Spring Sale! Save $10 on The Tao of WordPress and book bundles with Digging Into WP and .htaccess made easy – Coupon code: Spring2014Get books »
Jeff Starr
Author Archive

How to Purge Deleted Dropbox Files

About a week ago, I sent a support request to Dropbox asking how to purge deleted files. Never heard anything back, but I figured that I would ask here to see if anyone knows the magic recipe. Here is the support question I sent to the Dropbox team: Read more »

Protect Against Malicious POST Requests

Whether you like it or not, there are scripts and bots out there hammering away at your sites with endless HTTP “POST” requests. POST requests are sort of the opposite of GET requests. Instead of getting some resource or file from the server, data is being posted or sent to it. To illustrate, normal surfing around the Web involves your browser making series of GET requests for all the resources required for each web page. HTML, JavaScript, CSS, images, et al. But whenever you leave a comment, tweet something, or share on Facebook, the browser is sending your content, along […] Read more »

Protect Against Humans.txt Query-String Scans

I woke up this morning to the sound of thousands of 404 requests hitting the server. It’s sad that there are kiddies out there who have nothing better to do than buy some pathetic $50 script and then sit there like an imbecile harassing people for hours on end. But alas, that is the world we live in — fortunately it’s less than trivial to block the entire scan with just a few lines of good old .htaccess. Read more »

WordPress Plugin: USP Pro

After months of deleopment and a low-key “soft-launch”, I’m pleased to announce my first premium WordPress plugin, USP Pro, the supercharged version of my free WP plugin, User Submitted Posts. USP Pro enables you to create and customize infinitely many front-end forms and display them anywhere on your WordPress-powered site. Read more »

Testing HTTP Requests

Just a quick post with some tips for troubleshooting and testing HTTP requests. For example, if you have a plugin that sends requests behind the scenes via Ajax or cURL or whatever, it’s nice to have a way to view request details such as headers, the response, and everything in between. This article is aimed primarily at WordPress users, but contains more general tips and tricks as well. Read more »

2014 Micro Blacklist

Over the past several months, I’ve assembled a “micro” blacklist to keep some recent threats at bay. Eventually, this will be integrated into the next nG Blacklist, but for now I just wanted to post and share with anyone else who is actively monitoring their server logs and aware of the recent spike in malicious activity. Read more »

Theme Update: shapeSpace v1.7

shapeSpace is the starter WordPress theme that I use to build sites like Plugin-Planet.com and DigWP.com. I use it because it includes all of the most commonly used template tags and a minimal amount of clean markup. Additonally, shapeSpace includes robust theme settings and an import/export feature to save and restore theme settings as needed. Read more »

Book Sale!

As mentioned, I’ve been super busy updating stuff, and have new versions available for Digging Into WordPress, .htaccess made easy, and The Tao of WordPress. To celebrate the updates, I’m having a “Fall Sale” on all books, with combo deals available for bundled books. Read more »

WordPress Plugin Updates!

It may not seem like it, but I’ve been super busy updating books, plugins, and websites with all sorts of new goodness. I just finished updating all of my WordPress plugins that are hosted at the WP Plugin Directory. Here is a complete list: Read more »

shapeSpace WordPress Theme

shapeSpace is the starter template that I use for creating my own WordPress themes and WordPress-powered sites. It’s evolved quite a bit along with WordPress over the years, striking what I find to be a good balance between utility, flexibility, and performance. shapeSpace is basically a starter theme that combines a robust set of theme options with a lightweight set of template files. It’s a “premium” starter template that’s clean, current, and 100% free. Read more »

New Design and Updated Content

I’m getting back into the swing of things around here, now stepping it up with a new design, new tools, and lots of updated (and new) content, demos, scripts, and more. Here is a quick rundown of the new design and updated projects.. Read more »

2013 User Agent Blacklist

The 2013 User Agent Blacklist blocks hundreds of the worst bots while ensuring open-access for normal traffic, major search engines (Google, Bing, et al), good browsers (Chrome, Firefox, Opera, et al), and everyone else. Compared to blocking threats by IP, blocking by user-agent is more effective as a general security strategy. Although it’s trivial to spoof any user agent, many bad requests continue to report user-agent strings that are known to be associated with malicious activity. For example, the notorious “httrack” user agent has been widely blocked since at least 2007, yet it continues to plague sites to this day. […] Read more »

2013 IP Blacklist

When time allows, I like to post my collections of the worst IP addresses for the current year. Certainly, there are pros and cons to using an IP blacklist. In general, IPs are easily spoofed, change frequently, and are therefore unreliable as a general security strategy. But as a short-term solution, IP blacklists serve as an excellent method for dealing with specific and/or ongoing threats and attacks. Read more »

Latest Tweets Plug-n-play snippet to backup and restore theme options: digwp.com/2014/04/backup-resto… #wordpress