Bullet proofing a server with 150 WP insallations
Bullet proofing a server with 150 WP insallations
security
Encrypt User last name in wordpress for security reasons
Encrypt User last name in wordpress for security reasons
WordPress EC2 Security Practices
WordPress EC2 Security Practices
User can see and enter the WordPress Admin without login
User can see and enter the WordPress Admin without login
Security headers disappear on WordPress pages
*The below only temporarily solves the issues. I ran into the missing header issues was a new cache file was generated. I use several of the plugins you mentioned and recently noticed the same issue which drove me crazy as I manually confirmed that all of the headers were present in the correct files. I … Read more
How to stop a nonce from being cached in an inline script, or alternatives to regenerate it if expired?
How to stop a nonce from being cached in an inline script, or alternatives to regenerate it if expired?
Secure way to add JS Script to WordPress filesystem
Thank you @Tom J Nowell letting me think about this. I had to think about it the last day, and this is the safe way to do this. function lwb_jquery() { $message=””; // Multisite Support if( is_multisite()) { $uri = get_stylesheet_directory() . ‘/sites/’ . get_current_blog_id(). ‘/assets/js/lwb-script.js’; $file_path=”[AKTIVES THEME]/sites/” . get_current_blog_id() . ‘/assets/js/lwb-script.js’; if( !file_exists( $uri … Read more
CF7 for radio buttons only, ok?
CF7 for radio buttons only, ok?
WordPress.Security.NonceVerification.Recommended
WordPress.Security.NonceVerification.Recommended
Can a user submit requests to wp-admin/admin.php without logging in?
No, this is a red herring that has nothing to do with the problem, likely from a misunderstanding of what WP user login sessions are tracking. The TLDR: It’s probably because they logged out. The problem is that the user that it was done under hasn’t been logged into in about a year according to … Read more