Select Page
WordPress Plugin To Stop Trackback Dos Attacks

WordPress Plugin To Stop Trackback Dos Attacks

Living in the internet era, you have to know all the things that could potentially make harm to your business, as the number of hackers has never been bigger than now. Hackers get hired by the competitors who want to disrupt their competition and take over the market and the hackers use various techniques to disrupt the targeted website. While WordPress is the most known platform for website development, there are useful plugins that can prevent these attacks, including DDOS attack. The DDOS attack is one of the most used techniques as it is relatively easy to create and deploy so a lot of people use this to destroy websites at least for a while.

What is DDOS attack ?

The DDos attacks are one of the oldest ways of disrupting the website and these had been present for more than two decades in the online world and the world of the Internet. The term means Distributed Denial Of Service and it is an attack method where an attacker sends a huge amount of traffic/requests (usually a programmed line of code) through different computers with the goal of disrupting the target so it eventually stops working and accepting the requests and users. It works by maxing out the network’s bandwidth which slows down the server’s response time and makes it useless eventually.

In order to DDOS attack becomes efficient, a hacker must build a botnet. The botnet is actually a network of computers with the real users who are not aware that their computers contain a program that serves as a weapon during the DDOS attack. The hackers use experience and knowledge to install these on computers without anyone noticing this activity. The very next time your PC becomes slow unusually, try to scan it with the updated antivirus program. If it is not working, delete the OS to make sure you eliminated the infected program.

WordFence is a must!

This security plugin can successfully protect your WordPress site as it monitors every request and user that visits the site. The embedded security script analyzes resources and monitors the resources allocated for the attack, as well as the time of requests. The complex procedural function compares all the data and determines if the DDOS attack has been performed. In case it is, it activates the security firewall and script that does not allow any further requests that are suspicious and marked as threat.

PAD – Protection Against DDos

This is not a standard plugin, but you must find it manually and install on your site. The plugin routinely inspects the memory and monitors if there is a bottleneck that is unusual or comes from the unusual source. Once it identifies that the DDOS attack has been performed, the plugin automatically terminates and blocks all the suspicious requests, so memory leakage would not appear and thus the website will not go offline. PAD is a cool plugin that is praised by many users so consider one having in your library as you never know when someone will shut down your website, at least for fun.

Here Is How You Can Prevent WordPress To Show Sub Categories

Here Is How You Can Prevent WordPress To Show Sub Categories

Using the WordPress platform, you must have had a situation where the WordPress does something that you do not like and you would like to prevent that. The problems may vary from loading the inappropriate homepage to the wrong redirection of URLs. One of the problems that might be bad for users, especially when it comes to staying within the good SEO limits, is showing the child categories or sub categories. While there are some plugins that eliminate this problem, the bigger problem is that it does not work every time. So, how can you solve this problem efficiently?

The problem of subcategories

Let’s say that you have a category “weather” and inside this, you have two subcategories: “world” and “the US”. When a user visits your site and presses on the “weather” category, he will see all posts from that category but will also see these two mentioned child categories. Now, this becomes irritating and sometimes bad for your SEO so you will probably want to eliminate this feature and allow only to see the main category.  Even Google can ban your site as it can think that you are duplicating the content by adding the same post in two different categories, so the experienced developers will want to get rid of this problem. Even if you are not that experienced, do not worry as you will be able to solve this problem easily.

Sub CategoriesDo not worry really, the solution is not far away and everyone who has at least a basic understanding of coding can perform this on his own and solve the problem.  Even if you do not have, just follow the instructions that are described below. So, how to solve this problem, you might ask? Should you use plugins? Yes, there are plugins that solve this, but very often they crash and the user still can see the child categories. To avoid plugins, you can use a simple hack that will solve this.

How to solve it without a plugin?

First of all – back up your archive.php and category.php before you do anything! You do not want to lose your posts and archive! Open archive.php and inspect the code. Try to find a line that is similar to this:

“<?php while (have_posts())” : the_post(); ?>”. Once you find this line, you need to add another line, AFTER THIS LINE. Now, add:

“<? if ((is_category()) &amp;&amp; in_category($wp_querry->get_queried_object_id())) {?>”.

