W3 Total Cache is a very popular caching plugin for WordPress. However, it’s reported recently with a high-risk XSS security hole. It allows hackers to insert malware into the site. The worst thing is that the plugin developer seems to abandon the plugin already. The plugin status In the last six months, there is no update … Read more
A core plugin contains all custom functionalities serving for back-end operation. The front end display is remaining in the theme code. Recently, I have been working on some projects which the owners want to have some specific data. That requires me to use custom post types. So, how to implement it? Traditional method Usually, developers … Read more
Quick question: how to do child theme style file loading correctly? If you are searching on WordPress, you will mostly get answers of using wp_enqueue_scripts. If you need to load parent styles too, as I usually do, you will need to call wp_enqueue_style twice, once for parent and once for child theme styles. [div class=”notes”] Pay … Read more
Shortcode in WordPress gives both programmers and users flexibilities. Combining shortcodes and widgets, coders can have less code in their theme, plugin. Calling shortcodes with different parameters helps users using code easier. However, there are some issues that I have seen many people facing to. 1. Shortcodes by default do not run in text widgets. … Read more
We just finished upgrading PHP for a client from version 5.3 to 5.6. Even they had sent out notifications to their customers in advanced, multiple websites were not working after upgrading. The reason is that of outdated source code, which is incompatible with PHP version 5.6. There are reasons for PHP to change their core functions: … Read more
Back to April 2013, the latest WordPress major release was 3.5. When I checked the WordPress statistics, there were only 28.4% websites using WordPress 3.5. That meaned 72.6% websites contained WordPress security holes without patched, not counting to errors in themes and plugins. That was also equal to 46 million WordPress-websites in danger. I asked … Read more
At OsloNAP, we do web development. However, we are different. We believe that a website just likes your business, it is not finished after the first stage. As an entrepreneur, you have started your company and kept working and improving the business performance. You cannot predict what is happening in the future. The new business … Read more
Recently, a new vulnerability in glibc security has been published. Even it is happening in a system library, hacker can use end-user application to crack servers. There is a system library, named glibc, widely used in Linux distributions such as Redhat / CentOS, Debian, Ubuntu. Two functions, gethostbyname and gethostbyname2, in that library have vulnerabilities that … Read more