I’ve been working on developing the 8G Firewall. Digging through log files and crunching the data, the big new trend I’m noticing is heavy scanning for easy targets, low hanging fruit. Bad actors are looking for any little hidden files stashed on your server. Mostly PHP files, also ZIP and RAR files, and other file formats commonly used for compressing and archiving content. Basically, anything that might contain useful information (like login credentials, database backups, email addresses, etc.). Also, 99% […] Continue reading »
Simple Download Counter is a free WordPress plugin that does exactly what it says: counts the number of times your files are downloaded. SDC is designed for maximum ease of use. The goal is a clean, lightweight “set it and forget it” solution for keeping track of downloads. Simply add your files via the plugin settings and display download links via shortcodes. Simple Download Counter does the rest. Continue reading »
This is an experimental technique that I am playing with. It’s the simplest possible way that I could think of to protect all files in the WordPress Media Library using only Apache/.htaccess. I’ve been testing the code on an image-heavy site and so far there are no issues. So I want to put the code out there for others to test and hopefully provide feedback if anything less than perfect. It’s a super simple method that prevents media files from […] Continue reading »
Zipping files on Apple/Mac is a chore because of all the hidden files and folders added by macOS. Like .DS_Store and __MACOSX are two of the most common files and folders that are added to zip files when compressed on macOS. The folder named __MACOSX especially is problematic because it contains duplicates of every file in the zip archive. So for example, if you use Finder to compress 20 files, the resulting zip file will contain the original 20 files, […] Continue reading »
In previous posts, I’ve explained how to verify identity of search engines and other bots, by looking up the host name and then doing a reverse lookup to cross-check the IP address. This is often referred to as a forward-reverse lookup, or something to that effect. The point is, there are plenty of free online tools available for performing forward-reverse IP/host lookups. And online tools are great, but it’s also possible to do forward/reverse lookups directly via the command line, […] Continue reading »
From time to time I have occasion to generate a list all WordPress files or similar. As I’m not an expert in Terminal, it took awhile to figure out the magic recipe.. now having collected some useful commands, I want to post ‘em for future reference. Continue reading »
For those getting into bbPress for hosting your own forum, customizing your bbPress theme files can be difficult if you don’t know which page to load. Many of the bbPress theme template files contain enough clues to figure things out, but not every template file is used by default, or even at all depending on how you’ve configured bbPress. Themes may contain different template files, but the default “bbPress (Twenty Ten)” theme (included with version 2.1.1) may be considered a […] Continue reading »
In my article, Associate Extensionless Files with Notepad, I explain how to navigate the labyrinthine maze of Windows dialogue menus to assign Microsoft’s Notepad text editor as the opening application for files without extensions. In this post, I’ll show you how to associate any file type with any program (including Notepad) in less than five seconds. Ready? Don’t blink, you’ll miss it.. ;) Continue reading »
A great to way to share your PHP code with visitors is to display it directly in the browser with automatically generated syntax highlighting. Here is a screenshot showing an example of syntax-highlighted PHP code: Displaying your PHP scripts in syntax-highlighted form is an excellent way to share source code details directly with your readers. Rather than zipping the script and requiring users to download, unzip, and open the file in an editor, displaying your code directly saves you and […] Continue reading »
One of the necessary evils associated with creating a highly customized WordPress-powered site involves the inevitable necessity to hack the WordPress core. WordPress is built for mass-consumption and tends to cater to the largest audience possible, making it necessary to bend and poke around the corners to get WordPress to function in a more specific or specialized capacity. Continue reading »
In this brief tutorial, we are going to enable users to access any file or directory of a site that is password-protected via htaccess. There are many reasons for wanting to employ this technique, including: Share public resources from an otherwise private site Enable visitors to access content during site maintenance Testing and formatting of layout and design during development As a webmaster, I have used this technique on several occasions. This trick works great for allowing access to any […] Continue reading »
The folks developing WordPress are continually rolling out upgrades. While it is generally a good idea to stay current, it can also be a bit of a pain if you have made any changes to the WordPress core files. One thing that helps to stay organized is to keep a log that either includes all edits or links to posts describing them. That way, when it is time to upgrade WordPress, it simply will be a matter of referring to […] Continue reading »
There are several files that appear not to have extensions in Windows XP. Perhaps the best known example is the HOSTS file. Files such as the HOSTS file that appear to be “extensionless” actually contain an invisible period “.” — or dot — at the end the file name. It is this invisible dot that will enable us to select a specific program with which to open files with no extensions. Continue reading »