Using WordPress nonces

Nonces are an important security feature of WordPress. Whilst they’re not infallible, they should be used on all forms you submit in WordPress (backend, frontend, plugins etc.). The term ‘nonce’ stands for ‘number used once’. As it happens they’re often used more than once in WordPress but that doesn’t detract from they’re usefulness as a […]

EasyApache4 and CSF

If you upgrade from EasyApache 3 to EasyApache4 and you run CSF (ConfigServer Firewall), you’re going to need to make some changes to your CSF configuration because the Apache logs have been moved to a different directory. If you don’t make these changes, CSF will not be able to monitor your system effectively. As far […]

CSS border-box everywhere

I can only presume the folk who originally came up with the way CSS sizes its internal boxes were as mad as a box of frogs. Take, for example, this bit of code: .myblock { width: 200px; padding: 5px; border: 1px solid green; } If you said something was 200px wide and then added 5px […]

Chkrootkit output passwd infected

If you’re seeing output from your chkrootkit that says something like: Checking `passwd'… INFECTED And maybe (at the bottom): INFECTED (PORTS: 465) There’s a good change it’s a false positive but you need to check. The way to check is see if the md5sum of your current passwd file matches the one distributed by CPanel.

SSL for sites sharing an IP address: SNI+SSL

IPV4 addresses are in short supply and one of the most common reasons people need additional IP addresses is to supply SSL to a site. However, it is now possible to add SSL certificates to individual domains that share an IP address via Server Name Indication (SNI). Some things need to be in place to […]

Speed up WordPress by fixing the cron job

WordPress needs to run certain things on a regular basis. It needs to check whether scheduled posts should be submitted, plugins and themes need to be updated, emails need to be sent and such. To do this, WordPress has a wp-cron.php file. By default, this gets called every time someone accesses your site. I presume WordPress does it […]

Clear the DNS cache in OS X 10.11 El Capitan

OS X 10.11 El Capitan uses the same command as the previous version of OS X to clear the DNS cache. You need to open a Terminal window and enter: sudo killall -HUP mDNSResponder It will ask you for your password if you do not already have elevated privileges. If you’ve moved a site somewhere […]

Ad-blocking, ethics and the internet’s financial model

Back in September the BBC ran an article speculating that the rise in ad-blocking software may mean the death of the free internet. A few years ago they even asked if blocking adverts was ethical. These are interesting questions. A lot of websites rely on advertising income to keep them going. There are costs involved […]

Pretty, SEO-friendly URLs with .htaccess

It is often said that dynamic URLs – that is, URLs with a format like blog.php?id=1&title=hello – are at a disadvantage compared to static-looking URLs of the format blog/1/hello. There is much debate about this issue though and back in 2008 Google even recommended against rewriting URLs. Google said: Does that mean I should avoid rewriting dynamic URLs at all? […]

El Capitan and Exchange aliases solution

Further to my previous post, after a bit of playing around I’ve found a solution to the problem of using Exchange aliases in OS X Mail under OS X 10.11 El Capitan. It seems the accounts.plist file is now superfluous and the way to add an alias is as follows: 1. In OSX Mail, select Mail -> Preferences. […]