Category: wordpress

setup LAMP Linux Apache2 MariaDB PHP7.3 su – root; # become root apt update; # update system to latest apt upgrade; # database first apt install mariadb-server mariadb-client # set root pwd for database (can be root on dev test […]

1×× Informational 100 Continue 101 Switching Protocols 102 Processing 2×× Success 200 OK 201 Created 202 Accepted 203 Non-authoritative Information 204 No Content 205 Reset Content 206 Partial Content 207 Multi-Status 208 Already Reported 226 IM Used 3×× Redirection 300 […]

lately this blog gets bombarded with queries like these: which decoded are Korean SPAM? which translates as: iptables / firewalld seem not to work and have to really really figure out why. until then this is a little workaround, it […]

RSS-Feeds are files.xml, which are auto-generated by CMS like WordPress. It can be subscribed to with an RSS-Client Software. Thunderbird (the Mail program) for example (tested on version 60.6.4 and above) has a pretty convenient functionality to stay up to […]

WARNING! BACKUP YOUR MACHINE! UNTESTED! before running this script change to your new web root: /home/UserName/web/domain.com/public_html then run it like /scripts/install_wordpress.sh it tries to: download and unpack the latest wordpress into the current directory disable xmlrpc.php disable wp-cron.php requirements: a […]

FTP->SFTP now! first things first: ABANDON FTP IT IS INSECURE AND WILL TRANSFER YOUR PASSWORDS AND FILES IN CLEAR TEXT OVER THE INTERNET! MOVE TO SFTP (FTP OVER SSH) with strong passwords! if you run your own server – disable […]

1. check what php.ini is used/loaded 1.1. place vim /home/user/web/domain.com/public_html/info.php with this content: <?php phpinfo(); which will look like this in your browser: MAKE SURE TO REMOVE info.php afterwards! nobody needs to know the details of your webserver. 2. centos7 […]

as a wordpress blogger and maintainer of knowle bases, you probably come accross this problem… you have 3x posts of different quality about the same problem. and you want to redirect 2x posts of bad quality to the 1x of […]

While the “blocks” model makes sense for mobile layouts and contents – i found it pretty sluggish on the desktop for “quickly” updating this or that blog post and decided: i would like to have the old editor back – […]

“In the world of Information Technology, change is constant, compliance is inevitable, adaptability is required” i would add: “resistance is futile” “In the world of Information Technology, change is constant, compliance is inevitable, adaptability is required; therefore, staying one-step ahead […]

By the amount of commentary SPAM i get on WordPress using Google’s ReCaptcha… it wonder if i shut just disable comments all together (kind of what Anti Spam Bee did… it was impossible for me to comment on my own […]

while fencing of DDoS is a science of itself, a little .htaccess can help provide additional security: https://dwaves.de/2019/03/04/how-to-htaccess-limit-wordpress-searches/ in my opinion this is just plain stupid… luckily fail2ban is realitvely fast in stopping those attacks… but they also put strain […]

DDoS attacks are nasty stuff. Even such simple programs as – autobench – Automates the benchmarking of web servers using httperf – can sufficiently choke a webserver by spawning hundreds and thousands of mysql processes – exhausting all resources of […]

https://sourceforge.net/projects/wincachegrind/

There are legitimate crawlers out there from google, yahoo, yandex & co trying to update their RAM-held databases of news from your site (a sitemap.xml generated by google-xml-plugin can help there). But there are also evil mail-address-collecting bots that are […]

The original part of Facebook Buttons automatically send information about website visitors to the social network. (without consent) You do not even need to click on any button for this to happen. This happens already when requesting the page in […]

update: 2018.04 PaleMoon archive Server HACKED! “A malicious party gained access to the at the time Windows-based archive server” (src) oh gosh! ? GO USE CENTOS AND LATEST KERNEL NOW! “malware dropper tracked by ESET as Win32/ClipBanker.DY” (steals bitcoins) https://www.securityweek.com/archive-server-pale-moon-open-source-browser-hacked […]

i really like wordpress… this blog is using it. what i don’t like if things become tooo “automatic”. including fonts and scripts from external sources (google) that can be changed/updated/modified anytime… they could smuggle surveillance code into a billion wordpress […]

This is caused by this Plugin Black Studio TinyMCE Widget -> which is used by PageBuilder it adds a nasty <p> in front and back of everything you enter… <p>[masterslider id=”15″]</p><h1 style=”text-align… unless you uncheck this:    

DOES NOT WORK WITH WOOCOMMERCE-SHOP!!!! -> if you need that look here. If you have woocommerce installed check out this: https://wordpress.org/plugins/wp-migrate-db/ (UNTESTED! PRO IS 90USD) If you do not have woocommerce installed, but SiteOrigin’s PageBuilder: All kinds of manual database […]

“Instead, you could export a copy of your database (as an .sql file) using phpMyAdmin or the command line, run a find and replace on it to update URLs and file paths, then import it into your local environment using phpMyAdmin […]

now come the downside of the blog-software wordperss: Custom Menus. Good: You can arrange Menu items through the backend (Dashboard -> Design -> Menu -> Create new Menu -> Add Links, Categories, Pages, Posts… whatever you want) but to design-div-wise […]

create new file: /wp-content/themes/yourtheme-child/master-slider.read.php <?php require_once ‘../../../wp-config.php’; /* get properties of specific master-slider slider  *  * js to decode params:  * var decodeFix = function(str) {     var decoded = B64.decode(str);     return decoded.slice(0, decoded.lastIndexOf("}") + 1) }; […]

<?php /**  * Master Slider Database Class.  *  * @package   MasterSlider  * @author    averta [averta.net]  * @license   LICENSE.txt  * @link      http://masterslider.com  * @copyright Copyright © 2014 averta  */ // no direct access allowed <- WTF! […]

<section class="no-results not-found">     <header class="page-header">         <h2 class="page-title"><?php _e( ‘Nothing Found’, ‘residium’ ); ?></h2>     </header><!– .page-header –>     <div class="page-content">         <?php             $siteurl […]

try this:

it’s not really intuitiv. You search for: https://wordpress.org/search/Download+Language+packs but the keyword “download” does not pop to your eye. here you can DOWNLOAD are the precompiled (PO) language packs for the backend: Download Language packs: https://make.wordpress.org/polyglots/teams/

the plan is effectively to simply include the content and title of an existing post. (everything is a post in the wordpress database) you will need to 1. create a page “nothing found” 2. click on “short-link” to get the […]

If you have seen Queries like those: SELECT * FROM wp_posts p LEFT OUTER JOIN wp_term_relationships r ON r.object_id = p.ID LEFT OUTER JOIN wp_term_taxonomy x ON x.term_taxonomy_id = r.term_taxonomy_id LEFT OUTER JOIN wp_terms t ON t.term_id = x.term_id WHERE […]

in theory it should work like that (untested!): /**  * Validate the extra register fields.  *  * @param  string $username          Current username.  * @param  string $email             Current email.  * @param […]