The function of this line is to assess whether we see a category and that the post we are looking at is a righteous member of this category. Now, find the line:

“<?php endwhile; ?>” and add the following line before it:

“<?php } ?>”.

You have basically added this small modification that will prevent the WP to show subcategories, but only the parent category. It is required to have some posts in the “weather” category in order to function correctly. So, you did a small modification to your WP theme!

PHP Nonce Library

PHP Nonce Library

We’ve recently developed our own PHP NONCE library for use with custom programming. Our version is loosely based on the implementation found inside the core WordPress software. We would like to thank to the WordPress development team as we have used their software to develop our own library! Without their software, we would have to start from scratch!

What is a nonce?

Literally, the term refers to a number used once. In software development, it is often used as a security measure to ensure that certain links or forms are only available once, thereby preventing malicious attacks against the system.

Where would I use a nonce?

PHP-Nonce-LibraryAn NONCE offers an additional level of security where sensitive actions may take place within your application. Take the following line of code as an example:

<a href=”delete_post.php?post=003″>Delete Post</a>

This link was poorly thought out if the application has no other security measures in place. Anyone could begin deleting posts by simply pointing their browser at the above link and changing the post number.

Well designed applications would only make that link available if the user was logged into the system with appropriate permissions. Furthermore, the delete_post.php script would ideally check to see if the user was logged into the system and if the user had appropriate permissions to delete that post. Is this enough security though?

Here are just two scenarios that could circumvent the above security measures:

  • Depending on how the application’s user authentication works, it is certainly possible for a malicious user to spoof an authenticated user or to otherwise crack the authentication.
  • Additionally, if you are a legitimate admin of the above mentioned application it would be possible for me to trick you by sending you a link or to this script. Once you clicked it, the post would be deleted.

How an nonce prevents the above attacks

An NONCE is successful as an additional layer of security because it prevents actions initiated by links or REQUESTS from being used more than once. Every time a link or a form is printed on the screen, your NONCE functionality embeds a key / value pair to be sent to the receiving script. Every time that script is called, it checks for the key / value pair and then authenticates it on a pass / fail basis. If it passes, the action is performed, if it fails, the action is not performed.

The above link with an NONCE applied to it would resemble something like the following:

<a href=”delete_post.php?post=003&_nonce=9c5fbfabb1″>Delete Post</a>
The receiving script would then do the following:

  • Check to see if the user is logged in with appropriate permissions (standard security)
  • Check to make sure the NONCE key / value is set
  • Authenticate the received NONCE using a library of functions.

How does an nonce create and authenticate its key / value pairs?

The process of generating NONCE is a bit complex than usually. While there are no hard and fast rules for creating an NONCE, most libraries will include the following components when generating an NONCE:

  • A secret key or ‘salt’ stored only on the server
  • A user ID (optional – makes the NONCE only work with a specific user)
  • An action name: ie: ‘delete-post’
  • A timestamp (allowing the NONCE to expire if never used)
  • A database of used NONCEs (optional and not used in our library)

Using all of the above components, an NONCE may be generated like this: secret-salt + user ID + action-name + timestamp. All of this is thrown into a hash that the receiving script can unpack and authenticate (Most of the time, the timestamp will be modified before being included and hashed).

The receiving script doesn’t actually ‘unpack’ the received key, rather it recreates it and compares. For instance, the delete_post script would combine the secret salt (which it knows) , the current users’s ID , use the delete-post action name, and a timestamp (modified appropriately). If any one of those components are off, the NONCE value generated by the receiving script will not match the one sent by the initial script and the NONCE will fail to authenticate.

How to use our nonce library

  • Download the zip file and unpack
  • Include ft-nonce.php inside all your applications pages
  • Embed one of our two generating functions in your links or forms
  • Call the validating function at the top of your receiving scripts and do as you wish based on the validity of the NONCE.

If you need further example, you can check out the example here. The PHP file source file is included in the zip .

