Posts Tagged ‘Security’

« Older Entries

Silence is Golden Guard WordPress plugin v. 1.5 update

Sunday, May 9th, 2010

Silence is golden guard plugin is updated

SIG GUARD Updated

Next update v.1.5 is available for Silence is Golden Guard WordPress plugin. With the help of plugin users incompatibility with WP Super Cache plugin was discovered and fixed. The problem was that blog with WP Super Cache plugin active becomes unavailable after activating of SIG plugin. Analysis showed that index.php file with redirection directive in the wp-super-cache/plugins directory results in the endless redirection loop which block the blog front-end and admin back-end access. From version 1.5 SIG plugin checks if WP Super Cache is active and create then empty index.php file for the wp-super-cache/plugins directory without redirection directive. The incompatibility issue is resolved this way.
Read the rest of this entry

Tags: plugins, Security, WordPress, wordpress plugin
Posted in Security, ShinePHP's plugins news, WordPress, plugins | View Comments

How to block WordPress admin menu item

Friday, April 23rd, 2010

Remove Admin Menu Item

Remove Admin Menu Item

Suppose you don’t wish your blog registered users see some menu items in WordPress admin back-end and it is not the user role capabilities management subject. That is no such capability exists which you can use. For example, if you need to block just user profile editor and nothing more. It can be useful if you wish to allow for the group of volunteers to use the only user budget for all of them to make some task at your blog. In this case it is important that no one from that users group can edit user password and other user profile details. So you should to block WordPress admin menu items and URLs related to the user profile editor execution.
I will show you how to make it in this post. We just add a little piece of code to your theme functions.php file. Let’s go.
Read the rest of this entry

Tags: Security, User Role, WordPress
Posted in WordPress | View Comments

Silence is Golden Guard Plugin v. 1.3 is available

Monday, April 12th, 2010
Silence is golden guard plugin is updated

SIG GUARD Updated

Next update v.1.3 is available for Silence is Golden Guard WordPress plugin. It may now redirect every directory listing request to the site root, rebuild all SIG created dummy index.php file according to format selected (redirection to the root or just empty page), remove unused (garbage like) files from plugins folders, such as readme.txt, screenshot-*.gif, screenshot-*.png, screenshot-*.jpg. Those files are put into plugin setup package for wordpress.org to show information at the plugin page, and 1st – not used at your blog, 2nd – might expose plugin version to the potential attacker easy. He can see them in his browser. In case you use some plugin version with known vulnerability – it can be dangerous and it makes attackers life easier. We don’t want that, right?
If you have ideas to propose as addition to this plugin functionality, you are welcome! What staff from installed WordPress or its plugins is too promptness for the potential attackers? I will add an option to remove it to the next SIG Guard plugin version.

Tags: Security, wordpress plugin
Posted in Security, ShinePHP's plugins news, WordPress | View Comments

MyEasyBackup plugin security update

Monday, March 1st, 2010

WordPress plugin security fix

WordPress plugin security fix

I’m glad to inform you that the MyEasyBackup WordPress plugin security issue I reported yesterday for 0.0.2 version is fixed with 0.0.3 version. It is perfect. Wonderfully! Thanks to Ugo Grandolini aka “camaleo” for so fast reaction and reliable security update.

MyEasyBackup WordPress plugin is useful for those who wish to get blog backup copies on a regular base and doesn’t familiar with tar, gzip, mysqldump, linux shell, etc. or just doesn’t have SSH access to his/her blog. User friendly interface lets you make full blog backup really easy. So “MyEasyBackup” confirms its name by its functionality.

Read the rest of this entry

Tags: Security, WordPress, wordpress plugin review
Posted in WordPress, plugins | View Comments

MyEasyBackup plugin breaks WordPress security

Sunday, February 28th, 2010

WP breaked by plugin

WP breaked by plugin

MyEasyBackup WordPress plugin can make your life easier simplifying WordPress files and MySQL data backup operation. But be aware when installing its version 0.0.2 as this version simplifies the life to the intruders also. It is a new, just published plugin. WordPress.org Stats page shows 280 downloads already at the moment I write this post. This plugin can become popular. But plugin author Ugo Grandolini needs to make security fix to his code ASAP as plugin gives access to the critical blog data to any curious intruder. Do you wish to check it yourself?
Read the rest of this entry

Tags: Security, WordPress, wordpress plugin, wordpress plugin review
Posted in Security, WordPress, plugins | View Comments

WordPress 2.9.2 Security Update Details

Wednesday, February 17th, 2010

WordPress 2.9.2 Security Update

WordPress 2.9.2 Security Update

February 15, 2010 WordPress.org announced WordPress 2.9.2 release. WordPress development blog says about fixing the “…problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2“. Upgrade procedure is simple as usual. You can use the upgrade link at the top of admin dashboard page to upgrade WordPress version automatically. Other way is to change all WordPress files manually. There are no any changes in the database structure comparing with 2.9.1 version, just a few changes in the PHP source code. Check the details below.
Read the rest of this entry

Tags: Security, WordPress
Posted in Security, WordPress | View Comments

Platinum SEO 1.3.2. What is new?

Tuesday, February 16th, 2010

Platinum SEO 1.3.2. What's new?

Platinum SEO 1.3.2. What's new?

Platinum SEO WordPress plugin version 1.3.2 was published at 13 February, 2010. It is a good news. It has a full enough set of options. It works good and don’t bother me with bugs. It don’t ask donations insistently as some others plugins can do. I like this plugin. And I was glad to get something new from its author.
ChangeLog note at WordPress.org says about some compatibility with WordPress 2.9.1 fix. What was incompatible with WordPress 2.9.1? What was changed in this plugin version really? Do you need to make upgrade for this version? Interested? Proceed reading.
Read the rest of this entry

Tags: Security, WordPress, wordpress plugin
Posted in Security, WordPress | View Comments

« Older Entries