Welcome to the new design! Please report any bugs or issues, thanks :)
Web Dev + WordPress + Security
Author: Jeff Starr
859 Posts
Jeff StarrJeff Starr is a web developer, author, and teacher specializing in web security and building awesome things with WordPress. His favorite online projects include Plugin Planet, DigWP.com, and WP-Mix.com. Jeff writes books, runs his own business, writes about web development, and makes video tutorials at Lynda.com/LinkedIn. More »

7G Firewall : Log Blocked Requests

This tutorial explains how to log requests that are blocked by the 7G Firewall. This is useful for testing, debugging, and just keeping an eye on things. Learn how to log requests from Apache mod_rewrite and download my custom 7G logging script. It’s a complete example that shows how to log rewrite requests via PHP. All open source and free :) Continue reading »

7G Firewall

The 7G Firewall is here! 7G is now out of beta and ready for production sites. So you can benefit from the powerful protection of the latest nG Firewall (aka nG Blacklist). The 7G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. Continue reading »

WordPress Error Fix: “Call to undefined function get_header()”

I’m seeing a big increase in bot attacks targeting theme files directly. First they get the URL to your theme directory. There are numerous ways for a bot to get this information. For example most themes include assets like CSS and JavaScript files, and the link includes the full URL. So then once they have the theme URL, bad bots will make direct requests for well-known theme template files, like index.php and header.php. Requesting template files directly may reveal possible […] Continue reading »

Ultimate Comment Blacklist for WordPress: How to Stop Spam Without Plugins

How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just wanna “get ’er done”, although each active plugin requires additional maintenance and server resources. Continue reading »

The Plan for 2019

The “Plan” for 2019: keep working hard and doing your best. Everything else will happen on its own. Less worry, less stress, less time in front of a screen. Work smarter, enjoy life more. You know, the usual inspiring things that people say as a new year unfolds. In short, go with the flow and stay focused. Continue reading »

Cleaning Up Google Search Results

This post is about how I cleaned up an incorrect URL in the Google search results. My business site is basically a one-page portfolio site, located at the URL https://monzillamedia.com/. But in the Google search results, the URL was showing as https://monzilla.biz/, which did not exist. So all potential customers were getting an error page. Fortunately I was able to re-acquire the monzilla.biz domain and redirect all traffic to monzillamedia.com. Continue reading »

Avoid Blasty for DMCA Takedowns

Blasty is a paid online service that sends DMCA takedown notices to infringing websites on your behalf. As the author of several books, I paid for one year of the service in March of 2018 to help combat rampant piracy. And for several months the service worked great. I enjoyed receiving the periodic email reports letting me know of successful takedowns. And I could log into my account and check out specific takedowns, view reports, and find all sorts of […] Continue reading »

How to Download Entire Websites on Mac

Concept One These days in this crazy world it makes sense to archive locally any critical online data. That way when the Internet is not working (for whatever reason), you still have access to your important infos and data. For those who are listening and interested in being prepared, here is the quickest, easiest way that I have been able to find to archive complete offline copies of websites to your Mac (or iOS). It makes use of a free […] Continue reading »

Automatic IP Blacklist

Recently a reader going by the name of Rock Star sent me a cool little PHP script that automatically updates your site’s .htaccess with a current list of bad IP addresses. This is useful because it gives you better “real time” protection against attacks and malicious requests. This tutorial shares the code and explains how to implement in two easy steps. Continue reading »

Facebook Not Letting Users Delete Their Own Comments

Here is video proof that Facebook is not letting people delete their own comments. The video shows me trying to delete two different comments, using three different browsers: Chrome, Firefox, and Opera. Watch the video and see for yourself. It’s been like this for at least several days now (not sure when it started). Very frustrating! Continue reading »

Enable PHP fsockopen with CSF

Recently started some sites with Liquid Web hosting, everything going extremely well all around. There was one hiccup (at least for me) where PHP’s fsockopen was not working. At the time, I was trying to figure out why the Whois Lookup feature used by Blackhole Bad Bots was not working. Initial investigation revealed that fsockopen() external HTTP requests were getting blocked somewhere. Everything else worked, including making the requests via cURL. Continue reading »

Difference between mod_alias and mod_rewrite

Most of the redirect techniques provided in my stupid .htaccess tricks article all use Apache’s alias module, mod_alias. You can also use mod_rewrite to redirect URLs. The main difference is that, with mod_alias, the server is responding to the client request with a redirect, so the client immediately is sent to the new location. Conversely, with mod_rewrite, the server simply returns the new content, so the client is not actually redirected anywhere. This makes mod_rewrite more advantageous because it happens […] Continue reading »

CLI Forward-Reverse Lookup

In previous posts, I’ve explained how to verify identity of search engines and other bots, by looking up the host name and then doing a reverse lookup to cross-check the IP address. This is often referred to as a forward-reverse lookup, or something to that effect. The point is, there are plenty of free online tools available for performing forward-reverse IP/host lookups. And online tools are great, but it’s also possible to do forward/reverse lookups directly via the command line, […] Continue reading »

Activate WordPress Plugins via the Database

Recently a reader named Chris asked, “how can we turn ON a plugin from the database?” He mentioned reading my previous article, Quickly Disable or Enable All WordPress Plugins via the Database, but for circumstantial slash technical reasons needed to do the opposite and enable a plugin directly via the WordPress database. I thought it was an interesting question that might actually be useful to discuss here at Perishable Press. Continue reading »

Twitter Login Verification Bug

A few days ago, I was unable to log in to my Perishable Twitter account. My login credentials simply did not work. I’ve been successfully logging into Twitter since 2007 with no problems. So it was surprising at first, and then I figured it was some sort of weird Twitter bug. So I began investigating and recording the events/details in this post.. Continue reading »

X Theme Leftover Code Snippets

While working on the site’s 24th redesign, I ended up with about 10 code snippets that were awesome but ultimately not needed. So rather than just delete these tasty functions, I am posting them here for future reference. Who knows, during the next site update I may decide to implement or repurpose some of these techniques. And of course sharing is caring, so feel free to use any of these code snippets in your own projects. Check out the Table […] Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
WP Themes In Depth: Deep dive into WP theme development.
Thoughts
Content is king? No. The user is king.
Super useful post about making custom avatars in WordPress.
Making good progress on the new bookstore subdomain here at Perishable Press. Aiming for launch early Summer :)
Playing the long game.
They have weaponized the idiots.
Good software never steals focus from the user. Even during startup.
After 10 years running my own business, I still manage schedules and tasks using old school post-it notes, sometimes simple sometimes very elaborate.