Lee HodsonThe solution is a little bit further down but first I’ll run you through the issue: on rare occasions, installing BuddyPress into a WordPress multi-site setup can prevent access to addon sites within the network. This issue affects subdomain sites not subdirectory sites. A Little Background I activated BuddyPress on a freshly installed test site … Read more
The Ubuntu developers have outdone themselves this time. If beacons of disaster shone in the sky, their’s would be the brightest. I tried Kubuntu 11.10 on a virtual system and I loved it so much so I opted – against the advice of the little nagging voice in my head – to dive in and … Read more
The last few days have highlighted a gap in my knowledge of the WordPress platform. I use .htaccess rules to block requests to visit pages and to block requests to directly call scripts in WordPress directories when the requests look malicious. Mostly, those rules are designed to stop bots and hackers from using query string … Read more
As most WordPress bloggers and site owners and administrators will already be aware, the TimThumb script that is popularly used for resizing images to create thumbnails for WordPress themes and plugins has a security vulnerability that allows hackers an easy ride into websites.
The vulnerability was made public at the beginning of August and was patched almost as soon as it was announced. However, I’ve noticed a increasing number of crawls of sites I manage by scripts looking for themes and plugins that use timthumb.php. These crawls produce 404 error reports in both the plugins SEO Ultimate and Redirection because the files the bot’s hunting for do not exist on my servers. In every case, the crawler scanned the directory /wp-content/themes/ and /wp-content/plugins.
The themes (and their directories) that have been scanned include:
Now that’s some title for a post. I Couldn’t think how to shorten it but it is shorter than the original title I wanted to use. Anyway, a couple of weeks ago I needed to figure out how to write a Bash script that let its users state how many fields or questions the script … Read more
A few days ago I began the process of removing W3 Total Cache from all my blogs. Why, you might wonder, would I do that. The simple answer is that W3 Total Cache crashed my sites. The plugin conflicted one too many times with other plugins and I’m getting old and tired and I’m fast … Read more