Silence is Golden Guard WordPress plugin

March 14th, 2010

Silence is Golden Guard

Silence is Golden Guard

Silence is golden guard WordPress plugin prevents your blog directories from listing if visitor types just directory name as the URL,
e.g. http://yourdomain/wp-content/plugins/
Did you see small 30 bytes only index.php files in the folders of WordPress installation? If you don’t know for what reason those files included into WordPress package please read this post “Silence is Golden”.
This plugin can scan your WordPress blog installation subdirectories for the presence of such dummy index.php files and create it if index.php file doesn’t exist in the directory. As the second line of defence against directory listing plugin can add special “-Indexes” option into Apache Web Server .htaccess file placed at the WordPress root directory.
Read the rest of this entry

Delete Default Post WordPress plugin or Where do We go

March 8th, 2010

Where do We go?

Where do We go?

Where do we go? It was the first question I asked myself when I discovered “Delete default post” WordPress plugin in the repository. Plugin makes exactly that is declared in its title – deletes the ‘Welcome to WordPress’ post and correspondent dummy “Hi, this is a comment” comment which every WordPress blog has just after fresh installation. The question is “What should the author of this plugin think about its potential users to propose them such functionality?”.
If user can install and activate plugin he/she definitely can to delete unneeded post or comment using WordPress built-in functionality. Post and comment has hint about such possibility too. If blogger can’t delete unneeded post or comment –
Read the rest of this entry

MyEasyBackup plugin security update

March 1st, 2010

WordPress plugin security fix

WordPress plugin security fix

I’m glad to inform you that the MyEasyBackup WordPress plugin security issue I reported yesterday for 0.0.2 version is fixed with 0.0.3 version. It is perfect. Wonderfully! Thanks to Ugo Grandolini aka “camaleo” for so fast reaction and reliable security update.

MyEasyBackup WordPress plugin is useful for those who wish to get blog backup copies on a regular base and doesn’t familiar with tar, gzip, mysqldump, linux shell, etc. or just doesn’t have SSH access to his/her blog. User friendly interface lets you make full blog backup really easy. So “MyEasyBackup” confirms its name by its functionality.

Read the rest of this entry

MyEasyBackup plugin breaks WordPress security

February 28th, 2010

WP breaked by plugin

WP breaked by plugin

MyEasyBackup WordPress plugin can make your life easier simplifying WordPress files and MySQL data backup operation. But be aware when installing its version 0.0.2 as this version simplifies the life to the intruders also. It is a new, just published plugin. WordPress.org Stats page shows 280 downloads already at the moment I write this post. This plugin can become popular. But plugin author Ugo Grandolini needs to make security fix to his code ASAP as plugin gives access to the critical blog data to any curious intruder. Do you wish to check it yourself?
Read the rest of this entry

Welcome to ShinePHP Forum

February 22nd, 2010

ShinePHP Forum

ShinePHP Forum

ShinePHP forum is installed. It is ready to accept new members. Registration procedure is very easy. Thanks to bbPress. Just register, get your password by email and make your posts in a minute.
You are Welcome! It doesn’t matter: have you some problem with your current Web development task, have you new idea about cool WordPress plugin, or you don’t know whom to ask to develop it. HTML, CSS, JavaScript, AJAX, PHP, MySQL, – if you have troubles with some tasks or wish to share your excellent knowledges – You Are Welcome! Become ShinePHP Forum member and
Read the rest of this entry

WordPress 2.9.2 Security Update Details

February 17th, 2010

WordPress 2.9.2 Security Update

WordPress 2.9.2 Security Update

February 15, 2010 WordPress.org announced WordPress 2.9.2 release. WordPress development blog says about fixing the “…problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2“. Upgrade procedure is simple as usual. You can use the upgrade link at the top of admin dashboard page to upgrade WordPress version automatically. Other way is to change all WordPress files manually. There are no any changes in the database structure comparing with 2.9.1 version, just a few changes in the PHP source code. Check the details below.
Read the rest of this entry

Platinum SEO 1.3.2. What is new?

February 16th, 2010

Platinum SEO 1.3.2. What's new?

Platinum SEO 1.3.2. What's new?

Platinum SEO WordPress plugin version 1.3.2 was published at 13 February, 2010. It is a good news. It has a full enough set of options. It works good and don’t bother me with bugs. It don’t ask donations insistently as some others plugins can do. I like this plugin. And I was glad to get something new from its author.
ChangeLog note at WordPress.org says about some compatibility with WordPress 2.9.1 fix. What was incompatible with WordPress 2.9.1? What was changed in this plugin version really? Do you need to make upgrade for this version? Interested? Proceed reading.
Read the rest of this entry