Tag: security

Introducing the Strong Password Generator plugin for WordPress

Today I released the Strong Password Generator plugin for WordPress.

Last week I released a plugin called Expire Passwords which is meant to harden site security by requiring certain users to change their passwords on a regular basis.

The plugin got some early users straight away, one of whom suggested that it might also be nice to give users a way to generate a strong password, making it even easier to reset it when prompted.

What a great idea! So great, in fact, that I thought it could really be a standalone feature and plugin in it’s own right.

Read more →

Introducing the Expire Passwords plugin for WordPress

Today I released a new plugin for WordPress called Expire Passwords.

This latest product is a continuation on my streak of other plugin releases that also deal with the topic of user session security.

The idea here is pretty simple.

If you have registrations open on your WordPress site, chances are there is a decently-sized group of users that have simply gone MIA. They have accounts, and they might come back later, but you’re just not sure when that will be.

The fact of the matter is, the more active login accounts you have on your site, the more potential opportunities there are for break-ins. And once a hacker is authenticated inside WordPress with the right kind of capabilities, the more opportunities there are to do some real damage.

Read more →

How to connect Apple TV to a hotel Wi-Fi network

Whenever my wife and I take an extended vacation I always bring along our Apple TV.

At the end of a long day filled with adventure and fun it’s nice to just snuggle up together and watch your favorite show on Netflix or rent a new release comedy.

I’ve found that hotel television is still so primitive and annoying. The on-demand movie rentals are limited and very pricey, the regular programming is usually in standard definition, and you’re forced to channel surf without a guide. Ain’t nobody got time for that!

When I book a hotel I always make sure there is free Wi-Fi and that they say there are “flat screens” in every room, this tells me that there must be an HDMI input on it somewhere.

Ah, but my Apple TV doesn’t have a browser! So when the hotel Wi-Fi splash screen pops up asking for confirmation that I “Agree to their terms of use” or to enter some sort of special login, I can’t.

It seems we’re left with no choice but to do some friendly hacking to circumvent this annoying speed bump! :-)

Read more →

How to hide your WordPress version number…completely

Did you know that your WordPress version number is visible to everyone?

As Matt Mullenweg rightly pointed out several years ago, simply hiding your WordPress version number is not enough by itself to stay protected from potential threats (you should always be keeping your WordPress installation up-to-date).

But perhaps you have a client who has specifically requested its removal or maybe you just like keeping things on the safe side, either way there are a lot of tutorials out there on how to remove it from various areas but none that I’ve found showing how to remove it from every area at the same time.

The WordPress version number appears in three areas:

1. Generator Meta Tag in the Header

<meta name="generator" content="WordPress 3.3.2" />

2. Generator Tag in RSS Feeds

<generator>http://wordpress.org/?v=3.3.2</generator>

3. Query Strings on Scripts & Styles

If a script or style does not specify a version number when enqueued, the current version of WordPress is used.

foo.js?ver=3.3.2

One Block of Code to Rule Them All

Just enter this into your functions.php file and your WordPress version will be safely hidden from the public.

However, there is one small caveat to be aware of when using this method: This function will check to see if the ver query string matches the WordPress version number, so if the version of the enqueued script happens to be the exact same as the WordPress version then its version string will be removed as well.

This will occur rarely (if ever), especially when the current WordPress version is a point release, such as 3.3.2.

%d bloggers like this: