Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security
Author: Jeff Starr
953 Posts
Jeff Starr is a web developer, author, and teacher specializing in web security and building awesome things with WordPress. His favorite online projects include Plugin Planet, DigWP.com, and WP-Mix.com. Jeff writes books, runs his own business, writes about web development, and makes video tutorials at Lynda.com/LinkedIn. More »

WordPress Plugin: Show Support Ribbon

Show Support Ribbon is a free WordPress plugin that displays a customizable “show support” ribbon, banner, or badge on your site. Show support for your favorite cause, event, charity, political event, or anything else that’s awesome. Show Support Ribbon includes four built-in ribbon styles and makes it easy to customize further with your own CSS. Continue reading »

CSS Hooks for Contact Coldform

Here is a complete list of CSS hooks (selectors) for the freshly revamped WordPress plugin, Contact Coldform. Continue reading »

WordPress Plugin: Simple Blog Stats

Simple Blog Stats is a free WordPress plugin that provides a wealth of shortcodes and tags to display a variety of unique statistics about your site. Stats about your blog include total number of categories, comments, posts, users, tags, and more. SBS also displays recent comments and recent posts in posts, pages, and anywhere in your theme. Plus additional stats for Custom Post Types, word counts, and much more. Continue reading »

BBQ Firewall (Free WordPress Plugin)

BBQ Firewall is a lightweight, super-fast plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall. Continue reading »

WordPress Plugin: Simple Custom Content

Simple Custom Content is a free WordPress plugin that makes it easy to add custom content to your posts and feeds. SCS enables you to add custom content to all of your posts and all of your feeds, and provides several shortcodes for adding custom content in specific posts, pages, and just about anywhere. Continue reading »

WordPress Plugin: Simple Statistics for Feeds

Simple Statistics for Feeds is a free WordPress plugin that makes it easy to track your feeds, add custom content, and display your feed statistics on your site. Simple Statistics for Feeds (SFS) tracks your feeds automatically, and provides a wealth of tools and options for further configuration and management. To see Simple Statistics for Feeds in action, check out my code-snippets site, WP-Mix.com (you can find the SFS count badge in the sidebar on any page). Continue reading »

SFS Open Tracking

In the Simple Feed Stats plugin, Open Tracking enables you to track any web page or feed anywhere on the Web. This is done by using the open-tracking URL as the src for any <img /> tag. The SFS plugin then collects and displays the data, and provides shortcodes and template tags to display your feed stats anywhere on your site. In this post, we’ll see how to implement Open Tracking, walk through some examples, and glean a few tips […] Continue reading »

expose_php, Easter Eggs, and .htaccess

A reader recently brought to my attention a reported vulnerability on servers running PHP. It’s been known about for eons, but it’s new to me and it involves easter eggs in PHP so I thought it would be fun to share a quick post about what it is and how to prevent leakage of sensitive information about your server. It only takes a moment to disable the easter-egg information, should you decide to do so. Continue reading »

30+ Online Drawing Tools

Here are some great online drawing tools for those who like to draw and work online at the same time. Way back in 2006, online drawing tools were few and far between, especially anything with collaborative functionality for multi-user action. Back then, the choices were basically Groupboard and LiTha-Paint. But the scene is much improved, with some amazing single- and multi-user drawing tools available for getting creative and having fun. Here’s a round-up of our favorites.. Continue reading »

Protect Against Brute-force/Proxy Login Attacks

For the past week, I’ve been monitoring activity from a set of IP addresses involved with brute-force login attacks. Brute-force login attacks involve systematic guessing of passwords using various common usernames such as “admin” and “username”. So for example, an attack will target an array of sites, use “admin” as the username, and then make numerous attempts at “guessing” your password. And to obfuscate their malicious activity, the attack is executed from multiple IP addresses, either via proxy or possibly […] Continue reading »

New Book: .htaccess made easy

I’m proud to announce the launch of my new book on .htaccess, titled .htaccess made easy. It’s a book I’ve been wanting to write for years, since first getting hooked on .htaccess way back in 2006. Since then, I’ve learned a lot about .htaccess, Apache, security, and web-design in general — with many articles on the topic published here at Perishable Press and elsewhere on the Web. Everyone kept inspiring me to bring it all together and write a book […] Continue reading »

bbPress Theme Template Files

For those getting into bbPress for hosting your own forum, customizing your bbPress theme files can be difficult if you don’t know which page to load. Many of the bbPress theme template files contain enough clues to figure things out, but not every template file is used by default, or even at all depending on how you’ve configured bbPress. Themes may contain different template files, but the default “bbPress (Twenty Ten)” theme (included with version 2.1.1) may be considered a […] Continue reading »

Clean Markup Widget for WordPress

Squeaky clean. When adding content to your sidebar, it’s nice to be able to output clean, well-formatted markup. There are several ways to do this, including adding HTML directly in the theme template, installing a plugin, or simply using a widget. Widgets provide a great way of customizing sidebars and other widgetized areas, but as you may have seen in the source-code, the HTML is treated with all sorts of additional attributes, elements, and classes. Sometimes, you just need a […] Continue reading »

Tale of a Hacked Website

I love a good story. Almost as much as I enjoy securing websites. Put them together and you’ve got suspense, intrigue, and plenty of encoded gibberish. But no happy ending this time, in this case the smartest decision was to “pull it” and rebuild. The site was just wasted — completely riddled with malicious code. Without current backup data, it would’ve been “game over” for the site, and possibly the business. Continue reading »

3D Text with CSS3 text-shadow

Here’s a fun way to make text look 3D using CSS3. Using CSS whenever possible instead of images has several key advantages, including faster page-loads and better SEO I use the CSS text-shadow technique in a previous theme, and a few people had asked about it, so here it is: everything you need to create your own stunning 3D-text with CSS3.. Continue reading »

Encoding & Decoding PHP Code

There are many ways to encode and decode PHP code. From the perspective of site security, there are three PHP functions — str_rot13(), base64_encode(), and gzinflate — that are frequently used to obfuscate malicious strings of PHP code. For those involved in the securing of websites, understanding how these functions are used to encode and decode encrypted chunks of PHP data is critical to accurate monitoring and expedient attack recovery. Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
GA Pro: Add Google Analytics to WordPress like a pro.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.