Silence is Golden Guard
Silence is golden guard WordPress plugin prevents your blog directories from listing if visitor types just directory name as the URL,
e.g. http://yourdomain/wp-content/plugins/
Did you see small 30 bytes only index.php files in the folders of WordPress installation? If you don’t know for what reason those files included into WordPress package please read this post
“Silence is Golden”.
This plugin can scan your WordPress blog installation subdirectories for the presence of such dummy index.php files and create it if index.php file doesn’t exist in the directory. As the second line of defence against directory listing plugin can add special “-Indexes” option into Apache Web Server
.htaccess file placed at the WordPress root directory.
Where do We go?
Where do we go? It was the first question I asked myself when I discovered
“Delete default post” WordPress plugin in the repository. Plugin makes exactly that is declared in its title – deletes the ‘Welcome to WordPress’ post and correspondent dummy “Hi, this is a comment” comment which every WordPress blog has just after fresh installation. The question is “What should the author of this plugin think about its potential users to propose them such functionality?”.
If user can install and activate plugin he/she definitely can to delete unneeded post or comment using WordPress built-in functionality. Post and comment has hint about such possibility too. If blogger can’t delete unneeded post or comment –
WordPress plugin security fix
I’m glad to inform you that the
MyEasyBackup WordPress plugin security issue I reported yesterday for 0.0.2 version is fixed with 0.0.3 version. It is perfect. Wonderfully! Thanks to
Ugo Grandolini aka “camaleo” for so fast reaction and reliable security update.
MyEasyBackup WordPress plugin is useful for those who wish to get blog backup copies on a regular base and doesn’t familiar with tar, gzip, mysqldump, linux shell, etc. or just doesn’t have SSH access to his/her blog. User friendly interface lets you make full blog backup really easy. So “MyEasyBackup” confirms its name by its functionality.
WP breaked by plugin
WordPress plugin can make your life easier simplifying WordPress files and MySQL data backup operation.
But be aware when installing its version 0.0.2 as this version simplifies the life to the intruders also. It is a new, just published plugin. WordPress.org Stats page shows 280 downloads already at the moment I write this post. This plugin can become popular. But plugin author Ugo Grandolini needs to make security fix to his code
ASAP as plugin gives access to the critical blog data to any curious intruder. Do you wish to check it yourself?
ShinePHP Forum
is installed. It is ready to accept new members. Registration procedure is very easy. Thanks to
bbPress. Just register, get your password by email and make your posts in a minute.
You are Welcome! It doesn’t matter: have you some problem with your current Web development task, have you new idea about cool WordPress plugin, or you don’t know whom to ask to develop it. HTML, CSS, JavaScript, AJAX, PHP, MySQL, – if you have troubles with some tasks or wish to share your excellent knowledges –
You Are Welcome! Become ShinePHP Forum member and
WordPress 2.9.2 Security Update
February 15, 2010
WordPress.org announced WordPress 2.9.2 release. WordPress
development blog says about fixing the “…problem where logged in users can peek at trashed posts belonging to other authors.
If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2“. Upgrade procedure is simple as usual. You can use the upgrade link at the top of admin dashboard page to upgrade WordPress version automatically. Other way is to change all WordPress files manually. There are no any changes in the database structure comparing with 2.9.1 version, just a few changes in the PHP source code. Check the details below.
Platinum SEO 1.3.2. What's new?
Platinum SEO WordPress plugin version 1.3.2 was published at 13 February, 2010. It is a good news. It has a full enough set of options. It works good and don’t bother me with bugs. It don’t ask donations insistently as some
others plugins can do. I like this plugin. And I was glad to get something new from its author.
ChangeLog note at
WordPress.org says about some compatibility with WordPress 2.9.1 fix. What was incompatible with WordPress 2.9.1? What was changed in this plugin version really? Do you need to make upgrade for this version? Interested? Proceed reading.
