Tag: wordpress security

03/10/2020

How to sanitize and reset all WordPress user accounts with linux shell scripting and wp-cli

Hello! There are several key best practices insofar as how to deal with security intrusions, including but not limited to restoring from backups on a clean server. In this article, I will be going over how to create an automated shell script that completes the following actions across multiple WordPress sites on your linux server […]

Automation Blog Customizing Wordpress Hardening Wordpress Security Shell scripting Wordpress Wordpress Administration Wordpress Automation Wordpress Bulk Editing

01/18/2019

How to block your WordPress site from being scanned by WPScan with Nginx

Hello! First and foremost, why would you want to block WPScan from probing your site? Well we all know that security through obscurity is a bad practice. That said the risks of malicious activity on your site is undoubtedly heightened through many points of information disclosure that is freely available to parse and organize to […]

Content Management Systems Content Manipulation Customizing Wordpress Devops Hardening Wordpress NGINX PHP php development PHP Security Python Automation

09/13/2018

How to protect WordPress media files and only allow the users who uploaded them to view

Hello! In the past we have written about how to protect your WordPress media files. In the past exercises we utilized a strategy to set a session cookie with encrypted details that can be read and validated at the http service (i.e. nginx) as well as application (php/wordpress) level. Since then we have refined this […]

Advanced Custom Fields Automation Content Manipulation Customizing Wordpress PHP php development PHP Security Security Wordpress Wordpress Administration

01/15/2018

WordPress Woocommerce plugin to disable payment methods based on zip or postal codes

Hello! Woocommerce is a great easy-to-implement and versatile e-commerce platform. With the robust development community, expanding the core functionality can be relatively straight forward with the availability of a wide assortment of 3rd party plugins for Woocommerce. One of the things that we felt was missing, but a simple requirement, was the ability to manipulate […]

AJAX Automation Content Management Systems Content Manipulation Customizing Wordpress Encryption PHP php development PHP Encryption PHP OpenSSL

05/13/2016

Protect and lock down your WordPress media files

Hello! Occasionally it was necessary for us to lock down some or all of the WordPress media library from public viewing, indexing. The reasons why this would be necessary can vary from sensitive information leakage to private user information protection (i.e. custom user media files uploaded on a per user account basis). Either way, there […]

PHP php development Security Web Development Wordpress Wordpress Cookies Wordpress custom functions Wordpress Development Wordpress Security Wordpress Theme Development

03/26/2015

Tips to secure your WordPress site

Security is a huge deal. Sometimes your at the mercy of the open source solution or content management system that you choose. There are occasions that even after ensuring your CMS and the subsidiary plugins are consistently up to date, you still fall mercy to a zero day exploit that circumvents the security of your […]

Content Management Systems PHP Security Web Development Wordpress