Preparing for Gutenberg, I’ve been sharpening my JavaScript skillz. Getting further into things like Webpack, React, Node.js, and all sort of other awesome scripting adventures. As I dive further into JavaScript land, it’s amazing how much more quickly I am able to do things that I never had to do before relying so heavily on JavaScript. Even so, the extra tools are good to have in the ’ol developer tool belt, so I’ll be sharing much more about JavaScript stuff […] Continue reading »
![[ Momentum Camera ]](https://perishablepress.com/wp/wp-content/images/2018/momentum-cam-camera.jpg)
Momentum Cam Over the years, I’ve gone through quite a few wireless wi-fi security cameras. Not because I am a gadget/new-tech junkie, but because all of the cameras I have tried so far work for awhile and then stop working, or never work properly in the first place. So in an effort to not repeat myself while maybe helping others who are looking for information, here is a post that I am dedicating to wi-fi camera notes. This includes things […] Continue reading »
![[ Perishable Theme (from 2008) ]](https://perishablepress.com/wp/wp-content/images/2018/perishable-theme.png)
After 9 grueling weeks, I am happy to say that the 2018 Perishable Press redesign is complete. There are still a few small details that I am contemplating, but overall the work is finished and the site is back to full production capacity. From the old Wire theme rolled out in 2013 (five years ago!), to the minimalist, lightweight X Theme, Perishable Press has metamorphosed into a lean, mean, content sharing machine. This is the 24th time Perishable Press has […] Continue reading »
![[ Tips for Atom Code Editor ]](https://perishablepress.com/wp/wp-content/images/2017/atom-code-editor.jpg)
For some of my tutorials, I use the Atom Code Editor. It’s not as easy as Coda, but it does provide a LOT more flexibility in terms of configuration and customization. Over the last couple of years, I’ve collected a handful of useful tips and tricks for dialing in the perfect Atom environment. Well, perfect for my own needs — your mileage may vary. So without further ado, let’s jump into some sweet Atom tips. I update this post with […] Continue reading »
![[ How to use the base tag ]](https://perishablepress.com/wp/wp-content/images/2017/html-base-tag.gif)
When every byte counts, you can use the HTML <base /> tag to specify a default href and target attribute for all relative URLs on the page. Like a virtual shortcut. For smaller sites with a flat directory structure, this isn’t going to help much; but for sites with deeply nested directories, the <base /> tag can potentially shave a lot of extra weight from your web pages, and also help keep URLs cleaner and shorter. So if you’re micro-optimizing […] Continue reading »
![[ Email Troubleshooting Guide ]](https://perishablepress.com/wp/wp-content/images/2017/troubleshoot-email.jpg)
Email is sort of like the “glue” that holds the Internet together. But it’s the worst possible glue ever. It’s underlying technology is convoluted, complicated, insecure, tedious, sloppy, and archaic. In a nutshell: email sucks but it’s pretty much essential for working online. So what do you do if email is not working, like when you send an email but it never arrives? It can be very frustrating and difficult to figure out what went wrong. To help get you […] Continue reading »
![[ Watch Cyber Attacks Online ]](https://perishablepress.com/wp/wp-content/images/2017/cyber-threat-map.jpg)
Taking a quick break to watch cyber attacks happening in real time. Continue reading »
![[ Bruce Lee ]](https://perishablepress.com/wp/wp-content/images/2017/bruce-lee-kick.jpg)
WordPress responsive images are awesome. But some people want to use their own methods to implement. This post explains how to disable WordPress responsive image functionality so that you can use your own methods. It makes things easier when you don’t have to wrestle with what WordPress is doing. Continue reading »
Typically malicious scans use some sort of encoding to obscure their payloads. For example, instead of injecting a literal script, the attacker will run it through a PHP encoding function such as base64_encode(), utf8_encode(), or urlencode(). So if and when you need to decode some discovered payload, you can use whichever decoding function will do the job. For example, base64_decode(), utf8_decode(), or urldecode(). Sounds straightforward, but let’s dig a little deeper.. Continue reading »
![[ WordPress .htaccess file ]](https://perishablepress.com/wp/wp-content/images/2017/wordpress-htaccess.jpg)
The WordPress core uses .htaccess for two things: Permalinks and Multisite. This means that .htaccess is only required if you have enabled either of these features. Otherwise, .htaccess is entirely optional for default WordPress installations. Beyond the WP core, many plugins also use the .htaccess file for custom directives involving rewrites, redirects, custom headers, file compression, and much more. In many cases, such plugins add their .htaccess rules to your .htaccess file automatically, behind the scenes. Continue reading »
This tutorial explains numerous ways to get random items via PHP: numbers, strings, passwords, nonces, images, and more. I use these techniques in various projects, and want to round them all up in one place for easy reference. I’ll be updating this post with additional techniques as I get them. Continue reading »
Once again I am cleaning up my sites’ .htaccess files. I do this from time to time to remove old redirects, refresh blacklists, and update security and SEO-related directives. It’s tedious work, but the performance and security benefits make it all worthwhile. This post shares some of the techniques that were added, removed, or replaced from .htaccess, and explains the reasoning behind each decision. I do this for the sake of reference, and hopefully it will give you some ideas […] Continue reading »
![[ Perishable Press : Stop WordPress from modifying .htaccess ]](https://perishablepress.com/wp/wp-content/images/2019/wordpress-htaccess.jpg)
By default, depending on file permissions, WordPress automatically will modify the contents of your site’s .htaccess file. It does this on several occasions, adding and/or updating the rewrite rules required for WP’s permalink functionality. This post explains how this works, why it can be dangerous, and how to stop it from happening. Continue reading »
![[ WordPress: Developing Secure WordPress Sites ]](https://perishablepress.com/wp/wp-content/images/2016/secure-wordpress-sites.png)
After months of preparation and production, my new video course on developing secure WordPress sites is now available at Lynda.com. This is my second video course on securing WordPress; the first one was originally launched in 2011 and remained in Lynda’s library for over five years. I received a lot of great feedback on the course, and so I jumped on the opportunity to do another one. If there is one thing that I enjoy doing, it’s helping people with […] Continue reading »
Years ago, I thought the whole humans.txt thing was just silly, and even explained how to block humans.txt requests. But the concept actually has grown on me to the point where I now include a customized humans.txt file for most of my projects. It just seems like some useful information to make available for those who are looking for it. You know, all about the site, author, team, and such. And I have seen plenty of requests for humans dot […] Continue reading »
![[User Enumeration ]](https://perishablepress.com/wp/wp-content/images/2016/user-enumeration.jpg)
This tutorial explains how to block user-enumeration scans in WordPress. As explained in greater depth here, user enumeration happens when some malicious script scans a WordPress site for user data by requesting numerical user IDs. For example, requests for author=1 through some number, say, author=1000, may reveal the usernames for all associated users. With a simple enumeration script, an attacker can scan your site and obtain a list of login names in a matter of seconds. Continue reading »
