64x64 icon dark hosting
Deploy New Relic now and get $135 off your Tuts+ subscription.
Advertisement

Security

  • Security
    Cross-Site Scripting in WordPress: Practical Tips for Securing Your SiteCross site scripting in wordpress what is xss
    27 shares
    In this series, we're taking a look at how to secure our WordPress projects from XSS - or cross-site scripting. In the first article in the series, we defined what cross-site scripting actually is, understanding how it works, and why it's dangerous. We also spent some time discussing how this impacts our day-to-day WordPress development efforts and what we can do about it. Although there are some functions that WordPress has available to help validate and sanitize data, there is more work that we can do in order to secure our projects. In this final article, we're going to take a look at some practical tips that we can follow and some tests that we can administer to secure our work against XSS attacks.Read More…
  • Security
    Cross-Site Scripting in WordPress: What Is XSS?Cross site scripting in wordpress what is xss
    8 shares
    One of the most exciting aspects of modern web development is the potential that comes with building applications specifically for web browsers (or to run "in the cloud.") Originally, Java was meant to be the "write-once, run-anywhere" solution, but it appears that the web has become the perfect medium for that. Who would've thought, right? But along with the various browsers that we have available, the technologies that we can leverage, and, quite simply, the neat things we can do, there's still a dark underbelly to web application development - cross-site scripting. And considering that WordPress is a web application on which many of us build for fun, profit, or to make a living, it's a topic that we shouldn't avoid especially if we want to have the most robust products possible. In this two part series, we're going to take a look at what cross-site scripting really is, its dangers, how it impacts WordPress development, and then practical steps that we can take for testing our themes and plugins.Read More…
  • Security
    WordPress Security Threats That You Should Look Out ForSecurity vault
    48 shares
    When running a website on WordPress, it is sensible for you to pay attention to security. There are constant threats to blogs and sites running on WordPress. Oftentimes, you will find out about a security breach after it has happened. The better option is preventing the threats from materializing than reacting later. Being proactive with WordPress security might be the best thing you ever did. Here are five WordPress security threats you should look out for and also how you can prevent them.Read More…
  • Security
    Imposing SSL and Other Tips for Impenetrable WP SecurityImposing ssl and other tips for impenetrable wp security b
    24 shares
    Internet security has always been as important as your personal security. If you are making money through your blog or website, the security of your website becomes as critical as securing your bank account. Luckily, WordPress strives to ensure better security with every new version. Besides, there are plenty of plug-ins you can use to fortify your website or blog’s security. However, not all users, including developers, are as security savvy as they can and should be. The most interesting part is that optimizing a WordPress blog/website for better security requires only small tweaks, most of which are previously covered in one of our posts. Today, we share a few more interesting and effective tips to help you secure your website/blog against information theft, breaches, intrusions and interception.Read More…
  • Security
    6 Easy and Efficient Ways to Combat Spam CommentsThumb.200
    18 shares
    One of the downsides of running a successful WordPress blog is that some people want to take advantage of your success by posting "spam comments" on your blog and trying to get more visitors. Sometimes they do it with robots, sometimes with home-made browser extensions, sometimes manually - just like a normal human being. Not cool. But thanks to WordPress' flexible architecture, there are numerous ways to prevent them. In this article, we'll go through 6 easy and efficient methods to have a spam-free WordPress blog.Read More…
  • Security
    Conquering the wp-config.php File - 11 Good PracticesThumb 200
    40 shares
    There are 981 files and 95 folders which come with the WordPress (v3.4.1) package. None of these files need manual modification, except the wp-config.php file. Of course, we don't have to edit the file if we're fine with the default WordPress configuration but it's essential that we learn how to conquer the file in order to apply security precautions, speed tricks and other stuff which we will be studying in this article.Read More…
  • Web Development
    Password-Protect Folders in Seconds With .htaccessPassword protect folders
    33 shares
    In this lesson, I'll demonstrate how easy it is to password protect folders with Apache. There will often be situations when you don't need to build a full authentication system from scratch.Read More…
  • Security
    Best Practices for Preventing BuddyPress Spam User RegistrationsBuddypress lockdown
    16 shares
    The BuddyPress plugin turns any WordPress installation into a rich social networking site complete with forums, friend requests, and ... countless numbers of fake bot users that will comment spam you to death unless you protect your site. Although you probably installed BuddyPress to allow more engagement and interaction among your visitors in the hopes of creating a thriving community, you will soon rue the day you installed it unless you take precautions to prevent fake users.Read More…
  • Plugins
    Building a WordPress Security Plugin: The BasicsSafe
    19 shares
    WordPress is open source, which means that everyone, including hackers with a malicious intent, can scour the source code looking for holes in its security. In this set of tutorials, we will be going through the process of creating a WordPress plugin to detect and fix any security flaws that may lie in your WordPress installation.Read More…
  • Security
    Secure Your WordPress Against User-Agents and BotsThumbnail
    20 shares
    Lately there have been a lot of WordPress sites compromised only due to the bots that roam the world wide web! There are a lot of plugins out there which can protect your WordPress baby by blocking these "roguish" bots! In this article you will be learning an easy and useful method of adeptly configuring your .htaccess file to filter these bots which can infect your website and can eat up your server resources. So get your .htaccess file ready for editing!Read More…
  • Scaling & Caching
    10 Quick Tips: Optimizing & Speeding Up Your WordPress SiteOptimize
    80 shares
    We recently looked at 11 Quick Tips for Securing Your WordPress Site, which included some easy, but essential tips for the security of your WordPress blog. Today, we'll be looking at how to optimize your site to run as fast as it possibly can. So, without further adieu, here are 10 quick tips for optimizing your WordPress site!Read More…
  • Security
    11 Quick Tips: Securing Your WordPress SiteSafe
    108 shares
    WordPress is the most used open-source platform nowadays for any type of websites: whether it is blog, CMS or any other custom solution. WordPress is naturally based on PHP (among other languages), so, as a PHP developer I always make sure to cover/apply some tips for WordPress to make secure and speedup the site which I develop. In this WordPress tutorial you will find tips and tricks for securing WordPress and otimizing your WordPress blog. Read More…
Advertisement
Suggested Tuts+ Course
PHP Security Pitfalls$15
Advertisement