Tag: wordpress

Apr 25

WordPress Releases Security Update | US-CERT

WordPress Releases Security Update

Source: WordPress Releases Security Update | US-CERT

Oct 28

Sécuriser WordPress – Les utilisateurs – Korben

Sécuriser WordPress – Les utilisateurs – Korben.

Aug 11

Insecure WordPress blogs unwittingly host Blackhole malware attack | Naked Security

Insecure WordPress blogs unwittingly host Blackhole malware attack | Naked Security.

Feb 08

Sécurisation de l’identification wordpress par certificat SSL « Malangot

Sécurisation de l’identification wordpress par certificat SSL « Malangot.

Feb 06

WordPress Graphene Update and Blank Invalid RSS

Due to an update of our installed Graphene theme (by Syahir Hakim) for WordPress, our RSS feed became invalid.

The culprit line was the following:

<title>Quality and security of information systems &raquo; Quality and security of information systems</title>

Indeed, by using Feed validators (w3, feedvalidator.org and another feedvalidator.org) I detected that an “&raquo" (») was inserted in the feed’s title, which caused problems for certain feed reader (such as feedburner while google reader did not seem to care).

After research, you can find that this symbol is the default value inserted by the wp_title() function of wordpress.

Since graphene defines his own title function graphene_title( $title, $sep, $location ) (see wp-content/themes/graphene/includes/theme-head.php) using the same API than wordpress,

function graphene_title( $title, $sep, $location ){
global $graphene_settings;
$default_title = $title;

if ( is_front_page() ) {
if ( $graphene_settings[‘custom_site_title_frontpage’]) {
$title = $graphene_settings[‘custom_site_title_frontpage’];
$title = str_replace( ‘#site-name’, get_bloginfo( ‘name’ ), $title);
$title = str_replace( ‘#site-desc’, get_bloginfo( ‘description’ ), $title);
} else {
$title = get_bloginfo( ‘name’ ) . ”  &raquo;  ” . get_bloginfo( ‘description’ );
}

} else {
if ( $graphene_settings[‘custom_site_title_content’] ) {
$title = $graphene_settings[‘custom_site_title_content’];
$title = str_replace( ‘#site-name’, get_bloginfo( ‘name’ ), $title );
$title = str_replace( ‘#site-desc’, get_bloginfo( ‘description’ ), $title );
$title = str_replace( ‘#post-title’, $default_title, $title );
} else {
$title = $default_title . ”  &raquo;  ” . get_bloginfo( ‘name’ );
}
}

return $title;
}

the logical approach could be to search to where this function is called to change the value of the parameter “sep”. However, the parameter “sep” is never used in the function, instead the separator   &raquo;  is hardcoded.

The solution I chose to solve temporarely this problem, under the hypotesis that the author of graphene would correct this issue in the next version of the theme, was to replace the separator by “:”.

function graphene_title( $title, $sep, $location ){
global $graphene_settings;
$default_title = $title;

if ( is_front_page() ) {
if ( $graphene_settings[‘custom_site_title_frontpage’]) {
$title = $graphene_settings[‘custom_site_title_frontpage’];
$title = str_replace( ‘#site-name’, get_bloginfo( ‘name’ ), $title);
$title = str_replace( ‘#site-desc’, get_bloginfo( ‘description’ ), $title);
} else {
$title = get_bloginfo( ‘name’ ) . ” : ” . get_bloginfo( ‘description’ );
}

} else {
if ( $graphene_settings[‘custom_site_title_content’] ) {
$title = $graphene_settings[‘custom_site_title_content’];
$title = str_replace( ‘#site-name’, get_bloginfo( ‘name’ ), $title );
$title = str_replace( ‘#site-desc’, get_bloginfo( ‘description’ ), $title );
$title = str_replace( ‘#post-title’, $default_title, $title );
} else {
$title = $default_title . ” : ” . get_bloginfo( ‘name’ );
}
}

return $title;
}

Jan 04

Most Wi-Fi routers susceptible to hacking through security feature | Naked Security

Stefan Viehböck, an independent security researcher, published a paper on Boxing Day titled “Brute forcing Wi-Fi Protected Setup” to his WordPress blog disclosing a weakness in the configuration of most consumer/SoHo Wi-Fi routers.

via Most Wi-Fi routers susceptible to hacking through security feature | Naked Security.

Sep 06

Sécuriser WordPress | malekal’s site

Sécuriser WordPress | malekal’s site.

Aug 04

Faille critique dans un plug-in de WordPress

Faille critique dans un plug-in de WordPress.

Apr 14

WordPress piraté et pillé de bas en haut

WordPress piraté et pillé de bas en haut