role has a set of permissions or is allowed to perform a set of tasks called Capabilities. If you allow anyone to register to [...]

• 0 Comments

Have you ever forgotten your password and tried to login multiple times to your bank account. After 3 failed attempts a message comes like “Your exceeded your login attempts. Please try later or contact our account reps” Brute Force Attacks or multiple failed login attempts are sometimes used by malicious users to gain access to [...]

• 0 Comments

Secunia reported Popular Wordspew plugin to have an input vulnerability which can be exploited to inject SQL commands to your wordpress installation. User supplied input to the parameter “id” could be exploited by malicious users to inject SQL. Here is how a visitor to your site can inject SQL through the plugin: From the URL [...]

• 0 Comments

WordPress users, please note WordPress has a new urgent release update. If you allow registration to you WordPress site, then I would recommend you to download and replace xmlrpc.php. WordPress 2.3.3 has other minor bug fixes as well, but if you are just looking for the security fix, then downloading xmlrpc.php should be good enough. [...]

• 0 Comments

Each wordpress version has it’s known vulnerabilities. It’s a good practice to show as little info about your site installation as possible. You don’t want to make your site an easy target. right? Well, ideally you should always upgrade to the latest version, but to be honest a lot of us put this at the [...]

• 9 Comments

The Block Magazine WordPress Theme is a new theme promoted by Adii. I took a look and like some of it’s features, specially on the sidebar Adii added Domtab integration into the sidebar to display either Recent Articles, Popular Articles or Most Commented Articles. You can edit it to display anything you like. This is [...]

• 3 Comments