Friday, November 21, 2014

Protecting you WordPress blog after it been compromised

This post is related to the server side installation of WordPress, not the one hosted at WordPress.org 

Quite a few of us ran into situation when one day, after trying to reach your blog, you get a warning message about malware ahead. Let's say you put some major effort to clean entire blog (database), removed all injections that you could find, disabled all plugins that looked not very reliable and changed all password. Can you feel save at that moment? I would rather say "No!" because you can not guarantee that hacker didn't leave any hidden back door entry into your WordPress.

Most common way to enter your blog is through corrupted plugins or themes. To prevent them from doing any damage the best way to secure yourself is configure your WordPress to not allow any updates and disable that option only for the intended updates period. You can do it in wp-config.php file that is located in the root directory of your blog.

Go ahead and comment out this line:

define('WP_TEMP_DIR', ABSPATH . 'wp-content/'); 

 WordPress is using temporary directory to download any sort of updates. By commenting out this line you're leaving WordPress without a path to this directory, meaning that it won't perform any unintended updates from potentially dangerous theme or plugin automatically. I recommend to put a comment above this line so you don't forget what need to be un-commented  for the scheduled updates.

// UNCOMMENT LINE BELOW TO ENABLE UPDATES
//define('WP_TEMP_DIR', ABSPATH . 'wp-content/');

After doing that you can relax and research on which part of your WordPress could possibly cause a harm, and remove it to avoid future problems.

That's rather thin layer of defense considering that your blog can be harmed at the moment when you enable this path again to run scheduled updates; however it prevents your blog from being down/blocked for a long time without you noticing that, and helps hunting down the guilty plugin/theme by eliminating "time dimension" - you don't need to check the extended logs of updates and determine date when your blog been harmed.





Posted by at No comments:
Labels: , ,

Monday, October 13, 2014

Merging Skype Chat/Conversation History

Recently I ran into situation when needed to merge two Skype databases together. That can happen when, for example, you purchase new computer and after using it for a while realize that old Skype history is something that you're missing.

Of course Skype doesn't provide any tools to merge two databases; however I ran into great tool called Skyperious while researching.

It has both, 32 and 64 bits version and is promissed by developer to work under Windows XP+, OS X+, Android and iOS as well as on Linux (Ubuntu). Personally I tested it with Windows 7 Pro 64bit and it did a great job. Tool is also cross-platform as database file is the same type for all OS using Skype.

If you get an error message that you database file is read only - shut down your Skype and restart application. 
Posted by at No comments:
Labels: , , ,

Saturday, October 20, 2012

Most Popular E-mail Servers Settings for Outlook, Thunderbird, Mac Mail, etc...

Incoming Server Settings

Provider Incoming Srv Incoming Port Encryption
Gmail (IMAP) imap.gmail.com 993 SSL
Yahoo (POP3) pop.mail.yahoo.com 995 SSL
Hotmail (POP3) pop3.live.com 995 SSL
Mail.com (IMAP/POP3) n/a (simple setup) 143
110		 no SSL
GMX (IMAP/POP3) imap.gmx.com
pop.gmx.com		 143
110		 no SSL
Hashmail (IMAP/POP3) imap.hushmail.com
pop.hushmail.com		 993
995		 SSL
SSL
AIM (IMAP) imap.aim.com 143 no SSL
Zoho (POP3) pop.zoho.com 995 SSL
Gawab.com (IMAP) imap.gawab.com 993 SSL
Rogers (POP3) pop.broadband.rogers.com 110 no SSL
Sympatico/Bell (POP3) pophm.sympatico.ca 995 SSL
Mail.ru (IMAP/POP3) imap.mail.ru
pop.mail.ru		 993
995		 SSL
SSL
Rambler (IMAP/POP3) mail.rambler.ru 993
995		 SSL
SSL
Pochta.ru (POP3) pop.pochta.ru 143 no SSL


