Minify WP-Super-Cache HTML cache files: WPSCMin a WP-Super-Cache plugin

Shares

The WordPress WP-Super-Cache cache plugin doesn’t minify HTML cache files, which I find a disadvantage. Knowing minify libraries, I went looking for an existing solution (why reinvent the wheel?), and found one: WPSCMin. Read on …

Continue reading

Critical 0-day vulnerability in Joomla patched, update to 3.4.6 now!

Shares

The Joomla security team have just released a new version of Joomla to patch a critical remote command execution vulnerability that affects all versions from 1.5 to 3.4. This is a serious vulnerability that can be easily exploited and is already in the wild.

Continue reading

SQL Server versions list

Shares

How to Identify Your SQL Server version and edition.

Continue reading

Ponmocup – A giant hiding in the shadows

Shares

Fox-IT writes in a blogpost Ponmocup – A giant hiding in the shadows: Ponmocup, first discovered in 2006 as Vundo or Virtumonde, is one of the most successful botnets of the past decade, in terms of spread and persistence. The reasons why this botnet is considered highly interesting are that it is sophisticated, underestimated and is currently largest in size and aimed at financial gain.

Continue reading

Generate pseudo-random passwords with OpenSSL

Shares

OpenSSL comes in handy when you need to create (pseudo) random passwords, for example for system accounts and services. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL…

Continue reading

Always_populate_raw_post_data setting & Magento 2.0

Shares
Magento

Fix always_populate_raw_post_data ($HTTP_RAW_POST_DATA) errors when upgrading to Magento 2.0 with PHP 5.6. Magento 2.0 requires PHP’s always_populate_raw_post_data to be disabled, or set to -1 in your php.ini file. Since PHP 5.6, the use of $HTTP_RAW_POST_DATA is deprecated and will be removed in PHP 7.0. However, in PHP 5.6, this setting is commented out, making it equal to 0, not -1, causing errors when you try to install Magento 2.0.

Continue reading

10% WordPress plugins in top ~1000 is vulnerable, a PHP static code analysis shows

Shares

Marcin Probola conducted a PHP static code analysis of the top ~1000 WordPress plugins, and the results showed 103 plugins were vulnerable to at least one vulnerability type (XSS, SQL injection). This is roughly 10 percent! Marcin Probola writes that scanning results were manually verified in his spare time and delivered to official plugins@wordpress.org from 04.07.2015 to 31.08.2015. Most of reported plugins are already patched, some are not. Vulnerable and not patched plugins are already removed from official wordpress plugin repository.

Continue reading

WordPress Is the Most Attacked CMS Application

Shares

Imperva’s Web Application Attack Report shows spam is WordPress’ largest security threat. Imperva, an international cyber security company founded in 2002, published its 2015 web application attack report. The report includes a thorough analysis of attack data obtained through its Web Application Firewall (or WAF).

Continue reading

PowerShell return value, exit code, or ErrorLevel equivalent

Shares

Here is how you can verify whether an external command in PowerShell was executed successfully or not. Simply by verifying PowerShell’s return value, or exit code…

Continue reading

RewriteProxy with .htaccess in IIS

Share

Rewrite and proxy HTTP requests in IIS. In my case scenario, I had to proxy requests on IIS, because a website was moved from web server A to B, and the DNS wasn’t updated yet. All HTTP requests for the moved website are handled in IIS’ Default Web Site; that’s the wildcard host, and the original host no longer existed there. We needed to match our website and proxy those requests to the new IIS web server. This can either be done using a proxy with URL Rewrite, IIS Application Request Routing (ARR), or a .htaccess file handled by Helicon Ape.

Continue reading

add_rewrite_rule() accepts an array of query vars in WordPress 4.4

Shares

John Blackbourn writes to Make WordPress Core that a small change to add_rewrite_rule() in [34708] means that in the upcoming WordPress 4.4 an array can be passed as the second parameter instead of a query string…

Continue reading

Get Hyper-V guest serial number with PowerShell

Shares

Retrieve the virtual machine’s serial number with PowerShell. Sometimes you need to have the serial number of a Hyper-V virtual machine (VM, or guest). We, for instance, use this serial number in our automatic, unattended deployment of the guest operating system. But then you need to know how to find this serial number…

Continue reading

WordPress and PHP7

Share

Aaron Jorbin writes to Make WordPress Core about WordPress and PHP7 (I run PHP7 and WordPress for quite some time on Saotn.org, and I think its a great step forward). For the last few months, WordPress Core has been getting ready for the upcoming release of PHP7. PHP7 is bringing a host of improvements to PHP. One of the most notably is substantial performance improvements. Benchmarks of WordPress using PHP7 are showing a 2-3x speed improvement compared to PHP5.6.

Continue reading

Feedly Saotn.org RSS feed on Android

Share

Keep Saotn.org posts close to keep ahead.

The feedly news reader app for Android is a great way to have all Saotn.org posts available on your smartphone. Feedly news reader is basically just an RSS-feed reader that you can install on your smartphone or tablet. In just a few steps you add the Saotn.org RSS feed to your favorite newspapers, magazines and blogs.

Continue reading

Block BaiduSpider bot User-Agent

Share

The Baidu spider (BaiduSpider user agent) can be a real pain to block, especially since it does not respect a robots.txt as it should. The following IIS URL Rewrite snippet blocks the Baidu spider based on its User-Agent string.

Continue reading