Category: Wordpress

Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. By using Clickjacking technique,…

WordPress has a security vulnerability exposing admin user name and private information that could be used for brute force attacks at login. Using REST API, we can see all the WordPress users/author with some of their information. Which can even be Personal information of employees/author. We have made a wordpress plugin to patch this vulnerablity…

At system level, the default fonts for wordpress are defined in theme.json file. You can speed up loading of site by just using these default fonts. I have extracted this code from twenty twenty four theme code definitions. Sans-Serif Serif

To make your wordpress fast, you can style custom bullets with unicode and just css. You dont need fontawesome or other icons. The simplest code to achieve it is using css marker. Note i have directly embedded the unicode list marker (+) replace with unicode char.

Below are some quick answers to login to your lightsail instance for first time lightsail users. Launch the commandline. Get your username Get your Password This will be your first command on the commandline. WordPress Location There is no file manager, phpmyadmin, email, cpanel etc comes with lightsail (unless you want to pay). Apache Error…

If you use cloudflare, probably you will only see SSL cert issued by cloudflare at your end signed by Google Trust LLC at your end. There is no way to see or check the original cert installed in your server. For example you want to see the expiry date or certificate issuing authority. I will…

Here is the function that removes empty &nbsb; paragraphs within the content. This will automatically remove all the empty lines before outputting content. You can place it in functions.php but remember when you update the theme, this function will be gone.

  Lately we have seen spam attack, injected into wordpress search pages causing google to index these pages, be sure add the the fix below. The fix works like you simply add the noindex to the wordpress results page. Vulnerability Although fixed by wordpress core, AISEO plugin is causing this. Spam The spam would like…

  It is super easy to setup google analytics on the AMP wordpress plugin. It is very important to remember that AMP pages cannot contain javascript code. Aim for speed. Install the AMP plugin Setup theme, page and logo Suppress all plugins for speed Install the analytics code You can install the code in your…