PHP Tag Archive
Show the number of registered WordPress users in At-a-Glance widget Often when a WordPress site is compromised, the website owner doesn’t notice anything strange at first. First a lot of users are created, and it’s only later when posts filled with spam are created or existing pages/posts edited. In the time between compromise and creation…
Continue reading Count and display number of WordPress users in your Dashboard
Here is how to change Akismet interval to three days instead of 15 days for deleting spam comments using the akismet_delete_comment_interval filter. Jan ReilinkMy name is Jan. I am not a hacker, coder, developer or guru. I am merely a systems administrator, doing my daily thing at Vevida. If you feel a post has helped…
With PHP 7.1, some PHP web applications fail because of deprecated code usage. This may result in an error message like [] operator not supported for strings for various Joomla, WordPress and Drupal components. Here’s how to fix this code for PHP 7.1+. Jan ReilinkMy name is Jan. I am not a hacker, coder, developer or…
Continue reading Fatal error: Uncaught Error: [] operator not supported for strings – PHP 7.1
Here is how to increase WordPress’ memory limit (WP_MEMORY_LIMIT) properly. I see this done wrong over and over again in WordPress plugins and themes. In a worst case scenario this may even decrease the available amount of memory for WordPress! So be careful with the advice you follow. In this post I show you one…
Continue reading Increase WordPress’ memory limit WP_MEMORY_LIMIT properly in wp-config.php
Recently the WordPress Jetpack email sharing service is often abused by spammers. They use the Send to Email Address for sending spam. All these kind of “Tell a Friend” scripts are abused a lot. Here is how to disable email share service in Jetpack. Jan ReilinkMy name is Jan. I am not a hacker, coder,…
The default WordPress theme Twenty Seventeen’s content width can be easily changed to full width. All you need is this bit of CSS. Jan ReilinkMy name is Jan. I am not a hacker, coder, developer or guru. I am merely a systems administrator, doing my daily thing at Vevida. If you feel a post has…
Continue reading How to make Twenty Seventeen theme full width in WordPress
Verify WordPress Core files md5 checksums against WordPress’ checksums API, using this standalone PHP file. I chose to use a standalone PHP script to check the md5sum of WordPress Core files against the API so you’re not dependent on a possibly hacked WordPress installation. This kind of guarantees the result can be trusted, as opposed…
In various hosting environments, WordPress core-, plugin- and theme updates sometimes fail because of enabled opcode caches. Popular PHP opcode caches are OPcache, WinCache and APC. This little WordPress Must Use Plugin tries to flush opcode caches. Making your live a bit easier when updating WordPress Core, Plugins and Themes. Jan ReilinkMy name is Jan.…
Continue reading Clear PHP opcode caches before WordPress Updates: ease the updating process
WinCache, or Windows Cache Extension for PHP, is a PHP accelerator that is used to significantly increase the speed of PHP applications running on Windows Server IIS. Besides increasing the speed of PHP applications, WinCache decreases CPU usage making it a win win situation extension. Jan ReilinkMy name is Jan. I am not a hacker,…
Continue reading The WinCache effect: Save with object caching
WordPress load testing with ApacheBench. ab is a small benchmark utility that comes with Apache. It’s a really simple HTTP load generating tool, ideal for a simple WordPress load & speed test. How fast does your WordPress site respond? How many HTTP requests per second can your server handle? These are questions on which ab…
Continue reading Benchmarking WordPress, simple load & speed testing with ApacheBench
How to measure WordPress’ loading time and executed database queries? During an HTTP request, WordPress executes a lot of queries on your MySQL database. Not just the database queries take time, also loading and executing PHP takes time. How do you measure this? Jan ReilinkMy name is Jan. I am not a hacker, coder, developer…
Optimized WordPress hosting is a subject on which a lot is written about. And therefore, this post is not about where to host your WordPress blog, or who offers the best WordPress hosting. This post is for you developers, what you can do to optimize your WordPress hosting. Or for any other PHP web application…
Continue reading Optimize(d) WordPress hosting (9+ practical tips)
This is a very interesting read on how Dario Weißer (@haxonaut), cutz and Ruslan Habalov (@evonide) were able to find a PHP unserialize bug to exploit and gain remote code execution on Pornhub. Pornhub’s bug bounty program is at Hackerone In stead of actively attacking Pornhub, they took another road and attacked what Pornhub is…
Continue reading “How we broke PHP, hacked Pornhub and earned $20,000”
GoSecure wrote up a new PHP exploitation technique using the default OPcache engine from PHP 7. Using this attack vector, it’s possible to bypass certain hardening techniques that disallow the file write access in the web directory. This could be used by an attacker to execute his own malicious code in a hardened environment. This…
In this article I’ll show you how to install the Microsoft SQL Server Driver for PHP 7+. This makes the use of an SQL Server database back-end for your PHP website easy. If you want to communicatie with SQL Server using PHP you need to rely on some additional software and PHP extensions. This post…
Continue reading How to install Microsoft’s SQL Server Driver for PHP
79 queries, took 0.560 seconds running PHP version 7.4.6