Feedback

We’ve only deployed this once and value your feedback. We will be more than happy to modify, enhance, and correct bugs as reported. Feel free to test our feature, implement it in your projects, but do not forget to inform us about the quality of it! Feel free also to send us suggestion! The more people use this feature, the more valued our work is and that is why we encourage people to use it and test as many times as possible!

How To Create A Password Protected Children Pages?

How To Create A Password Protected Children Pages?

Today’s technology has so evolved that our little children from early age know how to use the web and browse it. Sometimes, we just want to protect them from seeing inappropriate content that is not age-relevant, so we want to add the password to a certain page, especially if you own a website. In any way, a password protected page is something that you can create and eliminate the possibility for children to see something that is not appropriate for their age. How to do this in WordPress? Is it complicated or you can do it on your own?

WordPress allows you easy password set up

Hiding your content from a certain audience (children in this example) is a common task that administrators do. You can even lock the whole website that you cannot access to unless you have the right password. WordPress is the best online platform for creating your website and allows easy updating, managing and publishing of content. On top of that, you have useful commands like the password protection to ensure that only people you want access to your website or a post. Do follow the small tutorial below in order to set the password protection.

The very first thing you need to do is to log in to your website as the administrator so you could make changes and have permissions for such actions. Now, go to the page or post you want to protect and click on EDIT command. Once you slick, you will see in the upper left corner EDIT THE VISIBILITY and click on it. The next thing is to click on PASSWORD PROTECTED and type in the password you want. Make sure you use the combination of upper case, lower case, numbers and special characters in order to produce strong password. Once you type it in, click on OK, and click on UPDATE button in the lower right corner of the window. Now just publish the post/page, load it again and check if it asks for password to access it.

You can check all the pages and posts that do require a password to access them in the list of all pages and posts. Also, you have the ability to mark it as PRIVATE so no one could see it except the EDITOR and ADMINISTRATOR. Though this is not very useful for restricting the content, it may come useful when you want to publish a post or a page just to see how it looks like on your website.

Use strong passwords!

Kids often want to break the password and will try in many different ways to do this, so make sure you use very strong password that has a lot of characters. This will make it impossible to crack it as the combinations are endless and no CPU could calculate all the combinations for it. Always use upper case, lower case, numbers and special characters to increase the strength of your password.

 

What Are The 10 Outrageous Things People Sell On Craigslist Tampa?

What Are The 10 Outrageous Things People Sell On Craigslist Tampa?

Picture Of What Are The 10 Outrageous Things People Sell On Craigslist TampaTampa craigslist is an online advertisement company. The platform is designed to promote your advert all over the world for free. This website is where people come to sell their old stuff and also buy new ones. Statistics have it that there are over 60 million subscribers, and over 80 million ads are posted every month.

Among these ads, you would expect to see some OUTRAGEOUS items listed for sale. We made the research and found some. Here are 10 of the OUTRAGEOUS Things People sell on Craigslist Tampa:

What Are The 10 OUTRAGEOUS Things People sell on Craigslist Tampa? You will see, weapons, ammunition, sex trafficking, pornography, body parts, medical devices, hazardous materials, alcohol or tobacco, pet sales, and several other items.

The majority of these items are prohibited on craigslist. However, because there are many ads coming up per time, these things find their way on the platform. This is why there are systems designed to help curb the sustenance of such an ad.

10 OUTRAGEOUS Things People sell on Craigslist Tampa

  1. Weapons:

    firearms such as a gun and its components are prohibited to be sold on. This means they will either not pass through the confirmation period. However, if they do, there is a high probability of it getting flagged down. Other prohibited weapon include; BB/pallet, Spear guns, and stun, etc,

  2. Ammunition:

    Ammunition is also prohibited from sales on craigslist. A gun and its bullet is a perfect example of the union between weapon and ammunition. The gun is a weapon while its bullet is the ammunition. Other examples include; cartridges, gunpowder, explosives, etc.

  3. Sex trafficking:

    trafficking humans for sex and its kind is a degradation of human life. It is illegal to do this in several countries of the world. Craigslist is not exempting itself from banning the act.

