Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security
Author: Jeff Starr
953 Posts
Jeff Starr is a web developer, author, and teacher specializing in web security and building awesome things with WordPress. His favorite online projects include Plugin Planet, DigWP.com, and WP-Mix.com. Jeff writes books, runs his own business, writes about web development, and makes video tutorials at Lynda.com/LinkedIn. More »

WordPress and the Blank Target Vulnerability

For those who haven’t yet noticed, WordPress now adds rel="noopener" attributes for any external links added via the link Quicktag in the Visual/RTE. So if you enable the option, “Open link in a new tab”, WordPress automatically will add the rel noopener attribute to the link. This is to protect against CORS and other exploits that take advantage of blank-target links. It’s a smart move that may escape many in the WordPress community. So in an effort to help foster […] Continue reading »

Blocking the “ReallyLongRequest” Bandit

While browsing server logs, I kept seeing these super long request URIs that begin with “YesThisIsAReallyLongRequest…” and then the request string just keeps going for like 1 kilobyte worth of characters. Not just a few times, but many. In other words, somebody is going around and repeatedly hitting servers with gigantic-size requests. Probably to test server response using other people’s servers. Ummm, yeah kinda malicious. So I did some research and then blocked the “ReallyLongRequest” Bandit. Continue reading »

Basic Webpack Setup

Preparing for Gutenberg, I’ve been sharpening my JavaScript skillz. Getting further into things like Webpack, React, Node.js, and all sort of other awesome scripting adventures. As I dive further into JavaScript land, it’s amazing how much more quickly I am able to do things that I never had to do before relying so heavily on JavaScript. Even so, the extra tools are good to have in the ’ol developer tool belt, so I’ll be sharing much more about JavaScript stuff […] Continue reading »

Clearfix Hack Evolution: From Dumpster Fire to One Line of Code

Is the clearfix method of clearing floats still useful? It’s been years now and I think the answer is “yes”. For example, I use clearfix to clear floats in the site’s current design. It’s the “cleanest” way to clear floated elements without setting widths, hiding overflow, or floating (nearly) everything. I know what some of you are thinking: “Cleanest..? Clearfix is a hack. A total nightmare event.” Years ago that may have been the case, but not so much anymore.. Continue reading »

Wireless Camera Notes

Momentum Cam Over the years, I’ve gone through quite a few wireless wi-fi security cameras. Not because I am a gadget/new-tech junkie, but because all of the cameras I have tried so far work for awhile and then stop working, or never work properly in the first place. So in an effort to not repeat myself while maybe helping others who are looking for information, here is a post that I am dedicating to wi-fi camera notes. This includes things […] Continue reading »

Metamorphosis

After 9 grueling weeks, I am happy to say that the 2018 Perishable Press redesign is complete. There are still a few small details that I am contemplating, but overall the work is finished and the site is back to full production capacity. From the old Wire theme rolled out in 2013 (five years ago!), to the minimalist, lightweight X Theme, Perishable Press has metamorphosed into a lean, mean, content sharing machine. This is the 24th time Perishable Press has […] Continue reading »

Redesign in progress..

Pardon my dust! I am in the process of switching over to the site’s new design. Please report anything weird, otherwise please pardon my dust as the site settles in with its new theme :) Will post a full report soon! Continue reading »

WP Cron HTTP Auth

Welcome to the official homepage for my free WordPress plugin, WP Cron HTTP Auth. This page explains what the plugin does, how it works, and where to download and get support. The plugin actually is very simple, however, so there is not a lot to explain. If you are looking for plugin documentation, visit WP Cron HTTP Auth at WordPress.org. There you will find installation steps, support forum, translation tools, and more. Continue reading »

WordPress Plugin: Disable WP REST API

Welcome to the official homepage for my free WordPress plugin, Disable WP REST API. This page explains what the plugin does, how it works, how to test the plugin, and why anyone would anyone on earth want to disable the REST API, for crying out loud, all explained on this page. If that sounds like you, you’re in the right place. If you are looking for plugin documentation, visit Disable WP REST API at WordPress.org. There you will find installation […] Continue reading »

Contact Form X

Welcome to the official homepage for my free WordPress plugin, Contact Form X (CFX). This is a more personal look at the plugin, aimed at readers who are familiar with my work. Here you’ll find some screenshots, cool features, and of course some rambling backstory (because there is one). If you are looking for official plugin documentation, visit Contact Form X at WordPress.org. There you will find docs, download, installation steps, support forum, translation tools, and more. Continue reading »

BAM: 5 New WordPress Plugins. Ahh Yeh.

I’ve been super busy this year, cranking out some useful new plugins. Nothing as awesome as Banhammer Pro, but some pretty useful new plugins nonetheless. So I’m launching a total of five new WordPress plugins. The first four basically are utility plugins designed to make WordPress life easier. The 5th and final plugin (for awhile at least), is Contact Form X, which I am now using as the contact form here at Perishable Press. Contact Form X I know what […] Continue reading »

WordPress Plugin: Disable Gutenberg

For those still in the dark, WordPress 5.0 will bring HUGE changes to the post editor. Dubbed Gutenberg, the new WP post editor replaces the entire “classic” post editing screen. So as of WordPress 5.0 and beyond, the “Edit Post” screen will be completely replaced by a giant WYSIWYG content builder called “Gutenberg”. So much more is being replaced than just the content editor. The list of things that are replaced by Gutenberg include the RTE/Visual Editor, Plain Text Editor, […] Continue reading »

WordPress Plugin: Custom Fields for Gutenberg Block Editor

Currently Gutenberg does not display the Custom Fields meta box. Before Gutenberg, in WordPress 4.9 and earlier, the “Edit” screens in the WP Admin Area optionally displayed the Custom Fields meta box. The Custom Fields meta box is employed by millions of sites, themes and plugins. Including my own collection of WordPress plugins, which use custom fields for Posts, Pages, and many Custom Post Types. Basically Custom Fields are a critical part of WordPress functionality, so I wrote a plugin […] Continue reading »

Fix Gutenberg Errors

I’ve been exploring WordPress new Gutenberg functionality, and unfortunately keep encountering various weird errors. So to keep things organized and hopefully help others on the same path, I’m going to update this post with any Gutenberg errors for which I am able to find a solution. This includes any PHP errors, warnings, notices, as well as any JavaScript and/or debug/console errors. Continue reading »

Delete Shared/Saved Gutenberg Blocks

Been playing with WordPress new Gutenberg functionality. While exploring the new features, I created some Shared blocks via the “Convert to Shared Block” button. After another hour of playing with the Gutenberg API, there were a number of “orphaned” Shared blocks (just due to swapping out code snippets while testing). After some searching, I found it is possible to delete Shared blocks programmatically with JavaScript, but could not find any specific documentation or examples. So, I came up with an […] Continue reading »

Banhammer WordPress Plugin

Banhammer makes monitoring traffic and banning visitors crazy easy and fun. Say your forum is being harassed by some dirtbag. Or your admin directory is crawling with bad bots. Or some script kiddie is trying to brute-force your login page. Don’t just sit there and watch it happen.. drop the Banhammer on those fools and block them forever. Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
WP Themes In Depth: Build and sell awesome WordPress themes.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.