• Pe chevron_right

    Free WordPress Plugin: Disable Application Passwords / perishablepress · Wednesday, 9 December - 22:48 edit

Launching a free plugin to disable the new Application Passwords feature introduced in WordPress version 5.6. The plugin is one line of code. Install and activate to completely disable all of the Application Passwords functionality. To re-enable all Application Passwords, simply deactivate/uninstall the plugin. Easy peasy. Download I literally just submitted this plugin to the WordPress Plugin Directory. So for now, you can download the plugin directly here at Perishable Press: Feedback welcome in the comments below or send via […]

Značky: #WordPress, #Rozne, #plugins

  • Pe chevron_right

    Customize BBQ Firewall / perishablepress · Tuesday, 24 November - 00:41 edit

BBQ Firewall is a lightweight, super-fast plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall. BBQ is kept as lightweight as possible, so there are no options or settings to change default behavior. Based on years of feedback, the default […]

Značky: #Rozne, #firewall, #Security, #blacklist, #plugins, #WordPress

  • Ar chevron_right

    Senator asks DHS if foreign-controlled browser extensions threaten the US / ArsTechnica · Wednesday, 30 September, 2020 - 13:00

Photo illustration by Jakub Porzycki/NurPhoto via Getty Images

Enlarge / Photo illustration by Jakub Porzycki/NurPhoto via Getty Images (credit: Getty Images)

A US senator is calling on the Department of Homeland Security’s cybersecurity arm to assess the threat posed by browser extensions made in countries known to conduct espionage against the US.

“I am concerned that the use by millions of Americans of foreign-controlled browser extensions could threaten US national security,” Senator Ron Wyden, a Democrat from Oregon, wrote in a letter to Christopher Krebs, director of the DHS’ Cybersecurity and Infrastructure Security Agency. “I am concerned that these browser extensions could enable foreign governments to conduct surveillance of Americans.”

Also known as plugins and add-ons, extensions give browsers functionality not otherwise available. Ad blockers, language translators, HTTPS enforcers, grammar checkers, and cursor enhancers are just a few examples of legitimate extensions that can be downloaded either from browser-operated repositories or third-party websites.

Read 12 remaining paragraphs | Comments

  • Ar chevron_right

    Hackers are exploiting a critical flaw affecting >350,000 WordPress sites / ArsTechnica · Wednesday, 2 September, 2020 - 01:40

WordPress logos in various colors.

Enlarge (credit: StickerGiant / Flickr )

Hackers are actively exploiting a vulnerability that allows them to execute commands and malicious scripts on Websites running File Manager , a WordPress plugin with more than 700,000 active installations, researchers said on Tuesday. Word of the attacks came a few hours after the security flaw was patched.

Attackers are using the exploit to upload files that contain webshells that are hidden in an image. From there, they have a convenient interface that allows them to run commands in plugins/wp-file-manager/lib/files/, the directory where the File Manager plugin resides. While that restriction prevents hackers from executing commands on files outside of the directory, hackers may be able to exact more damage by uploading scripts that can carry out actions on other parts of a vulnerable site.

NinTechNet, a website security firm in Bangkok, Thailand, was among the first to report the in-the-wild attacks . The post said that a hacker was exploiting the vulnerability to upload a script titled hardfork.php and then using it to inject code into the WordPress scripts /wp-admin/admin-ajax.php and /wp-includes/user.php.

Read 8 remaining paragraphs | Comments

  • Pe chevron_right

    New Plugin for WordPress 5.5 and Beyond: Disable WP Sitemaps / perishablepress · Wednesday, 5 August, 2020 - 00:31 edit

WordPress 5.5 and beyond features built-in sitemaps that are enabled by default. For new users and sites this may a good thing. Now users don’t have to bother with thinking about how to implement a sitemap. Like with Privacy control, WordPress just does it for you automagically. BUT for the millions of sites that already have a sitemap thanks to any of the excellent and free sitemap plugins — that’s like maybe 5–10 million websites — well congratulations you now […]

Značky: #WordPress, #plugins, #Rozne

  • Pe chevron_right

    WordPress Plugin: Disable Media Sizes / perishablepress · Tuesday, 4 August, 2020 - 20:58 edit

Whenever you upload an image using the Media Library, WordPress automatically creates a set of alternate-size images. The number and size of these auto-generated images continues to grow each year, as WordPress tries to keep up with increasingly hi-resolution screen sizes. For many WordPress-powered websites, the extra media sizes enable WordPress to serve images responsively and that’s a good thing. But for some WordPress sites, all the extra images simply are not necessary. In some cases downright wasteful. And that’s […]

Značky: #WordPress, #plugins, #Rozne

  • Pe chevron_right

    WordPress Plugin: Disable Lazy Loading / perishablepress · Tuesday, 4 August, 2020 - 20:07 edit

Sloth by photosforhobby source WordPress 5.5 brings some cool new features, including built-in support for lazy-loading images. So whether you want it or not, WordPress will add a new “loading” attribute to all of your images. That way supportive browsers will be able to load your images as the user scrolls the page, instead of trying to load everything at once. It’s a popular front-end technique that may help to boost performance a little bit. Like anything else, there are […]

Značky: #WordPress, #plugins, #Rozne