Author Archive

wordpress plugins Wordpress plugins and server resources top view of a working desk with open blank 1170x420

WordPress plugins and server resources

One of most popular reasons causes your WordPress slow is using too much plugins. This is pretty obvious, because plugins have functions those need server resources to handled. That also means, the less plugins you use, the shorter time your website need to load.

 

But, sometimes you found that your site’s loading time is too long and you don’t use too much plugins. So, what is the problem? The fact is some plugins need too many server resources to execute its scripts. And if you do’t have enough powerful server, that

XML-RPC Disable XML-RPC to prevent your site from attacks short break 1170x420

Disable XML-RPC to prevent your site from attacks

I pretty sure that you all have seen the file name xmlrpc.php in the root folder of WordPress source pack. XML-RPC is a script that was set in active as default since WordPress version 3.5. It is a remote connection procedure of a Wodpress website that is using XML to transport data. And it now supports some CMS’s API like WordPress API, Blogger API, Movable API, Pingback API, MetaWeblog API,…

Normally, in WordPress, we use XML-RPC to post an article from another application like Window Live Writer, or any other service those connect

fix wordpress 404 error on nginx server Fix Wordpress 404 error on NGINX server concentrated man in glasses drawing blueprints 1170x420

Fix WordPress 404 error on NGINX server

Everybody know, Apache server is most popular server type because its simple and it was supported by a very motivate community. But, there is another web server type that has better efficiency and quite stable – NGINX. If you haven’t used this type before, you should give it a try and you will be amazed. If we run a WordPress site on NGINX, sometimes we can’t get rid of 404 error when we have selected Custom permalink option. Here is the method to fix WordPress 404 error on NGINX server.

0-day bug in WordPress 4.7.4 0-day bug in WordPress 4.7.4 & does it dangerous? oli dale 139169 1170x420

0-day bug in WordPress 4.7.4 & does it dangerous?

I bet you were announced about 0-day bug in WordPress 4.7.4 (CVE-2017-8295) – that may allow hacker take over administrator’s password – by reset admin’s password without email access permission.

For more details about this vulnerable, please visit here: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html

In this post, I will let you know how does it danger and are you in threat because of this vulnerable. Then you will know how to handle it…

======= 0-day bug in WordPress 4.7.4 ======= 0-day bug in WordPress 4.7.4 ======= 0-day bug in WordPress 4.7.4  =======

Attack method

Follow to the ExplotItBox, first, hacker will send a