Security Archives • Eric Shefferman (DOT) Com

Converting this WordPress site from http: to https: – Part 2

November 5, 2018November 4, 2018 by Eric

One of the things that kept me from the change to SSL was that my hosting company, Pair.com, did not have any nice (convenient) way to use the free Let’s Encrypt SLL certificates.

Pair now offers an easy one click interface to set up SSL and they automatically renew the certificates, so there’s really no excuse to not do it.

What does the interface look like? You go to the Manage Your SSL page and look for the button next to your domain name that says:

Click the Let’s Encrypt button and you’re good to go!

After a few minutes (so that you think the computer was doing some really difficult task) it’ll present you with your domain name with a super-intelligent shade of green lock next to it. All done with the easy part!

Now for the less easy part…

FREE Website Uptime Monitoring

February 19, 2013 by Eric

There is a LOT that can be done with free online services — sometimes things that probably go way beyond what the service creators envisioned.

You can’t go out this Friday night, it’s time to update WordPress to Version 3.4.2

September 7, 2012 by Eric

Holy mother of toad! Again! WordPress just loves to release those late in the week security updates. We already know how hackers work — they do a file compare of the old WordPress version to the new one, the write some code to exploit the vulnerability, and then they set the code loose on whatever … Read more

Why I hate WordPress – Part 9,347

June 23, 2011 by Eric

Seriously, https://wordpress.org/news/2011/06/passwords-reset/ And to crap on top of it, I actually do have W3 Total Cache installed and did update it just the other day. However, it only updated “because it’s there” — I don’t actually use it. I just never happened to delete it after I deactivated it. I guess I was hoping I’d … Read more

WordPress – Be Ready To Be Hacked Again

December 29, 2010December 29, 2010 by Eric

Ahh… the dreaded

3.0.4 Important Security Update

…a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”

Yeah. What that says to me is, “A hacker has already looked at the vulnerabilities in 3.0.3 and written a script to exploit it and deployed it on the websites he/she has already hacked so that it can go out and get access to even more web servers by simply crawling the web looking for WordPress installations that haven’t been updated yet.”

Getting WordPress Multisite to Work Part 4

September 12, 2012May 21, 2010 by Eric

New way to tackle this… Last night I tried to install WordPress MU instead of WordPress 3 Beta.

After all, I don’t particularly care about the exciting new features — I just want to run multiple domain names off a single WordPress install so I only have to keep one WordPress install updated and secure instead of 10 or 20 or 50.

For all the stuff I’ve seen about installing MU, I thought it was going to be difficult. It wasn’t, but…

Getting WordPress Multisite to Work Part 3

September 12, 2012May 20, 2010 by Eric

Today I’m going to make a fresh start and try to document it. Maybe it will even work.

My domain for installing WordPress 3 Beta will be https://earthmustdie.com/

So I created a database, uploaded the files and created my WordPress site. That was easy. Now…

Via Email Updates
Name:
Email: