Posts Tagged ‘plugins’

Silence is Golden Guard WordPress plugin v. 1.5 update

Sunday, May 9th, 2010

Silence is golden guard plugin is updated

SIG GUARD Updated

Next update v.1.5 is available for Silence is Golden Guard WordPress plugin. With the help of plugin users incompatibility with WP Super Cache plugin was discovered and fixed. The problem was that blog with WP Super Cache plugin active becomes unavailable after activating of SIG plugin. Analysis showed that index.php file with redirection directive in the wp-super-cache/plugins directory results in the endless redirection loop which block the blog front-end and admin back-end access. From version 1.5 SIG plugin checks if WP Super Cache is active and create then empty index.php file for the wp-super-cache/plugins directory without redirection directive. The incompatibility issue is resolved this way.
Read the rest of this entry

Tags: plugins, Security, WordPress, wordpress plugin
Posted in Security, ShinePHP's plugins news, WordPress, plugins | View Comments

Delete Default Post WordPress plugin or Where do We go

Monday, March 8th, 2010

Where do We go?

Where do We go?

Where do we go? It was the first question I asked myself when I discovered “Delete default post” WordPress plugin in the repository. Plugin makes exactly that is declared in its title – deletes the ‘Welcome to WordPress’ post and correspondent dummy “Hi, this is a comment” comment which every WordPress blog has just after fresh installation. The question is “What should the author of this plugin think about its potential users to propose them such functionality?”.
If user can install and activate plugin he/she definitely can to delete unneeded post or comment using WordPress built-in functionality. Post and comment has hint about such possibility too. If blogger can’t delete unneeded post or comment –
Read the rest of this entry

Tags: plugins, WordPress, wordpress plugin, wordpress plugin review
Posted in WordPress, plugins | View Comments

User Locker 1.1.7 Wordpress Plugin Review

Saturday, November 21st, 2009

WordPress Plugin Review

WordPress Plugin Review

Plugin Name:User Locker v.1.1.7
Date of review: 20th November 2009
Rating: 4.5
Author profile: Daniel Frużyński
WordPress plugin directory link: User Locker

User Locker WordPress plugin introduces maximum number of invalid login attempts for the user name. When this number is exceeded, plugin locks that user account. It can be unlocked by requesting new password (using Lost Password option) or asking help from the blog administrator only.


You can find the original description of this plugin at the authour’s blog plugin page (primary site language is not English, but it is the English description). It this post I will tell you about my impressions after testing this plugin and going through its source code.

Read the rest of this entry

Tags: plugins, WordPress, wordpress plugin, wordpress plugin review
Posted in WordPress, plugins | View Comments

Platinum SEO Wordpress Plugin versus All In One

Sunday, October 11th, 2009
Platinum SEO versus All In One

Platinum SEO versus All In One

Or why I switched my blog from All In One SEO to the Platinum SEO plugin

I used All In One SEO WordPress Plugin about a month. It worked good for me. Thanks to the author. But there is another side of the medal. What I don’t like from the very beginning it is the very aggressive and annoying donation requests and self-advertising this plugin shows on its Settings page. “I enjoy this plugin and have made a donation” checkbox uses some form of psychologic pressure on the plugin user to extort something from him. Is this plugin really free? I see that it is released under GPL (GNU General Public License) in the all_in_one_seo_pack.php file header. Do you agree that this is a freeware software? My doubts about it were very strong up to this moment. And finally when I had installed version 1.6.7 of All In One SEO I have no any doubts that this plugin is not really freeware.

Read the rest of this entry

Tags: plugins, WordPress, wordpress plugin, wordpress plugin review
Posted in WordPress | View Comments

Login LockDown WordPress plugin Review

Saturday, September 19th, 2009

WordPress Plugin Review

WordPress Plugin Review

This review is made for Login LockDown v.1.5 WordPress plugin.
Date of review: 19th September 2009
Rating: 4.0
Author profile: Michael VanDeMar
WordPress plugin directory link: Login LockDown

According to author’s description Login LockDown WordPress plugin adds some extra security to WordPress by restricting the rate at which failed logins can be re-attempted from a given IP range. Plugin records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that IP range. This helps to prevent brute force password discovery.
After testing and using it on live site I confirm that Login LockDown WordPress plugin really has functionality declared by its author. But plugin has some security and usability issues.

Read the rest of this entry

Tags: plugins, Security, wordpress plugin review
Posted in Security, WordPress | View Comments

Is new installed Wordpress plugin package clean?

Saturday, August 29th, 2009

Security

Security


In this post I wish to talk about cleanness of WordPress plugin’s packages. I name package clean if it doesn’t contain any unnecessary files inside. Unnecessary files together with garbage issue can lead to the real security problem. Let’s take my last download as an example. It is a well known WordPress plugin WP-Forum produced by Fredrik Fahlstad. In case if somebody is new to this plugin, this is the simple discussion forum plugin for WordPress. WordPress link to the WP-Forum plugin page is http://wordpress.org/extend/plugins/wpforum/. Also we can download this plugin from Frederik site http://www.fahlstad.se/wp-plugins/wp-forum/.
Installation package at wordpress.org is OK. But it is marked as 1.7.8 (too old) version. So I went to the plugin’s home page http://www.fahlstad.se/wp-plugins/wp-forum/ and downloaded a 2.3 version installation package.
Inside this package .zip file in addition to core plugin code files we can see:
Read the rest of this entry

Tags: plugins, Security, WordPress, wp-forum
Posted in Security, WordPress | View Comments

Silence is golden

Friday, August 28th, 2009

Silence is golden

Silence is golden


Is your new WordPress plugin secure? Did you see the small 30 byte size only index.php file in such WordPress folders as wp-content, wp-content/themes? It is placed there by WordPress developers for the security reason. The explanation is obvious: if somebody input in his browser the URL like
http://www.yourblog.com/wp-content/plugins/
he could not see the full folder content, its subfolders and files list. Of course there are some other methods to hide directory list from visitors, for example it can be done with .htaccess directive but this (empty index.php file) way is the most simple and straightforward one.
Some of WordPress plugins developers ignore this issue and don’t put such empty index.php file into theirs plugins folders and subfolders.
It is highly recommended that you check this file presence at the new installed plugin folder and its subfolders after every new WordPress plugin installation. Put this index.php file

<?php
// Silence is golden.
?>

there yourself if plugin’s author missed it.
I made a plugin to make this job automatically. You can read about it at Silence is Golden Guard WordPress Plugin. Download link is available there also.

Tags: plugins, Security, WordPress
Posted in Security, WordPress | View Comments