WordPress Plugin: Simple Blog Stats

Simple Blog Stats is a free WordPress plugin that provides a wealth of shortcodes and tags to display a variety of unique statistics about your site. Stats about your blog include total number of categories, comments, posts, users, tags, and more. SBS also displays recent comments and recent posts in posts, pages, and anywhere in your theme. Plus additional stats for Custom Post Types, word counts, and much more. Continue reading »

BBQ Firewall (Free WordPress Plugin)

BBQ Firewall is a lightweight, super-fast plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall. Continue reading »

WordPress Plugin: Simple Custom Content

Simple Custom Content is a free WordPress plugin that makes it easy to add custom content to your posts and feeds. SCS enables you to add custom content to all of your posts and all of your feeds, and provides several shortcodes for adding custom content in specific posts, pages, and just about anywhere. Continue reading »

WordPress Plugin: Simple Statistics for Feeds

Simple Statistics for Feeds is a free WordPress plugin that makes it easy to track your feeds, add custom content, and display your feed statistics on your site. Simple Statistics for Feeds (SFS) tracks your feeds automatically, and provides a wealth of tools and options for further configuration and management. To see Simple Statistics for Feeds in action, check out my code-snippets site, WP-Mix.com (you can find the SFS count badge in the sidebar on any page). Continue reading »

SFS Open Tracking

In the Simple Feed Stats plugin, Open Tracking enables you to track any web page or feed anywhere on the Web. This is done by using the open-tracking URL as the src for any <img /> tag. The SFS plugin then collects and displays the data, and provides shortcodes and template tags to display your feed stats anywhere on your site. In this post, we’ll see how to implement Open Tracking, walk through some examples, and glean a few tips […] Continue reading »

Protect Against Brute-force/Proxy Login Attacks

[ Solomon Grundy of the Legion of Doom ]

For the past week, I’ve been monitoring activity from a set of IP addresses involved with brute-force login attacks. Brute-force login attacks involve systematic guessing of passwords using various common usernames such as “admin” and “username”. So for example, an attack will target an array of sites, use “admin” as the username, and then make numerous attempts at “guessing” your password. And to obfuscate their malicious activity, the attack is executed from multiple IP addresses, either via proxy or possibly […] Continue reading »

Clean Markup Widget for WordPress

Squeaky clean. When adding content to your sidebar, it’s nice to be able to output clean, well-formatted markup. There are several ways to do this, including adding HTML directly in the theme template, installing a plugin, or simply using a widget. Widgets provide a great way of customizing sidebars and other widgetized areas, but as you may have seen in the source-code, the HTML is treated with all sorts of additional attributes, elements, and classes. Sometimes, you just need a […] Continue reading »

Tale of a Hacked Website

[ Prise de la Bastille, by Jean-Pierre-Louis-Laurent Houel (Detail) ]

I love a good story. Almost as much as I enjoy securing websites. Put them together and you’ve got suspense, intrigue, and plenty of encoded gibberish. But no happy ending this time, in this case the smartest decision was to “pull it” and rebuild. The site was just wasted — completely riddled with malicious code. Without current backup data, it would’ve been “game over” for the site, and possibly the business. Continue reading »

Ron Paul 2012 WordPress Plugin

[ Screenshot: RP2012 Plugin - Circle style ]

I wanted to show support for Ron Paul on my WordPress website with a simple badge or button. Surprised at not finding any plugins for Ron Paul in the Directory, I decided to be the first. You can learn more in the following post, or download and install via the WordPress Plugin Directory. Or if you prefer, you can install direct via the comfort of the WP Admin Area, via Plugins > Add New. Just search for “Ron Paul 2012” […] Continue reading »

6G Firewall Beta

Since releasing the 5G Blacklist earlier this year, malicious server scans and bad requests have surged with more novel attacks than I’ve seen since first getting into this stuff six years ago. In other words, now is the time to beef up security and lock things down. If you’re into monitoring your server and knowing your traffic, you may be observing the same recent spike in malicious activity. In response to these attacks, I’ve been secretly working on the next […] Continue reading »

WordPress Add-on for 5G Blacklist

Ill requests and malicious scans have been spiking recently, to the point where server performance was really taking a hit. One scan in particular hammered the server with thousands of bad requests in just a few minutes. There are people out there with strong scripts and small minds that are constantly scanning sites for vulnerabilities, and much of what I’ve seen is aimed primarily at WordPress. Continue reading »

Category Functions for WordPress

My previous theme sports the now-infamous colorized categories, which aim to help visitors navigate featured content. In addition to the colors, featured categories display contextually relevant navigation, popular posts, and related tags. It’s a great way to improve organization and get more of your content in front of the visitor. To make it happen, a variety of tasty WordPress code snippets are used, including versatile theme functions that enable getting the first category link, displaying sub-categories of the current category, […] Continue reading »

WordPress Plugin: GA Google Analytics

I’ve joked that there a million different Google Analytics WordPress plugins available, but I’ve never been able to find one that’s just dead-simple, plug-n-play, and with clean code and markup, so I wrote my own that does just that: a no-frills way to add the new Google Analytics asynchronous tracking code to all pages on your WordPress-powered site. This analytics plugin is lightweight, fast, and now has over 50,000 80,000 active users via WordPress.org. Continue reading »

PayPal Phishing Spam

Just a heads up to anyone else getting the occasional PayPal phishing spam.. Usually it’s pretty easy to spot one of those crafty phishing emails, just hover over any links before clicking to view the real URL in the status bar. You know, the link says something like, “click here to restore your PayPal account,” but you know that’s garbage and could easily prove it by checking the actual link URL, which is usually something completely bonkers, like: Continue reading »

5G Blacklist 2012

The 5G Blacklist helps reduce the number of malicious URL requests that hit your website. It’s one of many ways to improve the security of your site and protect against evil exploits, bad requests, and other nefarious garbage. If you’re tired of all the slow, bloated security plugins and expensive 3rd-party services, the 5G Blacklist is a solid solution to help protect your Apache-powered site. Continue reading »

5G Blacklist for Microsoft IIS

By design the 5G Blacklist works on Apache servers, but thanks to Scott Stawarz, here is a version for Microsoft IIS. Disclaimer: I do not use any Microsoft server stuff, so make sure to properly test everything before running this code on a live/production site. Also, if you scroll down to the end of this article, you will find some useful bonus snippets. Continue reading »

« Newer Posts • 1…678910…18 • Previous Posts »