Latest TweetsNew version of Disable Gutenberg includes options to disable for specific theme templates and/or post/page IDs. wordpress.org/plugins/disable-…
Perishable Press
Author: Jeff Starr
Found 810 matching results
Page 4 of 51
Jeff Starr
Jeff Starr is a web developer, author, and teacher specializing in web security and building awesome things with WordPress. His online projects include Plugin Planet, DigWP.com, and WP-Mix.com. Jeff writes books, runs his own business, writes about web development, and makes video tutorials at Lynda.com.

Get featured in my new CSS book

I am working on some new books and one of them focuses on CSS techniques. I can’t share any specifics at this point, but I am inviting CSS experts and enthusiasts to be featured in the book by contributing their favorite CSS snippet. Continue »

Lynda.com Course: Developing Secure WordPress Sites

After months of preparation and production, my new video course on developing secure WordPress sites is now available at Lynda.com. This is my second video course on securing WordPress; the first one was originally launched in 2011 and remained in Lynda’s library for over five years. I received a lot of great feedback on the […] Continue »

Block nuisance requests for .well-known, apple-app, etc.

Anyone who is paying attention to their server access and error logs has probably noticed that Google and other bots have been making endless requests for .well-known, apple-app-site-association, and various related files. This quick post explains how to save some server bandwidth and resources by blocking such repetitive requests, and also looks at a related […] Continue »

My Collection of Facebook Pages

Finally got around to setting up and pimping out official Facebook pages for my main websites. It took awhile to get them all fleshed out with posts, graphics, infos, and so forth. And then took awhile longer to wait until there were enough likes to get those oh-so-special vanity URLs. You know you gotta have […] Continue »

Humans.txt Template

Years ago, I thought the whole humans.txt thing was just silly, and even explained how to block humans.txt requests. But the concept actually has grown on me to the point where I now include a customized humans.txt file for most of my projects. It just seems like some useful information to make available for those […] Continue »

Some Q & A

Gonna start posting or deleting all of my old drafts just to clean things up back here in the Admin Area. For example, here is a post that I wanted to flesh out with specific examples and all sorts of references, but it’s just been sitting and waiting for too long, so now I’m just […] Continue »

Stop User Enumeration in WordPress

This tutorial explains how to block user-enumeration scans in WordPress. As explained in greater depth here, user enumeration happens when some malicious script scans a WordPress site for user data by requesting numerical user IDs. For example, requests for author=1 through some number, say, author=1000, may reveal the usernames for all associated users. With a […] Continue »

WordPress Performance Issue Revisited

Following up on my recent performance report with essentially some conclusive results. Turns out that the reported issue is related more directly to the version of PHP than to the version of WordPress. So in other words, WordPress runs a bit faster on newer versions of PHP. As explained previously, after I upgraded my sites […] Continue »

They’re Scanning for Your Backup Files

Just a reminder to keep your backup files offline. Do not store them in any publicly accessible space. It’s just not worth the risk man. And if you’re working online, you should know this already. If not, then continue reading to learn why it’s absolutely mission critical. Continue »

Brute-Force Login Drip Attack

I’ve been noticing a new strategy for brute-force login attacks: the slow, incremental “drip” attack. Instead of slamming a login page with hundreds or thousands of brute-force login attempts all within a few minutes, some attackers have been taking a more low-key approach by slowing down the rate of login attempts in order to bypass […] Continue »

OS X TotalFinder Alternatives

For years, I enjoyed the advanced Finder functionality provided by BinaryAge’s excellent app, TotalFinder. Mac’s native Finder enables users to navigate and manage their files, similar in concept to Windows File Explorer. Unfortunately, as explained in my rant about things that suck about Mac, TotalFinder no longer is compatible with Mac 10.11+. Fortunately there are […] Continue »

WordPress Plugin: Dashboard Widgets Suite

1 Plugin. 9 Widgets. Awesome Dashboard. Over the years, I’ve assembled a collection of Dashboard widgets that I use frequently on various sites. I find the WordPress Dashboard to be a convenient location for posting notes, viewing debug and error logs, and displaying social media icons, RSS feeds, and other useful information. I find these […] Continue »

Stop RSSing.com from Framing Your Content

This quick post explains how to stop the notorious site scrapers, RSSing.com, from stealing your content. In fact, this technique can be used to stop virtually any site that uses HTML frames to scrape your pages. Once again, the solution is one line of .htaccess to the rescue. Continue »

Use Strong Usernames for Better Security

Image courtesy of eChunks.com Here is a quick security tip for people using popular apps on the Web. That is, apps like WordPress that may be widely used and targeted by bad actors and/or automated scripts. It’s all about adding another layer of security by hardening admin-level usernames.. Continue »

Things that kinda suck about Apple/Mac

I dove into the world of Apple/Mac over five years ago. Overall I think it’s a huge step up from anything Windows related, but there are some things that I feel kinda suck about Mac OS X and Apple products in general. This post rounds up some of my thoughts, hopefully to help promote discussion […] Continue »

How to Block Baidu Bot

A user of my 6G Firewall recently asked how to block the “baidu” bot from accessing their site. This post explains why Baidu is not blocked in 6G and provides a quick .htaccess technique to deny it (or anything claiming to be it) access to your site. Continue »

« Previous Posts 12345651 Next Posts »