2014 Feb
Monthly Archive

Protect Against Malicious POST Requests

Whether you like it or not, there are scripts and bots out there hammering away at your sites with endless HTTP “POST” requests. POST requests are sort of the opposite of GET requests. Instead of getting some resource or file from the server, data is being posted or sent to it. To illustrate, normal surfing around the Web involves your browser making series of GET requests for all the resources required for each web page. HTML, JavaScript, CSS, images, et al. But whenever you leave a comment, tweet something, or share on Facebook, the browser is sending your content, along […] Read more »

Protect Against Humans.txt Query-String Scans

I woke up this morning to the sound of thousands of 404 requests hitting the server. It’s sad that there are kiddies out there who have nothing better to do than buy some pathetic $50 script and then sit there like an imbecile harassing people for hours on end. But alas, that is the world we live in — fortunately it’s less than trivial to block the entire scan with just a few lines of good old .htaccess. Read more »

WordPress Plugin: USP Pro

After months of deleopment and a low-key “soft-launch”, I’m pleased to announce my first premium WordPress plugin, USP Pro, the supercharged version of my free WP plugin, User Submitted Posts. USP Pro enables you to create and customize infinitely many front-end forms and display them anywhere on your WordPress-powered site. Read more »

Testing HTTP Requests

Just a quick post with some tips for troubleshooting and testing HTTP requests. For example, if you have a plugin that sends requests behind the scenes via Ajax or cURL or whatever, it’s nice to have a way to view request details such as headers, the response, and everything in between. This article is aimed primarily at WordPress users, but contains more general tips and tricks as well. Read more »

2014 Micro Blacklist

Over the past several months, I’ve assembled a “micro” blacklist to keep some recent threats at bay. Eventually, this will be integrated into the next nG Blacklist, but for now I just wanted to post and share with anyone else who is actively monitoring their server logs and aware of the recent spike in malicious activity. Read more »

Theme Update: shapeSpace v1.7

shapeSpace is the starter WordPress theme that I use to build sites like Plugin-Planet.com and DigWP.com. I use it because it includes all of the most commonly used template tags and a minimal amount of clean markup. Additonally, shapeSpace includes robust theme settings and an import/export feature to save and restore theme settings as needed. Read more »

Latest Tweets CSS Dropdown Menu in WordPress: perishablepress.com/css-dropdo…