Save $10 on my new book, Wizard’s SQL Recipes with code: WIZARD2022
Web Dev + WordPress + Security
261 posts related to: Stop User Enumeration in WordPress

WordPress Tip: Reduce the Size of the WP-ShortStat Database Table

[ Screenshot: showing the relatively immense size of the WP-ShortStat table ]

In this article, I present a simple method for dramatically decreasing the size of your WordPress database by partially emptying old data from the WP-ShortStat table via the following SQL command: DELETE FROM `wp_ss_stats` ORDER BY `id` ASC LIMIT n That is the point of this entire article, which dips into just about everything one might need to know before employing such strategy. If you are familiar with SQL and understand the purpose and functionality of this command, feel free […] Continue reading »

How to Enable the Default WordPress Object Cache

Recently, while attempting to optimize site performance, I found myself experimenting with various caching mechanisms currently available for WordPress. Specifically, I explored each of the following caching options: Continue reading »

How to Enable PHP Error Logging via htaccess

In this brief tutorial, I will show Apache users how to suppress PHP errors from visitors and enable PHP error logging via htaccess. Tracking your site’s PHP errors is an excellent way to manage and troubleshoot unexpected issues related to plugins and themes. Even better, monitoring PHP errors behind the scenes via private log is far better than trying to catch them as they appear at random visits. Thanks to the magical powers of htaccess, there is an easy way […] Continue reading »

5 Easy Ways to Syntax Highlight PHP Code

[ Screenshot: PHP code snippet in syntax-highlighted form ]

A great to way to share your PHP code with visitors is to display it directly in the browser with automatically generated syntax highlighting. Here is a screenshot showing an example of syntax-highlighted PHP code: Displaying your PHP scripts in syntax-highlighted form is an excellent way to share source code details directly with your readers. Rather than zipping the script and requiring users to download, unzip, and open the file in an editor, displaying your code directly saves you and […] Continue reading »

Protect Your Site Against UserCash and Other Scumbags

In this brief article I explain the atrocity that is UserCash and then provide the JavaScript needed to protect your site. Continue reading »

Three Ways to Allow Hotlinking in Specific Directories

After implementing any of the hotlink-prevention techniques described in our previous article, you may find it necessary to disable hotlink-protection for a specific directory. By default, htaccess rules apply to the directory in which it is located, as well as all subdirectories contained therein. There are (at least) three ways to enable selective hotlinking: Place hotlink images in an alternate directory This method works great if your hotlink-protection rules are located in a directory other than the site root. Simply […] Continue reading »

Stupid htaccess Trick: Enable File or Directory Access to Your Password-Protected Site

In this brief tutorial, we are going to enable users to access any file or directory of a site that is password-protected via htaccess. There are many reasons for wanting to employ this technique, including: Share public resources from an otherwise private site Enable visitors to access content during site maintenance Testing and formatting of layout and design during development As a webmaster, I have used this technique on several occasions. This trick works great for allowing access to any […] Continue reading »

Easily Adaptable WordPress Loop Templates

In this article, I present several heavily commented examples of WordPress loops. I have found that many readers appreciate these types of loop examples, as it helps them to understand how the loop works while enabling them to easily copy, paste, and adapt the code for their own purposes. In our first example, we examine a basic WordPress loop. When implemented, this loop will display “x” number of posts, where “x” represents the number specified via the WordPress Admin reading […] Continue reading »

WordPress Lessons Learned, Part 1: Permalink Structure

While planning my current site renovation project, I considered changing the format of my permalinks. Reasons for modifying the permalink structure of a site include: Continue reading »

Ultimate .htaccess Blacklist 2: Compressed Version

[ Image: Lunar Eclipse ]

In our original htaccess blacklist article, we provide an extensive list of bad user agents. This so-called “Ultimate htaccess Blacklist” works great at blocking many different online villains: spammers, scammers, scrapers, scrappers, rippers, leechers — you name it. Yet, despite its usefulness, there is always room for improvement. Continue reading »

How to Verify the Four Major Search Engines

Keeping track of your access and error logs is a critical component of any serious security strategy. Many times, you will see a recorded entry that looks legitimate, such that it may easily be dismissed as genuine Google fare, only to discover upon closer investigation a fraudulent agent. There are many such cloaked or disguised agents crawling around these days, mimicking various search engines to hide beneath the radar. So it’s always a good idea to implement a procedure for […] Continue reading »

WordPress Spam Battle: 3 Seconds that will Save You Hours of Time

In the hellish battle against spam, many WordPress users have adopted a highly effective trinity of anti-spam plugins: Akismet Bad Behavior Spam Karma This effective triage of free WordPress plugins has served many a WP-blogger well, eliminating virtually 99% of all automated comment-related spam. When spam first became a problem for me, I installed this triple-threat arsenal of anti-spam plugins and immediately enjoyed the results. Although Spam Karma seemed a little invasive and resource-intensive, too much protection seemed far better […] Continue reading »

Fixing Mint after Switching Servers

[ Mint Icon ]

After switching Perishable Press to its current home at A Small Orange, I began noticing an unusual problem with referrer data displayed in Mint. Specifically, the first item recorded in the XXX Strong Mint data panel — for both “Most Recent” and “Repeat” views — displayed several thousand hits for various site resources, all reporting the following IP address: Continue reading »

htaccess Combo Pack: WordPress Permalinks and non-www Redirect

WordPress users employing permalinks via htaccess to optimize their dynamic URLs transform complicated-looking links such as: http://example.com/blog/index.php?page=33 ..into search-engine friendly links such as: http://example.com/blog/post-title/ Every rewritten URL relies on a common set of htaccess rules to transform the links. The htaccess rules for all WordPress permalinks look like this for root WP installations: # BEGIN WordPress <ifmodule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </ifmodule> # END WordPress ..and like this for […] Continue reading »

Hacking WordPress: The Ultimate Nofollow Blacklist

[ Image: Death-metal rocker drunk with power ]

Several days ago, I posted an article explaining how to hack your own WordPress nofollow blacklist. Immediately thereafter, I published an elaborate article focusing on automatic methods of nofollow blacklisting via WordPress plugins. In this article, I expand on the original blacklist hack by incorporating functional differentiation between commentator links, trackbacks, and pingbacks. If anything, think of this as an exercise in hacking WordPress, rewarding in and of itself, if not otherwise entirely impractical. Of course, whenever possible, you should […] Continue reading »

Hacking WordPress: Dofollow Whitelist for Commentator Links

[ Image: Inverted Eye Detail ]

Before repenting of my filthy “nofollow” addiction, I experimented briefly with a “dofollow whitelist” for commentator URL links. The idea behind the whitelist is to reward frequent commentators, feed subscribers, site patrons, and other guests by selectively removing the automatically generated nofollow attributes from their associated comment-author links. For nofollow enthusiasts, a dofollow whitelist is a great way to show appreciation for people who support your blogging efforts. Now, before we go hacking away at WordPress, keep in mind that […] Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
USP Pro: Unlimited front-end forms for user-submitted posts and more.
Thoughts
Wrapping up book launch. Now focusing on plugin updates for WP 5.9, due Jan. 25th.
Soft launch for my new book: Wizard’s SQL Recipes for WordPress
New book around 200 pages, almost done!
Making great strides on my new book. Planned release in December :)
To organize my life, I keep it simple. online: plain text files, offline: sticky notes.
Official list of Googlebot IP addresses.
Lot of 1s in today’s date 20211111.
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.