First thing is: a good plugin should always remove its trace when uninstalled completely. Any changes, whether plugin install, enabling new feature etc. should not be done on live server. We developers always do tests on a local server. And a good one for anybody could be Local by Flywheel. If you are desperate to … Read more
Move wp-config.php to its new location somewhere above “public_html” and add a new “skeleton” wp-config.ph in the WordPress directory e.g. <?php include(‘/dir_above_public_html/priv-applecom/wp-config.php’); ?> The wp-config.php script is included by other WordPress files. So to include this from a non default location we can simply 1. move our “real” wp-config from the WordPress directory to where … Read more
No, you don’t have to escape the data. And it doesn’t need to be escaped. Please take a look at the_post_thumbnail() function, it didn’t do any escaping. So no worries.
Obviously that will not remove comment functionality, just will not display relevant comment related data on the front end.
Its definitely being hooked into wp_head(), probably with wp_enqueue_scripts(). To find the culprit: First, deactivate your theme, use a twentyx theme instead. Then refresh the front end and check the source code again. If it’s gone: its your theme. To find where its being called from in your theme, search your theme directory /socrates4/ for … Read more
Since the ‘timer’ has to execute on the client side, then you will need to find some JavaScript that will ‘run’ the timer and pop up the box. You can’t do this with PHP code (WP filters, hooks, themes, plugins), because PHP runs on the server, not the browser. Browser side stuff has to be … Read more
RSA is generally preferred (now that the patent issue is over with) because it can go up to 4096 bits, where DSA has to be exactly 1024 bits (in the opinion of ssh-keygen). 2048 bits is ssh-keygen‘s default length for RSA keys, and I don’t see any particular reason to use shorter ones. (The minimum … Read more
Unfortunately this in now a very common occurrence. It is an automated attack on SSH which is using ‘common’ usernames to try and break into your system. The message means exactly what it says, it does not mean that you have been hacked, just that someone tried.
Advantages of firewall: You can filter outbound traffic. Layer 7 firewalls (IPS) can protect against known application vulnerabilities. You can block a certain IP address range and/or port centrally rather than trying to ensure that there is no service listening on that port on each individual machine or denying access using TCP Wrappers. Firewalls can … Read more
WP-CLI is a command line interface to WP. So, it is used in a Unix shell environment. Plugins and themes are written in PHP (which itself also runs in a shell, usually Unix). So, to execute a WP-CLI command in a plugin you would have to pass it from PHP to the Unix shell. That … Read more