A random thought has hit me. Most people try to keep their MySQL user credentials secure. But why? If a server has been setup properly, it becomes a mute point. The idea occurred me when thinking about opening a sites source code up. If I opened the site up, I could give them access to …
Author: Jeremy
Applications hidden addons
Like all good conversations, this was brought up in IRC. http://www.theregister.co.uk/2010/06/11/microsoft_slips_firtefox_add_on_into_software_update/ Microsoft decided it would be a good idea to install a hidden addon to firefox installs for those who have some services installed. The major point being it is a hidden unknown addon that you can not remove yourself. How friendly is that? Google’s …
Moving home directory to a new drive
My current host has a unique feature in which it allows me to setup virtual machines easily. Since that is easily possible, I may want to someday switch to another operating system. So I wanted to split all my /home and configuration files out onto a separate drive. Which is entirely possible with my host. …
Protecting my wordpress folders
WordPress by default doesn’t protect its wp-includes and wp-content folders. While WordPress doesn’t do stupid things in most of these files, they still don’t do a simple defined check to ensure we came from an a privileged file. SMF does this and it prevents direct loading of any of the Source files. To get around …
Simple secure login for wordpress
This is a simple way to setup a secure login for WordPress. Simply editing “wp-login.php” and looking for: /** Make sure that the WordPress bootstrap has run before continuing. */ require( dirname(__FILE__) . ‘/wp-load.php’ ); Add after that: force_ssl_admin(true); Now when accessing login and registration pages, the browser redirects to the secure version. Edit, After …