  4. Pornography:

    there are several opinions on the acceptance or rejection of pornography. Several countries legally frown at the act while some consider it human rights issues. However, craigslist been an internet-based platform is leaving its credibility to no chance. It is, therefore, prohibited to offer pornographic services or its substance on craigslist.

  5. Body parts:

    people try to sell different body parts in exchange for money. Examples of body parts up for sales include; arm, kidney. Liver, sperm, etc. Isn’t it outrageous to find that people try to sell these things that require medical supervision in order to ensure a successful exchange? Craigslist actually thinks so. The sale of such is, therefore, prohibited.

  6. Medical devices:

    certain medical devices are prohibited for sales on craigslist. Some of these medical devices are products that require the prescription of medical personnel or the supervision and direction before such a product is used use.

  7. Hazardous materials:

    Hazardous substances are usually labeled with tags like; WARNING, CAUTION, POISONOUS, TOXIC, FLAMMABLE, REACTIVE, CORROSIVE, etc. These substances are usually regulated because of how dangerous it is to use them in an uncontrolled or uneducated manner. They, therefore, are not sold generally to anyone and everyone. Having possession of any hazardous substance and trying to sell them to the public is generally prohibited. Craigslist is not an exception in this.

  8. Alcohol or tobacco:

    in several places, you need a license to sell alcohol and its related substance. There are laws surrounding the manufacture, use, being under the influence of, and the sales of alcohol substance. Craigslist takes up this law as well as one of the terms of use, prohibiting the sales of alcohol and its related substance.

  9. Pet sales:

    it was reported how criminals steal pets and then come over to craigslist to sell them. This and other reasons contribute to why it is prohibited, according to the term of use, to sell pets on craigslist.

  10. Stolen property:

    properties whose serial number has been removed or it has been changed are assumed to be stolen. The sales of this type of property are prohibited

How Craigslist Prevent Posting Of OUTRAGEOUS Things

Because the platform is user self-published, it might be difficult to totally control the posting of outrageous things. However, efforts are made to control the flooding of such which include the following:

Clearly defined Term of Use:

The management of Craigslist has constructed an easy-to-understand term of use. Carefully stating out items that are not to be posted as ads on the platform.

Confirmation Period:

Ads usually do not appear immediately they are sent by users. The period between when the user sent the ad and when it was published, is the confirmation period. This is when the ad will be verified to confirm if it complies with the terms of use. However, the number of staff Craigslist has does not correspond with the number of ads that flow in on a monthly basis. This isn’t a big deal as there are other systems to make up for this weakness.

Prohibition Alert:

This is done by the users of Craigslist. Once you, as a user, spot any ad that prohibits the terms of use of Craigslist, you indicate such ad using the space provided.

Flagging:

This is the system designed to make users indicate the violation of terms of use. Once an ad is flagged a couple of times, the system is designed with an algorithm that automatically brings down the ad.

Check out News Zii to get tips on finding the best Psychic online.

What If My Ad Isn’t Prohibited But It Was Deleted?

Picture Of What Are The 10 Outrageous Things People Sell On Craigslist TampaIn a situation like this, your ad is most probably flagged by users, flagged enough to make the system algorithm delete it automatically.

What you do in such a case is to write or call customer service. Let them know your ad doesn’t go against the terms of use in any way and that it was removed unjustly.

You need to be sure your ad isn’t going against the rules. Go through the terms of use and look at the list of prohibited ads before you make claims.

If you are certain about your claims, you can then go ahead and write or call customer care.

Management will take a careful look at your claim and decide if it is valid. If it is, then, your ad will be restored and you might as well be compensated.

How can I avoid flagging on Craigslist?

Sometimes, your competitors try to flag your post so as to prevent you from scaling ahead of them. Pay no attention to them.

Trying to avoid flagging requires that you pay attention to some few things. That your post isn’t outrageous, is not enough reason to keep your ad afloat. The ad could get flagged down if you seem insensitive and unappealing to the community of viewers.

The major way to avoid getting flagged out is to focus on increasing your viewer’s rate over the flag rate. This is based on how Craigslist flagging system works.

Your focus, therefore, must be on constructing your post in a way that will satisfy Craigslist as well as the community of users and viewers.