The ‘https_local_ssl_verify’ filter
I have run into some WordPress code which does POST requests to API sites and in the POST parameters for the SSL property … Read more
security
PHP $_SERVER[‘HTTP_HOST’] vs. $_SERVER[‘SERVER_NAME’], am I understanding the man pages correctly?
I did a lot of searching and also read the PHP $_SERVER docs. Do I have this right regarding which to use for … Read more
No option “I would like my site to be private, visible only to users I choose” in Privacy Settings
I am running WordPress 3.3.2 self-hosted. I used to see the option “I would like my site to be private, visible only to … Read more
How to improve WordPress security by hiding non public facing files?
e.g. curl -I http://ma.tt/blog/wp-config.php 200 OK The wp-config.php is not public facing file, since it currently just return blank page, so why not … Read more
rms_unique_wp_mu_pl_fl_nm.php
What is creating this file? It’s in /wp-content/mu-plugins directory. If I delete it, it comes back after a while. it contains these code: … Read more
AngularJS changes URLs to “unsafe:” in extension page
I am trying to use Angular with a list of apps, and each one is a link to see an app in more … Read more
Is default functions like update_post_meta safe to use user inputs?
Is default functions like update_post_meta() safe to use user inputs? e.g. update_post_meta(76, ‘my_key’, $_GET[‘value’]) Or should I use $_GET[‘value’] = sanitize_text_field($_GET[‘value’]); before using … Read more
How serious is this new ASP.NET security vulnerability and how can I workaround it?
I’ve just read on the net about a newly discovered security vulnerability in ASP.NET. You can read the details here. The problem lies … Read more
Is it good security advice to install wordpress in subdirectory but link to root?
Is it good to install wordpress in a subdirectory (with a random name), but set “Homepage” address to domain root? (based on Giving … Read more
How do I turn off Oracle password expiration?
I’m using Oracle for development. The password for a bootstrap account that I always use to rebuild my database has expired. How do … Read more