The Internet Storm Center reports that a large number of Joomla sites are currently deploying malicious code and infecting visitors with malware; some WordPress sites are also thought to be affected. The German CERT-Bund Computer Emergency Response Team, which is operated by the German Federal Office for Information Security (BSI), has confirmed that similar attacks […]
Charlie Eriksen has discovered a vulnerability in the Crayon Syntax Highlighter plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the “wp_load” parameter in wp-content/plugins/crayon-syntax-hightlighter/util/ajax.php and wp-content/plugins/crayon-syntax-hightlighter/util/preview.php is not properly verified before being used to include files. This can be exploited to include arbitrary PHP files […]
The length of the URL for this request exceeds the configured maxUrlLength value is an IIS error telling you the length of the given URL exceeds a limit. IIS default maximum length for a URL is defined by the HttpRuntimeSection.MaxUrlLength property. Its value is 260 characters. This may cause problems with longer than configured maxUrlLength […]
10+ useful SQL queries to clean up your WordPress database
Just came across DMARC.org, which looks like a promising specification to fight email-based abuse. From its website:
Many PHP web applications use .htaccess files to restrict access to specific files or directories that may contain sensitive information. For example, in order to restrict access to all files in a specific directory you can create a .htaccess file in that directory containing the string “deny from all”. In many cases it is wrong to impose security restrictions using .htaccess files.
Free eBook: OWASP Top 10 for .NET developers
HyperDB database class. HyperDB: an advanced database class for WordPress, that supports replication and partition of data. HyperDB is a replacement for the standard wpdb class, which adds the ability to use multiple databases. HyperDB supports partition of data as well as replication.
Multiple vulnerabilities found in IIS 6.0 and 7.5 web servers. On the Full-Disclosure mailinglist Kingcope posted several IIS 6.0 and 7.5 bugs. Because I am a Windows Server and IIS admin, I took some time to test the various vulnerabilities …
Block and filter unwanted web HTTP traffic with blacklists, on both IIS and Apache. Protect your website easily with this PHP blacklist class. Let’s create our own HTTP web blacklist filter.
Silently deploy applications through Windows Deployment Services (WDS) / Microsoft Deployment Workbench, or the command line. Sometimes you just can’t find the correct command parameter – or switch – for silent, unattended software installations. Unattended, silent installation of software is ideal in an automated deployment installation of Windows Server or Windows 7, 8 & 8.1 […]
PHPBench.com – The PHP Benchmark was constructed as a way to open people’s eyes to the fact that not every PHP code snippet will run at the same speed. You may be surprised at the results that this page generates, but that is ok. This page was also created so that you would be able […]
Delete WordPress post revisions, turn them off and speed up your WordPress blog. Everytime you write or edit a WordPress post, WordPress saves the change as a post revision. As you might expect, this fills up your database with a huge amount of unneeded post revisions and information. This uses space which should be free […]
Learn how to use .htaccess in Windows Server IIS. In this post I’ll provide you with some useful .htaccess URL rewrite examples. URL rewrite examples that you can use on Window Server IIS for your website.
Umbraco admin password reset: When you’ve forgotten your Umbraco admin password, use the following SQL query to reset your password for Umbraco: