WP Engineer

Tag: security

  • Use Constants for deactivate the Editor in WordPress Backend

    WordPress is known for, that several constants lie dormant in the core and often provide quick solutions. In this context I have recently come across two little strings in the core of the backend editor of WordPress and in the core for updating the system as well. As far as I know, all constants mentioned…

  • Disable password fields for non-admins

    Disable password fields for non-admins

    So you’ve created a user and added a strong password because you care for your blog’s security? Unfortunately you can’t be sure that the user will keep this strong password since he/she can change it to a much weaker one on his profile page. This problem can be solved by adding a filter:

  • Stop WordPress From Ever Logging Out

    You don’t always want to login in WordPress – so I’ve turned off the login for my local development environment, since I don’t need it. So far I know two ways how to do this, which I want to introduce you briefly. Decide for yourself which is the right way for you if you don’t…

  • Small Security Tipps for your WordPress Install

    WordPress enjoys great popularity and draw more attention of people who want to gain unauthorized access. As with any open-source software developers and attackers alike can view the code. The risk of spam links, the destruction of the blog and other attacks is therefore very high. But this article shows the possibilities to secure WordPress…

  • WordPress Database Functions

    The WordPress database class is quite extensive and provides a range of methods to work effectively with the database and thereby use the WordPress standard. You can find the class in /wp-includes/wp-db.php where the individual methods are documented. I show the most important ones and give some small examples. It is important to work with…

  • Add File Types for Mediathek

    In WordPress 2.8.5 the whitelist of allowed MIME types for downloads will be valid for administrators the first time. This is a step towards security and you can, with the help of a constant, upload all data types. define ( ‘ALLOW_UNFILTERED_UPLOADS’, true); Who has implemented several projects already with WordPress probably had experienced that a…