...add in the appropriate place: <security> <requestFiltering> <denyUrlSequences> <add sequence="xmlrpc.php" /> </denyUrlSequences> </requestFiltering> </security> This blocks requests to /xmlrpc.php URL’s completely, meaning you cannot use a plugin like Jetpack, or...
.../administrator URL, or by downloading and editing the configuration.php file. Don’t know how to download and edit the configuration.php file? Have a look at my Dutch article on how to...
...bash 🙂 . After a few tries I came up with the following XSS-payload, that successfully alerted me of the XSS: echo -n '<script>alert("xss </script%3E")</script>' | base64 PHNjcmlwdD5hbGVydCgieHNzIDwvc2NyaXB0JTNFIik8L3NjcmlwdD4= PoC URL:...
...is a translation and rewrite of my older Dutch post “MySQL performance en optimalisatie tips”, which is now deleted and links to here. Just in case you were wondering why...