As you may have guessed from this site, I ❤️ LISTS. I pretty much have a list for anything WordPress-related: Here is another list that was once a draft page on this blog that I used to bookmark links to interesting blogs written by other WordPress enthusiasts and developers. The list is simply updated as … Read full article →
WordPress.com has a list of all the blocks that are available inside the Gutenberg editor, and for self-hosted WordPress websites you can run the following command in the browser console when using the editor to get a list of all available blocks. The output:
1. log in to the MySQL: mysql -u root -p; 2. Select the database: use database_name; 3. List all users: select * from wp_users\G 4. Change the password for the user you require: UPDATE wp_users SET user_pass=MD5(‘new_password_here’) where ID=user_id_here;
Cross-Site Request Forgery (CSRF) is an attack that forces logged-in users to submit a request to a WordPress website where they are currently authenticated. CSRF attacks exploit the trust a WordPress website has in an authenticated user. CSRF attacks are aimed at your WordPress website users to make them do various actions on your website: … Read full article →
To put a string before the price of WooCommerce product and cart pages, use the WooCommerce filters woocommerce_cart_item_price and woocommerce_get_price_html Add the following code to your active theme functions.php file. Make sure to change <span class=”price-prefix”>TEXT BEFORE THE PRICE</span> with your text or HTML code. NEXT: How to Add text after the price in WooCommerce
Add the following to your theme functions.php file: Source: WordPress搜索功能结果只有一个时直接跳转到结果文章页面
Security is a result of security “practices” rather than plugin “functionality”. No security plugin is perfect, but we make do, and that, like everything else in life, is what defines the outcome. Here’s a simple diagram of how an attacker tries to get inside your website. There are 4 levels that each request has to … Read full article →
SQL (Structured Query Language) is a language that allows code to interact with databases. Injecting SQL commands into a vulnerable user input section on your WordPress website such as a contact form or search box is considered an SQL Injection attack. Depending on the actual SQL command, this could purge the database, send the data … Read full article →
IDBTE4M BOT V87 is a PHP shell that has a rarely good mailer function which is hard to detect because it uses random [email protected] for sending SPAM: source code: when accessed publically the IDBTE4M BOT V87 shell gives a blank page, but with a POST request containing the random password, the shell looks like this: … Read full article →
2. You can harden your WordPress site security by adding______to your wp-config.php file? 3. In WordPress, what is the block editor used for? 4. Which WP_CLI command would you use to manage the capabilities of a user role? 5. On a regular WordPress install, what is the difference between transients and the object cache? 6. … Read full article →