Category: PHP Security

Blog Post Icon

08/23/2023

How to recover a hacked WordPress website

Well it happened to you. You receive an email from a customer, or perhaps your web host : Your WordPress site is displaying an “unsafe website” browser error. Or maybe it is now showing some gambling advertisements. It clearly has been compromised. What do you do now? Based on over 14 years experience hosting, managing […]

Blog Post Icon

01/18/2019

How to block your WordPress site from being scanned by WPScan with Nginx

Hello! First and foremost, why would you want to block WPScan from probing your site? Well we all know that security through obscurity is a bad practice. That said the risks of malicious activity on your site is undoubtedly heightened through many points of information disclosure that is freely available to parse and organize to […]

Blog Post Icon

09/13/2018

How to protect WordPress media files and only allow the users who uploaded them to view

Hello! In the past we have written about how to protect your WordPress media files. In the past exercises we utilized a strategy to set a session cookie with encrypted details that can be read and validated at the http service (i.e. nginx) as well as application (php/wordpress) level. Since then we have refined this […]

Blog Post Icon

06/27/2018

How to implement a government ID verification system with Woocommerce and WordPress

  Need this implemented on your site? Click here and fill out our quote form!   Hello! There are many reasons why your Woocommerce store may need a system to accommodate verifying the identity of your customers. Depending on what your selling and the local or federal laws that are in place, having the identity […]

Blog Post Icon

02/23/2018

WordPress plugin to remotely manage and automate multiple WordPress sites

Hello! Being a Toronto based web design and development agency means that we interact with a significant number of WordPress sites. This tends to happen when a project starts (obviously), but often continues after a site is launched. This is something that we offer along the lines of “post launch maintenance”. By no means once […]

Blog Post Icon

01/31/2018

How to craft an XSS payload to create an admin user in WordPress

Hello! XSS (or cross site scripting) attacks are a common method to maliciously execute actions against a website installation. In particular this type of attack vector is useful when dealing with a CMS like WordPress where you have administrative user accounts to target. This means that if you are able to craft an XSS payload […]

Blog Post Icon

01/29/2018

WordPress plugin to get geolocation coordinates from a visitors IP address

Hello! We recently had a requirement from a client to generate content on a page specifically based on the geolocation coordinates of the visitor’s IP address. Now this sort of mechanism isn’t totally new, however we decided to develop a WordPress plugin called Shift8 GeoIP that would obtain this information and set it into an […]

Blog Post Icon

01/15/2018

WordPress Woocommerce plugin to disable payment methods based on zip or postal codes

Hello! Woocommerce is a great easy-to-implement and versatile e-commerce platform. With the robust development community, expanding the core functionality can be relatively straight forward with the availability of a wide assortment of 3rd party plugins for Woocommerce. One of the things that we felt was missing, but a simple requirement, was the ability to manipulate […]

Blog Post Icon

08/31/2017

IP Address Reputation and intelligence plugin for WordPress

Hello! With WordPress security, there are many methods for hardening and tightening controls, methods for preventing common attack vectors including best practices from a development, systems administration and even 3rd party plugin perspective. Since the rising popularity of “IP Reputation Intelligence” with Corporate networks and streaming services like Netflix, I thought it would be a […]

Blog Post Icon

04/13/2017

How to encrypt and execute your PHP code with MCRYPT or OPENSSL

Hello! While the scenario may not necessarily be common in which you would want to encrypt your PHP code and execute it, it is something that I would consider an interesting discussion nonetheless. I fully support free and open source software, however if you are developing an application that manages or monitors systems or services […]

At Shift8, we cater to all sorts of businesses in and around Toronto from small, medium, large and enterprise projects. We are comfortable adapting to your existing processes and try our best to compliment communication and collaboration to the point where every step of the way is as efficient as possible.

Our projects are typically broken into 5 or 6 key “milestones” which focus heavily on the design collaboration in the early stages. We mock-up any interactive or unique page within your new website so that you get a clear picture of exactly how your design vision will be translated into a functional website.

Using tools like Basecamp and Redpen, we try to make the process simple yet fun and effective. We will revise your vision as many times as necessary until you are 100% happy, before moving to the functional, content integration and development phases of the project.

For the projects that are more development heavy, we make sure a considerable amount of effort is spent in the preliminary stages of project planning. We strongly believe that full transparency with a project development plan ensures that expectations are met on both sides between us and the client. We want to ensure that the project is broken into intelligent phases with accurate budgetary and timeline breakdowns.

Approved design mock-ups get translated into a browse-ready project site where we revise again and again until you are satisfied. Client satisfaction is our lifeblood and main motivation. We aren’t happy until you are.

Need Web Design?

Fill out the form to get a free consultation.

shift8 web toronto – 416-479-0685
203A-116 geary ave. toronto, on M6H 4H1, Canada
© 2023. All Rights Reserved by Star Dot Hosting Inc.

contact us
phone: 416-479-0685
toll free: 1-866-932-9083 (press 1)
email: sales@shift8web.com

Shift8 Logo