Yahoo! YSlow recommends removing Entity tags – also known as ETag. Unfortunately removing the ETag response header is not an easy task on Windows Server IIS web servers. Here I show you how to properly remove ETag HTTP response headers with an Outbound rewrite rule…(more…)
The Internet Storm Center reports that a large number of Joomla sites are currently deploying malicious code and infecting visitors with malware; some WordPress sites are also thought to be affected. The German CERT-Bund Computer Emergency Response Team, which is operated by the German Federal Office for Information Security (BSI), has confirmed that similar attacks on and via Joomla servers have also been observed in Germany.
Charlie Eriksen has discovered a vulnerability in the Crayon Syntax Highlighter plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the “wp_load” parameter in
wp-content/plugins/crayon-syntax-hightlighter/util/preview.php is not properly verified before being used to include files. This can be exploited to include arbitrary PHP files from external FTP resources.
is an IIS error telling you the length of the given URL exceeds a limit. IIS default maximum length for a URL is defined by the
The length of the URL for this request exceeds the configured maxUrlLength value
HttpRuntimeSection.MaxUrlLength property. Its value is 260 characters. This may cause problems with longer than configured
maxUrlLength URL’s, and here is how to resolve this issue…
Acunetix’ Bogdan Calin wrote an article explaining why .htaccess files should not be used to secure sensitive data: htaccess files should not be used for security restrictions.
Silently deploy applications through Windows Deployment Services (WDS) / Microsoft Deployment Workbench, or the command line. Sometimes you just can’t find the correct command parameter – or switch – for silent, unattended software installations. Unattended, silent installation of software is ideal in an automated deployment installation of Windows Server or Windows 7, 8 & 8.1 client computers, through Windows Deployment Services (WDS).(more…)
PHPBench.com – The PHP Benchmark was constructed as a way to open people’s eyes to the fact that not every PHP code snippet will run at the same speed. You may be surprised at the results that this page generates, but that is ok. This page was also created so that you would be able to find discovery in these statistics and then maybe re-run these tests in your own server environment to play around with this idea yourself, by using the code examples.
Delete WordPress post revisions, turn them off and speed up your WordPress blog. Everytime you write or edit a WordPress post, WordPress saves the change as a post revision. As you might expect, this fills up your database with a huge amount of unneeded post revisions and information. This uses space which should be free space, the MySQL database becomes bloated. You can clean up these WordPress post revisions quite easily, you only need one SQL statement: …