In previous post, I showed you how to possibly discover username on a WordPress site using WPScan. On a regular site without extra layer of security such as 2 factor authentication, username and password are all one needs to gain…
Is your WordPress site infected with malware? It can be extremely headache to deal with. Scanning and cleanup a hacked site isn’t a simple task. There are many things involved and many techniques required to get it done properly. But…
Can’t find a good title for this one. Here is the background. On a membership website, the membership feature was achieved by using Paid Membership Pro (PMP) plugin. An extra profile field was added using PMP Register Helper. Few months…
I backup database daily, and send multiple copies to different locations. One is my Amazon S3 bucket for backups. If backup task failed, a notification email will be sent to me. And I am getting notification email of this sort…
WPScan is a popular black box WordPress security scanner. For anyone who is serious about WordPress security but still stuck with a list of to-do tasks, it is highly recommended to check WPScan out, and learn how to implement it…
Plugins are ways to extend and add to the functionality that already exists in WordPress. We don’t have to be a dedicated plugin developer to write WordPress plugin. There are situation where we need to alter some existing functions, or…
When we start using Custom Post Type & Custom Field to enrich our WordPress website, to meet various real world situation, building relationship between different datasets becomes a common practice. A simple example, is project & client relationship. If we…
WordPress revisions system saves a record of each saved draft or published update. This feature is important to site owners, because it provides some sort of “backup” for the content in case you accidentally edit posts the wrong way. By default, WordPress…
I know the title sounds a little wired, here is the background story. WordPress has Revisions system stores a record of each saved draft or published update. It is enabled for Post & Page. But in Custom Post Type, Revisions…
Can’t think of a better title, here is the scenario: After creating a new account at hosting service provider, we are normally assigned a temporary URL before link this hosting account to domain of final production site, for example: http://hostingserver.com/~username.…