Outgoing Server Settings

Provider Outgoing Srv Outgoing Port Encryption SMTP Authentication
Gmail (IMAP) smtp.gmail.com 587 TLS Yes
Yahoo (POP3) smtp.mail.yahoo.com 465 SSL Yes
Hotmail (POP3) smtp.live.com 587 TLS Yes
Mail.com (IMAP/POP3) n/a (simple setup) 25 n/a No
GMX (IMAP/POP3) mail.gmx.com 25 or 587 no SSL Yes
Hashmail (IMAP/POP3) smtp.hushmail.com 25 TLS Yes
AIM (IMAP) smtp.aim.com 587 no SSL Yes
Zoho (POP3) smtp.zoho.com 465 SSL Yes
Gawab.com (IMAP) smtp.gawab.com 465 SSL Yes
Rogers (POP3) smtp.broadband.rogers.com 587 n/a Yes
Sympatico/Bell (POP3) smtphm.sympatico.ca 25 n/a Yes
Mail.ru (IMAP/POP3) smtp.mail.ru 465 SSL Yes
Rambler (IMAP/POP3) mail.rambler.ru 587 n/a Yes
Pochta.ru (POP3) smtp.pochta.ru 25 n/a Yes


Last updated October 20, 2012
Posted by at No comments:
Labels: ,

Friday, October 19, 2012

How to Create Favicon

Favicon is small image file that is being displayed in the left side of your address bar.



It also being displayed in: links bar, bookmarks and tabs.
If your internet resource (site, blog, etc...) doesn't have favicon - default browser icon will be used.

Most common file type that is being used for faveicon is .ico (which is windows extension used for the icons);
However other formats are supported too by most of the modern browsers.
You can use PNG, GIF, JPEG in all browsers except Internet Explorer and even animated GIF in all browsers except IE and Safari.

Most common size for favicon is 16x16 pixels, but it also can be used with dimensions 32x32, 48x48 and 64x64.

You can obtain the best quality of your favicon by following steps below.
  1. Create your square icon in Photoshop (you can use any other editor but for the best result I would prefer Photoshop). Dimensions will need to be 16x16 for options 3.2 and 3.3 and for 3.1 any square should be fine.
  2. If your icon is not a solid square, you will need to check for any kind of strange effects around it. You can check that by inserting black background layer behind the image. Scale down to 100% percent and make sure that you're happy with the result.
  3. Next you will need to save your image and here you will have few options. 
    1. Best option is: in Photoshop open File-Save for Web & Devices and save it as transparent PNG24 with name of the file favicon. If you pick any other format it may have a white border around image or be choppier than you expect. After you can use web service to convert your PNG image to .ico file with proper dimensions. You can do it by checking in the Google for favicon generator or simply following this link
    2. If you prefer to not use 3rd party tools you will need to get plugin for Photoshop as .ico is not one of the standard Photoshop formats. You can download free plugin here. To install plugin you will need to exit your Photoshop. Copy plugin file from downloaded archive (name will be ICOFormat64 or ICOFormat depends from version) and paste it into C:\Program Files\Adobe\Photoshop\Plug-Ins\File Formats. After re-opening Photoshop you will have option ICO (Windows Icon) (*.ICO) under File-Save As-Formats. Result will be okay but not the best (it looked choppier for me than with option 3.1)
    3. You can also use "cheating way" - save your file as PNG24 and than change extension manually from .png to .ico. Unfortunately, it didn't work well for me in all browsers. 
  4. You can put your favicon anywhere in your site, but it's a good practice to place it in the root directory of your website. You will need to reference it in the home page of your website (don't have to do it on every page). In the header section of the site put next line:
    <link rel="shortcut icon" href="http://yoursite.com/favicon.ico"/>. In general, as long as favicon is located in the root directory of the site it should be shown without any references, however it's a good practice to point to it, to avoid any anomalies. If you decided to put it in some other place (let's say for organizational purposes in the folder with other images) - make sure you provide a full path to it in <link rel> tag.

You can also create Icon for the Apple devices and some Android devices. Dimensions for the Icon will have to be 57x57 or for best quality 114x114. For the tablets basic size is 72x72 pixels.
To reference it in the smartphones version of the site use next link:
<link rel="apple-touch-icon" href="http://yoursite/image.png"/>
Note that it doesn't have to be in .ico format and can be actually placed in any accessible folder of your website.


In HTML5 you're able to use multiple icon sizes and formats, but I believe that any of the current versions of browsers are supporting size attribute (and I am 100% sure that it will not work with smartphones). Anyway, just for reference, syntax is like that:
<link rel="icon" href="http://yoursite/image.png" sizes="16x16 32x32 64x64" type="image/png"/>


You can still use it without sizes - browser should pick the actual size of the image.
Good thing about HTML5 is that you can reference different image formats to get the best quality icon for any version of the browser.

Posted by at 1 comment:
Labels: , ,
Subscribe to: Posts (Atom)