Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security
Post Archive
964 posts

Protect Against Malicious POST Requests

Whether you like it or not, there are scripts and bots out there hammering away at your sites with endless HTTP “POST” requests. POST requests are sort of the opposite of GET requests. Instead of getting some resource or file from the server, data is being posted or sent to it. To illustrate, normal surfing around the Web involves your browser making series of GET requests for all the resources required for each web page. HTML, JavaScript, CSS, images, et […] Continue reading »

Protect Against Humans.txt Query-String Scans

I woke up this morning to the sound of thousands of 404 requests hitting the server. It’s sad that there are kiddies out there who have nothing better to do than buy some pathetic $50 script and then sit there like an imbecile harassing people for hours on end. But alas, that is the world we live in — fortunately it’s less than trivial to block the entire scan with just a few lines of good old .htaccess. Continue reading »

WordPress Plugin: USP Pro

After months of deleopment and a low-key “soft-launch”, I’m pleased to announce my first premium WordPress plugin, USP Pro, the supercharged version of my free WP plugin, User Submitted Posts. USP Pro enables you to create and customize infinitely many front-end forms and display them anywhere on your WordPress-powered site. Continue reading »

Testing HTTP Requests

Just a quick post with some tips for troubleshooting and testing HTTP requests. For example, if you have a plugin that sends requests behind the scenes via Ajax or cURL or whatever, it’s nice to have a way to view request details such as headers, the response, and everything in between. This article is aimed primarily at WordPress users, but contains more general tips and tricks as well. Continue reading »

2014 Micro Blacklist

Over the past several months, I’ve assembled a “micro” blacklist to keep some recent threats at bay. Eventually, this will be integrated into the next nG Blacklist, but for now I just wanted to post and share with anyone else who is actively monitoring their server logs and aware of the recent spike in malicious activity. Continue reading »

Theme Update: shapeSpace v1.7

shapeSpace is the starter WordPress theme that I use to build sites like Plugin-Planet.com and DigWP.com. I use it because it includes all of the most commonly used template tags and a minimal amount of clean markup. Additonally, shapeSpace includes a robust set of custom functions that make it easy to add and modify theme features and functionality. Continue reading »

Book Sale!

As mentioned, I’ve been super busy updating stuff, and have new versions available for Digging Into WordPress, .htaccess made easy, and The Tao of WordPress. To celebrate the updates, I’m having a “Fall Sale” on all books, with combo deals available for bundled books. Continue reading »

WordPress Plugin Updates!

It may not seem like it, but I’ve been super busy updating books, plugins, and websites with all sorts of new goodness. I just finished updating all of my free WordPress plugins that are hosted at the WordPress Plugin Directory. Here is a complete list: Continue reading »

jQuery Accordion Menu Tutorial

In this tutorial I am going to show you how to build a jQuery accordion menu from scratch. Most of the time it is possible to create very functional website navigations with just CSS, but this time we are going to need a little jQuery magic to accomplish the accordion functionality. For this tutorial I am going to assume that you have some experience with HTML and CSS. I will go over all the code, but the main focus of […] Continue reading »

shapeSpace WordPress Theme

shapeSpace is the starter template that I use for creating my own WordPress themes and WordPress–powered sites. Over the years, the shapeSpace theme has evolved with WordPress, striking what I find to be a good balance between utility, flexibility, and performance. shapeSpace is basically a starter theme that combines a robust set of theme functions with a lightweight set of template files. It’s a “premium” starter template that’s clean, current, and 100% free and open source (via GPL License). Continue reading »

Force Margin/Space Between List and Floated Image

If you’re displaying floated images in your posts, you may notice that margins of lists and other block-level elements seem to “collapse”, as shown in this screenshot from the 2013 redesign: Continue reading »

New Design and Updated Content

I’m getting back into the swing of things around here, now stepping it up with a new design, new tools, and lots of updated (and new) content, demos, scripts, and more. Here is a quick rundown of the new design and updated projects.. Continue reading »

Update: Ajax Error Log – Version 2.0

Another update! This time to the vanilla/PHP version of my Ajax Error Log. As with the new WordPress version, this update improves the script’s design, performance, and security. Continue reading »

Update: Ajax Error Log for WordPress – v2.0

New version of Ajax-Powered Error Logs for WordPress now available for download. The functionality is the same, but the script is rewritten for better design, performance, and security. Continue reading »

2013 User Agent Blacklist

The 2013 User Agent Blacklist blocks hundreds of the worst bots while ensuring open-access for normal traffic, major search engines (Google, Bing, et al), good browsers (Chrome, Firefox, Opera, et al), and everyone else. Compared to blocking threats by IP, blocking by user-agent is more effective as a general security strategy. Although it’s trivial to spoof any user agent, many bad requests continue to report user-agent strings that are known to be associated with malicious activity. For example, the notorious […] Continue reading »

2013 IP Blacklist

When time allows, I like to post my collections of the worst IP addresses for the current year. Certainly, there are pros and cons to using an IP blacklist. In general, IPs are easily spoofed, change frequently, and are therefore unreliable as a general security strategy. But as a short-term solution, IP blacklists serve as an excellent method for dealing with specific and/or ongoing threats and attacks. Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
SAC Pro: Unlimited chats.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.