You are here: Saotn.org » PHP

PHP

PHP Tag Archive

Show the number of registered WordPress users in the At-a-Glance widget in the Dashboard

Count and display number of WordPress users in your Dashboard

WordPress / By / 7 September 2021

Show the number of registered WordPress users in At-a-Glance widget

Often when a WordPress site is compromised, the website owner doesn’t notice anything strange at first. First a lot of users are created, and it’s only later when posts filled with spam are created or existing pages/posts edited. In the time between compromise and creation of spam posts, a website owner might notice an increased number of users. If he has the means to. And that’s what this little plugin does.

Count and display number of WordPress users in your DashboardRead More »

Increase WordPress’ memory limit WP_MEMORY_LIMIT properly in wp-config.php

WordPress / By / 19 November 2020

How to increase the memory limit for your WordPress website, the right way.

The WordPress memory limit can be increased by the WP_MEMORY_LIMIT variable in wp-config.php. However, I see this done wrong over and over again in WordPress plugins and themes. In a worst case scenario this may even decrease the available amount of memory for WordPress! So be careful with the advice you follow. In this post I show you a correct way of setting WordPress WP_MEMORY_LIMIT and PHP memory_limit settings.

Increase WordPress’ memory limit WP_MEMORY_LIMIT properly in wp-config.phpRead More »

Check WordPress Core files integrity

WordPress / By / 25 August 2021

Verify WordPress Core files md5 checksums against WordPress’ checksums API, using this standalone PHP file. I chose to use a standalone PHP script to check the md5sum of WordPress Core files against the API so you’re not dependent on a possibly hacked WordPress installation. This kind of guarantees the result can be trusted, as opposed to using a WordPress plugin. I think this is a better integrity check of WordPress Core files.

Check WordPress Core files integrityRead More »

Clear PHP opcode caches before WordPress Updates: ease the updating process

WordPress / By / 15 April 2020

In various hosting environments, WordPress core-, plugin- and theme updates sometimes fail because of enabled opcode caches. Popular PHP opcode caches are OPcache, WinCache and APC. This little WordPress Must Use Plugin tries to flush opcode caches. Making your live a bit easier when updating WordPress Core, Plugins and Themes.

Clear PHP opcode caches before WordPress Updates: ease the updating processRead More »

Benchmarking WordPress, simple load & speed testing with ApacheBench

WordPress / By / 2 April 2020

WordPress load testing with ApacheBench.

ab is a small benchmark utility that comes with Apache. It’s a really simple HTTP load generating tool, ideal for a simple WordPress load & speed test. How fast does your WordPress site respond? How many HTTP requests per second can your server handle? These are questions on which ab can shed some light.

Benchmarking WordPress, simple load & speed testing with ApacheBenchRead More »

Your WordPress hosting at Warp Speed - img. credits: Christian Daryanto Limas @ flickr

Optimize(d) WordPress hosting (9+ practical tips)

WordPress / By / 6 September 2021

9+ Practical tips to optimize WordPress hosting

Optimized WordPress hosting is a subject on which a lot is written about. And therefore, this post is not about where to host your WordPress blog, or who offers the best WordPress hosting. This post is for you developers, what you can do to optimize your WordPress hosting stack.

Optimize(d) WordPress hosting (9+ practical tips)Read More »

“How we broke PHP, hacked Pornhub and earned $20,000”

Security / By / 11 March 2020

This is a very interesting read on how Dario Weißer (@haxonaut), cutz and Ruslan Habalov (@evonide) were able to find a PHP unserialize bug to exploit and gain remote code execution on Pornhub. Pornhub’s bug bounty program is at Hackerone In stead of actively attacking Pornhub, they took another road and attacked what Pornhub is built upon: PHP.

“How we broke PHP, hacked Pornhub and earned $20,000”Read More »

Binary webshell through OPcache in PHP 7

Security / By / 11 March 2020

GoSecure wrote up a new PHP exploitation technique using the default OPcache engine from PHP 7. Using this attack vector, it’s possible to bypass certain hardening techniques that disallow the file write access in the web directory. This could be used by an attacker to execute his own malicious code in a hardened environment.


This new PHP 7 OPcache attack vector is an additional exploitation technique tailored to specific hardened environments. It is not a universal vulnerability affecting PHP applications. With the arrival of PHP 7.0 in major distributions such as Ubuntu 16.04, this attack vector reinforces even more the need to audit your code for file upload vulnerabilities and to be wary of potentially dangerous server configuration.

Binary webshell through OPcache in PHP 7Read More »

How to install Microsoft’s SQL Server Driver for PHP

Windows Server / By / 8 May 2020

In this article I’ll show you how to install the Microsoft SQL Server Driver for PHP 7+. This makes the use of an SQL Server database back-end for your PHP website easy. If you want to communicatie with SQL Server using PHP you need to rely on some additional software and PHP extensions. This post walks you through the steps necessary to install the SQL Server driver and SQLSRV extension for PHP 7+, on Windows Server IIS of course.

How to install Microsoft’s SQL Server Driver for PHPRead More »