Latest TweetsWordPress and the Blank Target Vulnerability (aka rel noopener + noreferrer): perishablepress.com/wordpress-… #WordPress #security #html
Perishable Press
Author: Jeff Starr
Found 810 matching results
Page 6 of 51
Jeff Starr
Jeff Starr is a web developer, author, and teacher specializing in web security and building awesome things with WordPress. His online projects include Plugin Planet, DigWP.com, and WP-Mix.com. Jeff writes books, runs his own business, writes about web development, and makes video tutorials at Lynda.com.

WordPress Enable PHP Strict Error Reporting

When developing WordPress themes and plugins, I like to enable PHP’s strict error reporting. That way all errors and notices can be recognized and dealt with accordingly. Plus, enabling PHP strict error reporting is pretty easy to do using a simple must-use plugin. Here’s how to do it.. Continue »

s2member notes

I use s2member (free version) and s2member Pro on a few of my sites. Have been for several years now. Over the course of time, I have amassed a healthy collection of notes, code snippets and techniques for customizing default functionality, adding features, and so forth. Gonna post the collection online for the benefit of […] Continue »

Redirecting Hash Fragments with .htaccess

During this year’s site redesigns, I noticed in the server logs some 404 errors for various WordPress comments. These 404 requests each involved a fragment identifier (i.e., character string beginning with a pound sign, #) being interpreted as its HTML entity hex equivalent, %23. It may not seem like a big deal, but these days […] Continue »

Back Into It

This year has been full of change, hard work, and lots of planning. First it was general clean-up, reorganization, and streamlining of online assets (e.g., axing unused domains, consolidating email addresses, closing old social media accounts, etc.). That may not sound like a lot of work, but after 15+ years working online, it was a […] Continue »

Block revslider Scans

One of the most annoying, persistent scans I’ve seen in a long time are those hunting for the revslider vulnerability. In the five or so months since the exploit was discovered, many sites have been compromised. And based on what I’ve been seeing in my traffic logs, the risk is far from over. Apparently every […] Continue »

Updates Galore

Just a quick post to let people know about the updates now available for my various books and plugins. Basically the entire month of May was spent on plugin and book updates, so here is a quick summary of what’s new. Continue »

xy.css moved to Perishable Press

Recently I’ve been implementing SSL on my domains and have been streamlining and updating some projects along the way. Consolidating properties is a great way to simplify workflow and boost productivity, so I’ve went ahead and moved xyCSS from its own domain, xy.css, to its new home here at Perishable Press. Continue »

Whitelist & Blacklist Plugins for BBQ

BBQ (Block Bad Queries) is a simple script that protects your website against malicious URL requests. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval( and base64_. The plugin is ultra minimal, so there are no options to configure which strings are blocked or allowed — it’s basically a […] Continue »

WordPress Plugin: SES Pro

SES Pro is a premium email newsletter plugin for WordPress. It is 100% shortcode-based with Ajax-powered signup forms that can be displayed anywhere. There are no monthly fees or limits on the number of subscribers, how many emails you can send, or anything else. It’s just a lightweight yet full-featured email-signup plugin that’s super-easy to […] Continue »

Book Winners!

Today I am pleased to announce the winners of the 2014 Book Giveaway, wherein 9 contestants win free copies of my books — The Tao of WordPress, WordPress Themes In Depth, and .htaccess made easy — including all bonus material and updates. Continue »

Clever Popup Ad? No Thanks.

So these days, I’m seeing more “clever” popups when visiting various websites. For example, do a search, see a result, click to visit.. and then before any content is shown, I’m hit with some annoying popup ad for whatever thing the site is trying to push. Continue »

Giving Away More Books!

A few days ago, I launched a Thanksgiving-themed book giveaway for Digging Into WordPress. The post has received some great comments that reminded me of how absolutely awesome people can be. So to chase the feeling and keep the momentum going, I’m giving away more books to 9 lucky winners. Continue »

WordPress Themes In Depth

Book Launch! My fourth book, WordPress Themes In Depth, focuses entirely on WordPress theme development. It goes in-depth on how to build, customize, and distribute your own WordPress themes. It’s 10+ years of experience with WordPress jam-packed into 450 pages of non-stop theme-building action. Continue »

How to Purge Deleted Dropbox Files

About a week ago, I sent a support request to Dropbox asking how to purge deleted files. Never heard anything back, but I figured that I would ask here to see if anyone knows the magic recipe. Here is the support question I sent to the Dropbox team: Continue »

Protect Against Malicious POST Requests

Whether you like it or not, there are scripts and bots out there hammering away at your sites with endless HTTP “POST” requests. POST requests are sort of the opposite of GET requests. Instead of getting some resource or file from the server, data is being posted or sent to it. To illustrate, normal surfing […] Continue »

Protect Against Humans.txt Query-String Scans

I woke up this morning to the sound of thousands of 404 requests hitting the server. It’s sad that there are kiddies out there who have nothing better to do than buy some pathetic $50 script and then sit there like an imbecile harassing people for hours on end. But alas, that is the world […] Continue »

« Previous Posts 14567851 Next Posts »