My name is Jan. I am not a hacker, coder, developer or guru. I am merely a systems administrator, doing my daily thing at Vevida.
In recent days, there are a number of reports about broken Yoast SEO database operations, related to the DeleteDuplicateIndexables function. The PHP function is located in the file wordpress-seo\src\config\migrations\20200507054848_DeleteDuplicateIndexables.php, and in this post I’ll provide you with a possible fix for this statement. Read on.
Show the number of registered WordPress users in At-a-Glance widget
Often when a WordPress site is compromised, the website owner doesn’t notice anything strange at first. First a lot of users are created, and it’s only later when posts filled with spam are created or existing pages/posts edited. In the time between compromise and creation of spam posts, a website owner might notice an increased number of users. If he has the means to. And that’s what this little plugin does.
Read More »Count and display number of WordPress users in your Dashboard
On a daily bases, new vulnerabilities are found in WordPress plugins. And when you host thousands of WordPress sites, you can count on the fact you have some customers using that vulnerable version of that particular plugin. So you need to find those vulnerable versions on your servers fast. On Windows Server, PowerShell is a perfect tool for the job!
Read More »Find vulnerable WordPress plugin versions fast using PowerShell
Secure wp-content/uploads in Linux Apache and Windows Server IIS
It’s recommended to disallow access to and execution of PHP files in wp-content/uploads folder. Preferably without the use of a security plugin. Blocking access to PHP files in WordPress wp-content/uploads folder is easily achieved with a .htaccess file on Linux Apache, or web.config accesssPolicy in Windows Server IIS, and here is how.
You can use this Bash function in your .bashrc file to generate a random alphanumeric string. This comes in handy when you need to generate a long, secure password for example. Adjust to your needs.
This post contains some example WMI filters for you to use in Group Policy Objects (GPOs) to target and manage specific Windows Server versions like 2012R2, 2016 and Windows Server 2019.
Read More »WMI Filters for Group Policy to manage Windows Server versions
Basic Authentication managed HTTP module for IIS with virtual users support
In my pursuit of a basic authentication alternative in IIS, other than the built-in Basic Authentication module or Helicon Ape, I came across Devbridge AzurePowerTools. It’s apparently one of few HTTP managed modules for IIS that enables HTTP Basic Authentication with support for virtual users.
Read More »Basic Authentication module for Windows Server IIS
How to create an IP restrictions allow list for your IIS FTP Server with Powershell.
When you set up a new public facing FTP server in IIS, it is important to properly secure it. Of course there’s authentication and authorization, but in this post I’ll show you how to configure an IP allow list for FTP using PowerShell.
Read More »IIS 10.0 FTP IP Security allow list Thank you Ronald as I needed exactly this today. Here is how to remove phantom application folders from websites in IIS using PowerShell.
Read More »Removing phantom application folders from website configuration in IIS
Here is how to change Akismet interval to three days instead of 15 days for deleting spam comments using the akismet_delete_comment_interval filter.
Read More »Delete spam comments after three (3) days Backup and restore IIS configuration with appcmd
If you are using Windows Server IIS as your web server software, it is important to make regular backups. Luckily, using appcmd this is quite easy.
An System.Collections.Generic.KeyNotFoundException “The given key was not present in the dictionary” can be the result of using a too old MySQL Connector/NET version in your ASP.NET web application. A KeyNotFoundException is thrown when an operation attempts to retrieve an element from a collection using a key that does not exist in that collection. An unsupported character set like utf8mb4 can be such a key, if your Connector/NET doesn’t support this character set. Luckily there is an easy workaround for this.
Read More »How to fix System.Collections.Generic.KeyNotFoundException “The given key was not present in the dictionary” Exception with MySQL Connector/NET and utf8mb4 character set Whenever WordPress is using a lot of CPU and you have Wordfence Security plugin enabled, it is recommended to double check some settings. Unfortunately the Wordfence “Live Traffic Options” (“Traffic logging mode”) feature can cause high CPU usage and load issues for WordPress websites. Therefore, I recommend you disable this feature to improve the performance of your WordPress website.
Read More »Reduce Wordfence CPU usage, disable Wordfence “Live Traffic View” This might be specific to my Windows Server environment and PoSH scripting, but using -SeachBase with PowerShell’s Get-ADComputer gives me faster results. You can use this for your own advantage, here is a little example to speed up AD DS queries.
You can install Servicing Stack Updates (SSU) for Windows Server 2012R2, 2016 and Windows Server 2019 using PowerShell, without downtime. Because they must be installed prior to your normal Windows Server security updates, you can install them anytime you want to during the day. Here’s a small PowerShell example to do so.
Read More »Install Windows Server Servicing Stack Updates (SSU) using PowerShell