November Project – WordPress Security Plugin

Last month I mentioned that to help me develop further as a programmer and to be motivated that I would be working on a new project every month.

In October I decided to create a Crossword creation script that has now been completed (with some bugs still so still stuff to do). I have posted the outcome on a public BitBucket Repository. Feel free to download and play with the script. I have created some bugs and feature enhancement requests myself so there is stuff to work on.

Now for the plans for November. Continue reading “November Project – WordPress Security Plugin”

Interested In Security And Running WordPress?

WordPress is currently (and has been for a long time) 1 of the most popular tools for creating blogs and web sites on the internet. Due to the level of popularity that WordPress has gained it has been a target for hackers looking to deface the website, send spam or make the site a part of a bot net (and of course many other things).

The attackers use vulnerabilities that are found in the core code, plugins and yes even themes.

There are many plugins that try to help mitigate the risks but they are fighting a lost cause and really cannot combat all vulnerabilities. Continue reading “Interested In Security And Running WordPress?”

WordPress Full Path Disclosure issue.

PLEASE NOTE THIS FINALLY APPEARS TO HAVE BEEN FIXED UNCLEAR WHICH VERSION RESOLVED THE ISSUE.

I am quite interested in security so I recently installed BackTrack on 1 of my spare pc’s so that I could have a proper play about. 1 of the tools that I have played with is WPScan which is a tool for scanning wordpress blogs to try to find security holes.

Continue reading “WordPress Full Path Disclosure issue.”