If you’re wanting to limit by a capability (built in or custom) you can use current_user_can() and pass the appropriate capability. if( current_user_can(‘manage_options’) ) { echo “Hi there user who can manage options’; } Keep in mind that the post or page content is one chunk and you would need to do something much more … Read more
To check for the CVE-2014-6271 vulnerability env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” it should NOT echo back the word vulnerable. To check for the CVE-2014-7169 vulnerability (warning: if yours fails it will make or overwrite a file called /tmp/echo that you can delete after, and need to delete … Read more
I have all of the scenarios setup in my environment. (openvpn site-site, road warriors; cisco ipsec site-site, remote users) By far the openvpn is faster. The openvpn software is less overhead on the remote users. The openvpn is/can be setup on port 80 with tcp so that it passes at places that have limited free … Read more
If you can’t modify anything on the server (site fully static) then there is no point in trying to break into it. In enterprise kind of setting you can achieve this by limiting login and restricting write permission to only people coming from the local network, but for most people this kind of setting is … Read more
The </head> tag is the giveaway; it should be in header.php.
If you care about security you should not install themes and plugins from the wordpress admin. Either install them by uploading via FTP or use WP-CLI for that. There is just no way to change file owners when the script is running in the context of the web server, therefor the only way to maintain … Read more
You should sanitize the request URI. I was able to bypass this by adding an additional slash to the URL. For example: wp-admin/widgets.php That request displays a blank page (as it should). wp-admin//widgets.php That request bypasses the restriction. It’s hard, bordering on impossible, to answer this question in the affirmative (ie “Yes, this works as … Read more
From quick look at the code the post data mostly goes straight into wp_insert_post(), which is a low level function and serves to just store whatever you give it. If you want to enforce the check you could make use of wp_import_post_data_raw filter and probably wp_kses_post().
Yes. If you use the generator to create the salts then add them to your wp-config.php file you can start reaping the benefits of much greater security. Any current sessions will be invalidated so you’ll have to log back in but otherwise there shouldn’t be any noticeable change. Automatic generation of random salts was added … Read more
I guess there is $_SERVER[‘HTTP_ORIGIN’] property which can be helpful for this point, or even HTTP_REFERER, hooking into the init hook to make sure nothing runs until this origin is allowed, something like: add_action(“init”, function() { global $pagenow; if ( “xmlrpc.php” !== $pagenow ) return; // xmlrpc.php only $domains = array( “example.com” ); // domains … Read more