Recently WordPress sites have been getting hammered with random-string comment spam. The attackers are clever, using random text strings for every vector except the payload, which usually is the URL used for the comment’s Name link. But for these weird comment spams, the apparent payload is the email address. It’s the only part of the comment that’s not made up of random gibberish. Continue reading »
It seems that the WordPress function, get_comments_number(), is not working correctly. It is returning inconsistent results for posts with zero comments, pingbacks, or trackbacks. Sometimes the function returns true, other times false. It’s just random, from what I’ve been able to tell. So maybe a bug, or maybe something I am missing. Not a big deal, just looking for clues.. Continue reading »
There are numerous ways to redirect requests using Apache’s mod_rewrite and mod_alias. This concise, friendly tutorial explains different ways to redirect a range of IP addresses, either IPv4 or IPv6. Continue reading »
A common question I get is how to change or hide file extensions using .htaccess. Apparently search engines prefer “pretty” permalink URL structures over query-strings and file extensions. This is one reason why WordPress provides an SEO-friendly permalink option for URLs; because it is preferred over the default plain query-string based format. From the Permalinks settings screen in the WordPress Admin Area: Continue reading »
Finally put together a giant list of .htaccess redirect examples. It’s meant as a quick copy-&-paste resource for those who may be looking for an assortment of redirect techniques. Here you will find redirects via mod_alias and mod_rewrite. Examples include redirecting to and from any directory, subdirectory, resource, URL, and much more. Most of these examples are taken from my previous article, Stupid htaccess Tricks; other examples are taken from previous .htaccess tutorials here at Perishable Press. Enjoy! :) Continue reading »
![[ WordPress Ultimate Comment Blacklist ]](https://perishablepress.com/wp/wp-content/images/2019/wordpress-comment-blacklist.jpg)
How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just wanna “get ’er done”, although each active plugin requires additional maintenance and server resources. Continue reading »
Most of the redirect techniques provided in my stupid .htaccess tricks article all use Apache’s alias module, mod_alias. You can also use mod_rewrite to redirect URLs. The main difference is that, with mod_alias, the server is responding to the client request with a redirect, so the client immediately is sent to the new location. Conversely, with mod_rewrite, the server simply returns the new content, so the client is not actually redirected anywhere. This makes mod_rewrite more advantageous because it happens […] Continue reading »
In general, redirecting URLs is a piece of cake with Apache’s .htaccess. The only trick is redirecting based on the URL’s query-string value. Doing so requires slightly different directives that many people are not aware of, so it’s common to see a questions like, “why isn’t my redirect working for query strings?” This quick tutorial aims to clear up any confusion and explains how to redirect any URL based on its query string. Continue reading »
Want to redirect a URL from one location to another? This simple guide shows you how to do it with Apache/.htaccess, PHP, JavaScript, HTML, and more. Each redirect technique is briefly explained and includes ready-to-go, copy-&-paste examples. Just grab the code you need and use it in good health. May the redirects be with you! Continue reading »
Redirecting stuff with .htaccess generally is pretty straightforward, but there can be a lot of confusion when it comes to targeting patterns that include numbers. I think this largely is due to the syntax used for matching numbers in regular expressions. It’s sort of unintuitive until you get the hang of it. So to help in that regard, this tutorial explains the basics of matching numbers with .htaccess, and then provides some useful examples that should get you there. Continue reading »
Typically malicious scans use some sort of encoding to obscure their payloads. For example, instead of injecting a literal script, the attacker will run it through a PHP encoding function such as base64_encode(), utf8_encode(), or urlencode(). So if and when you need to decode some discovered payload, you can use whichever decoding function will do the job. For example, base64_decode(), utf8_decode(), or urldecode(). Sounds straightforward, but let’s dig a little deeper.. Continue reading »
![[ Bulletproof Sitemap Redirection ]](https://perishablepress.com/wp/wp-content/images/2017/bulletproof-sitemap.jpg)
Sitemaps have been shown to help search engines and other visitors understand and navigate your website. This tutorial gives you a simple yet powerful .htaccess technique for ensuring that search engines and other visitors can easily find your sitemap files. So even if they are looking for your sitemap in the wrong location, they’ll always be redirected to the actual, existing sitemap for your site. This strategy helps to improve consistency, minimize 404 errors, and save server resources. So it’s […] Continue reading »
![[ WordPress .htaccess file ]](https://perishablepress.com/wp/wp-content/images/2017/wordpress-htaccess.jpg)
The WordPress core uses .htaccess for two things: Permalinks and Multisite. This means that .htaccess is only required if you have enabled either of these features. Otherwise, .htaccess is entirely optional for default WordPress installations. Beyond the WP core, many plugins also use the .htaccess file for custom directives involving rewrites, redirects, custom headers, file compression, and much more. In many cases, such plugins add their .htaccess rules to your .htaccess file automatically, behind the scenes. Continue reading »
![[ Simple Ajax Chat ]](https://perishablepress.com/wp/wp-content/images/2012/simple-ajax-chat.jpg)
Simple Ajax Chat displays a fully customizable Ajax-powered chat box anywhere on your site. SAC makes it easy for your visitors to chat with each other on your website. There already are a number of decent chat plugins, but I wanted one that is simple yet fully customizable with all the features AND outputs clean HTML markup for easy styling. Continue reading »
![[ Simple Blog Stats ]](https://perishablepress.com/wp/wp-content/images/2012/simple-blog-stats.png)
Simple Blog Stats is a free WordPress plugin that provides a wealth of shortcodes and tags to display a variety of unique statistics about your site. Stats about your blog include total number of categories, comments, posts, users, tags, and more. SBS also displays recent comments and recent posts in posts, pages, and anywhere in your theme. Plus additional stats for Custom Post Types, word counts, and much more. Continue reading »
Cool trick that you may not have known about.. it’s possible to get case-insensitive matching with the powerful RedirectMatch directive. Normally, you would just write your redirect as something like this: Continue reading »
