Plugin Sale! Save 15% on pro plugins with discount code: FALL2020
Web Dev + WordPress + Security
Category: WordPress
285 posts

WordPress and the Blank Target Vulnerability

For those who haven’t yet noticed, WordPress now adds rel=”noopener” attributes for any external links added via the link Quicktag in the Visual/RTE. So if you enable the option, “Open link in a new tab”, WordPress automatically will add the rel noopener attribute to the link. This is to protect against CORS and other exploits that take advantage of blank-target links. It’s a smart move that may escape many in the WordPress community. So in an effort to help foster […] Continue reading »

Metamorphosis

After 9 grueling weeks, I am happy to say that the 2018 Perishable Press redesign is complete. There are still a few small details that I am contemplating, but overall the work is finished and the site is back to full production capacity. From the old Wire theme rolled out in 2013 (five years ago!), to the minimalist, lightweight X Theme, Perishable Press has metamorphosed into a lean, mean, content sharing machine. This is the 24th time Perishable Press has […] Continue reading »

WP Cron HTTP Auth

Welcome to the official homepage for my free WordPress plugin, WP Cron HTTP Auth. This page explains what the plugin does, how it works, and where to download and get support. The plugin actually is very simple, however, so there is not a lot to explain. If you are looking for plugin documentation, visit WP Cron HTTP Auth at WordPress.org. There you will find installation steps, support forum, translation tools, and more. Continue reading »

WordPress Plugin: Disable WP REST API

Welcome to the official homepage for my free WordPress plugin, Disable WP REST API. This page explains what the plugin does, how it works, how to test the plugin, and why anyone would anyone on earth want to disable the REST API, for crying out loud, all explained on this page. If that sounds like you, you’re in the right place. If you are looking for plugin documentation, visit Disable WP REST API at WordPress.org. There you will find installation […] Continue reading »

Contact Form X

Welcome to the official homepage for my free WordPress plugin, Contact Form X (CFX). This is a more personal look at the plugin, aimed at readers who are familiar with my work. Here you’ll find some screenshots, cool features, and of course some rambling backstory (because there is one). If you are looking for official plugin documentation, visit Contact Form X at WordPress.org. There you will find docs, download, installation steps, support forum, translation tools, and more. Continue reading »

BAM: 5 New WordPress Plugins. Ahh Yeh.

I’ve been super busy this year, cranking out some useful new plugins. Nothing as awesome as Banhammer Pro, but some pretty useful new plugins nonetheless. So I’m launching a total of five new WordPress plugins. The first four basically are utility plugins designed to make WordPress life easier. The 5th and final plugin (for awhile at least), is Contact Form X, which I am now using as the contact form here at Perishable Press. Contact Form X I know what […] Continue reading »

WordPress Plugin: Disable Gutenberg

For those still in the dark, WordPress 5.0 will bring HUGE changes to the post editor. Dubbed Gutenberg, the new WP post editor replaces the entire “classic” post editing screen. So as of WordPress 5.0 and beyond, the “Edit Post” screen will be completely replaced by a giant WYSIWYG content builder called “Gutenberg”. So much more is being replaced than just the content editor. The list of things that are replaced by Gutenberg include the RTE/Visual Editor, Plain Text Editor, […] Continue reading »

WordPress Plugin: Custom Fields for Gutenberg Block Editor

Currently Gutenberg does not display the Custom Fields meta box. Before Gutenberg, in WordPress 4.9 and earlier, the “Edit” screens in the WP Admin Area optionally displayed the Custom Fields meta box. The Custom Fields meta box is employed by millions of sites, themes and plugins. Including my own collection of WordPress plugins, which use custom fields for Posts, Pages, and many Custom Post Types. Basically Custom Fields are a critical part of WordPress functionality, so I wrote a plugin […] Continue reading »

Fix Gutenberg Errors

I’ve been exploring WordPress new Gutenberg functionality, and unfortunately keep encountering various weird errors. So to keep things organized and hopefully help others on the same path, I’m going to update this post with any Gutenberg errors for which I am able to find a solution. This includes any PHP errors, warnings, notices, as well as any JavaScript and/or debug/console errors. Continue reading »

Delete Shared/Saved Gutenberg Blocks

Been playing with WordPress new Gutenberg functionality. While exploring the new features, I created some Shared blocks via the “Convert to Shared Block” button. After another hour of playing with the Gutenberg API, there were a number of “orphaned” Shared blocks (just due to swapping out code snippets while testing). After some searching, I found it is possible to delete Shared blocks programmatically with JavaScript, but could not find any specific documentation or examples. So, I came up with an […] Continue reading »

Banhammer WordPress Plugin

Banhammer makes monitoring traffic and banning visitors crazy easy and fun. Say your forum is being harassed by some dirtbag. Or your admin directory is crawling with bad bots. Or some script kiddie is trying to brute-force your login page. Don’t just sit there and watch it happen.. drop the Banhammer on those fools and block them forever. Continue reading »

New WordPress Security Plugin: Host Header Injection Fix

Since version 2.3, WordPress has been vulnerable to a Host Header Injection attack in certain server environments. Over the years, there has been some discussion about fixing the vulnerability, but as of WP 4.9 (beta) nothing has been implemented. So to help those in the WP community who may be concerned (including myself), I developed a new security plugin that fixes the issue: Host Header Injection Fix (HHIF). Continue reading »

WordPress: Plugin Development

After months of hard work, I am excited to announce the launch of my new video course on developing WordPress plugins. It covers the entire process of building, securing, and optimizing your own plugins, including 50+ ready-to-go plugin demos and examples. The course is focused on developing plugins using the WP API and Standards. Covers basics and gets into advanced topics like HTTP API, REST API, and WP Cron. Truly packed with practical examples and techniques to help you create […] Continue reading »

FAQs for User Submitted Posts

This post contains overflow FAQs for the free version of User Submitted Posts (hosted at WordPress.org). I am moving a bunch of the FAQs to this post in order to clean up the plugin’s ever-growing readme.txt file. For FAQs about the Pro version of USP, check out USP Pro – FAQs & Presales over at Plugin Planet. And so without further ado.. Continue reading »

Disable WordPress Responsive Images

WordPress responsive images are awesome. But some people want to use their own methods to implement. This post explains how to disable WordPress responsive image functionality so that you can use your own methods. It makes things easier when you don’t have to wrestle with what WordPress is doing. Continue reading »

Display bbPress Posts without a Plugin

I recently redesigned my .htaccess site, htaccessbook.com. Before the redesign, I was using bbPress for the forum functionality. It worked okay for a few years, but along the way there were all sorts of really nasty bugs and important things breaking. It seemed like, no matter what, each updated version of the bbPress plugin caused serious problems, like replies not working, permalinks changing, and all sorts of other issues. Eventually, I got tired of spending hours after each bbPress update […] Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
The Tao of WordPress: Become your own WordPress guru.
Thoughts
Past week here in WA state has been hellish. So much smoke, like living in a chimney.
Now in September, I’m where I wanted to be in March.
Spent some time updating my article on unsafe characters, once again current with latest IETF specification.
Just realized that “Neo” is an anagram for “One”. As in, “he is the One” (The Matrix).
To get VLC app to load all songs (including subfolders), go to Preferences ▸ Show All ▸ Playlist ▸ Subdirectory behavior ▸ Expand.
Switching from PhotoShop to Affinity Photo is one of the most liberating work-related things I've done in 20 years.
Finally got my collection of Pro WordPress plugins updated. Everything now better than ever and current with WP 5.5.
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.