Plugin Sale! Save 15% on pro plugins with discount code: FALL2020
Web Dev + WordPress + Security
Year: 2015
17 posts

Protect Against WordPress Brute Force Amplification Attack

It seems the WordPress xmlrpc.php file is the target of another type of attack. Before, it was the XML-RPC Pingback Vulnerability. Now, it is the Brute Force Amplification Attack. This post explains what you need to know and then cuts to the chase with several ways to protect your site against this new malicious exploit, as well as all other related threats. Continue reading »

WordPress Plugin: Enable WP Database Tools

Here is a lightweight WordPress plugin that enables you to optimize and repair InnoDB and MyISAM database tables. It uses WordPress’ built-in database optimization tools to get the job done. There are lots of great database optimization plugins out there, but this one is aimed specifically at easily optimizing and repairing InnoDB tables. Although it also works on other types of tables, such as MyISAM. Continue reading »

What to do when your site gets hacked

Over the years, my sites have been hacked numerous times. Each hacking event was somewhat of a miserable experience at first, but ultimately educational and even enlightening. I’m not going to say that getting hacked was the best thing that ever happened to me, but it certainly wasn’t the end of the world. In this post, I want to share some important steps to take and things to keep in mind if and when you discover that your site has […] Continue reading »

s2Member vs. Easy Digital Downloads

s2Member (s2) and Easy Digital Downloads (EDD) are two of the top eCommerce plugins for WordPress. I’ve been using both plugins for quite awhile now and would like to explain some of their main differences. Both plugins are awesome in their own right, but there are some clear distinctions that could make one or the other an ideal choice depending on the scope and goals of your project. Hopefully the following comparison will help anyone out there arrive at the […] Continue reading »

The Art of Troubleshooting WordPress

If you are new to WordPress, or even if you have some experience, it may seem impossible to figure out why something isn’t working as expected. It would be nice if we could just wave a magic wand and have everything “fixed” automatically, but reality requires a bit more effort to diagnose and resolve issues. It would be impossible to describe troubleshooting steps for every possible issue, so this post stays focused on troubleshooting things in general. The goal here […] Continue reading »

Free and Open

The Web is a beautiful, incredible thing. It enables anyone with a connection to access an entire universe of human knowledge. The Web is like this because it is free and open. We the people built the Internet and it belongs to everyone. Each person may claim their own piece of the Internet, but no one person or group may claim ownership of its entirety. The Web Belongs to Everyone. If you feel the need to control or regulate something, […] Continue reading »

Action & Filter Hooks for User Submitted Posts

The free version of my WordPress plugin User Submitted Posts is better than ever, with a wealth of new action and filter hooks, enabling developers to customize everything from shortcode output to post data, alert messages and more. Drop in for a quick summary of all new USP hooks. Continue reading »

WordPress Enable PHP Strict Error Reporting

When developing WordPress themes and plugins, I like to enable PHP’s strict error reporting. That way all errors and notices can be recognized and dealt with accordingly. Plus, enabling PHP strict error reporting is pretty easy to do using a simple must-use plugin. Here’s how to do it.. Continue reading »

s2member notes

I use s2member (free version) and s2member Pro on a few of my sites. Have been for several years now. Over the course of time, I have amassed a healthy collection of notes, code snippets and techniques for customizing default functionality, adding features, and so forth. Gonna post the collection online for the benefit of any others who may be seeking for similar modifications and/or related information. Continue reading »

Redirecting Hash Fragments with .htaccess

During this year’s site redesigns, I noticed in the server logs some 404 errors for various WordPress comments. These 404 requests each involved a fragment identifier (i.e., character string beginning with a pound sign, #) being interpreted as its HTML entity hex equivalent, %23. It may not seem like a big deal, but these days every detail counts, so it’s wise to clean up as many 404 errors as possible. Thus, here is a simple .htaccess technique for redirecting hash-fragment […] Continue reading »

Back Into It

This year has been full of change, hard work, and lots of planning. First it was general clean-up, reorganization, and streamlining of online assets (e.g., axing unused domains, consolidating email addresses, closing old social media accounts, etc.). That may not sound like a lot of work, but after 15+ years working online, it was a LOT of stuff to go through and get organized. My goal is to simplify my process down to a focused stream of activity. This post […] Continue reading »

Block revslider Scans

One of the most annoying, persistent scans I’ve seen in a long time are those hunting for the revslider vulnerability. In the five or so months since the exploit was discovered, many sites have been compromised. And based on what I’ve been seeing in my traffic logs, the risk is far from over. Apparently every 2-bit script kiddie and their pet hamster wants a piece of the “revslider action”. Continue reading »

Updates Galore

Just a quick post to let people know about the updates now available for my various books and plugins. Basically the entire month of May was spent on plugin and book updates, so here is a quick summary of what’s new. Continue reading »

xy.css moved to Perishable Press

Recently I’ve been implementing SSL on my domains and have been streamlining and updating some projects along the way. Consolidating properties is a great way to simplify workflow and boost productivity, so I’ve went ahead and moved xyCSS from its own domain, xy.css, to its new home here at Perishable Press. Continue reading »

BBQ: Customize Firewall Rules

BBQ Firewall is a lightweight, super-fast plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall. Continue reading »

WordPress Plugin: SES Pro

SES Pro is a premium email newsletter plugin for WordPress. It is 100% shortcode-based with Ajax-powered signup forms that can be displayed anywhere. There are no monthly fees or limits on the number of subscribers, how many emails you can send, or anything else. It’s just a lightweight yet full-featured email-signup plugin that’s super-easy to use. Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
The Tao of WordPress: Become your own WordPress guru.
Thoughts
Watching. Waiting. Praying.
Got all of my free WordPress plugins updated for imminent WP 5.6 in early December. Pro plugin updates currently in the works.
7G Firewall now integrated into BBQ Firewall (free version). Pro version soon ;)
macOS Big Sur update complete. So far no crazy issues. Except TextEdit, which is completely screwed up and unusable. Replaced with free BBEdit.
Got so sick of macOS’ annoying “red dot” that I had to remove System Prefs from the dock. Come on Apple you can do better.
Beginning development of an Nginx version of 7G Firewall.
Happy Birthday to Perishable Press, celebrating 15 years online! :)
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.