Posts Tagged ‘wordpress’

I recently picked up a customer with Divi WordPress Theme. I have helped them installed a new plugin however the h2 color wasn’t showing the right color defined in the plugin 

Looking at the compute of the CSS this line was causing it 

color: #5a5f72!important;

!important overules all other settings!

Turns out this was defined in the text widget of Divi that just needed changing

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

xmlrpc.php

Recently in the server logs I saw lots of attempts to /xmlrpc.php

/xmlrpc.php is the file used for Pingbacks, so if someone links to my blog , they can add my blog article and WordPress will check in then create a link to the users site. This actually opens up wordpress sites to be used for DOS’ people

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/wordpress-xml-rpc-pingback-vulnerability-analysis/

 

You can disable access to this file via updating .htaccess

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Issue Description 1

In default WordPress installation there are several methods to enumerate authors username. These Word Press users can then be used in brute­
force attacks against Word Press login page to guess passwords.

Solution 1

Block requests to sensitive user information at the server using .htaccess file or WAF for example. You should block or redirect all requests made to
‘twp-json/wp/v2/users/’ and to ‘author’ parameter (via GET and POST requests).

Install WordPress Plugin “Disable REST API” and disable twp-json/wp/v2/users/https://codex.wordpress.org/htaccess
http://cwe.mitre.org/data/defin1tions/200.html

Issue Description 2

A public facing Word Press XML-RPC interface has been detected.
An attacker may be able to launch attacks against the web server Via XML-RPC including:
– Login into Word Press backend Administrative interface
– Brute force user credentials
– Use pingbacks (for scanning or fingerprinting for example)

Solution 2

BLock requests to sensitive user information at the server using .htaccess file or WAF for example. You should block or redirect all requests made to
‘xmlrpc.php’ (via GET and POST requests).

Install WordPress Plugin “Disable XML-RPC”

https://codex.wordpress.org/htaccess
https://codex.wordpress.org/XML-RPC_Support

Issue Description 3

According to its self-reported version number, jQuery is prior to 3.4.0. Therefore, it may be affected by a prototype pollution vulnerability due to
‘extend’ function that can be tricked into modifying the prototype of ‘Object’. Note that the scanner has not tested for these issues but has instead
relied only on the application’s self-reported version number.

Solution 3

Upgrade to jQuery version 3.4.0 or later.

Install WordPress Plugin “jQuery Updater”

https://snyk.io/vuln/SNYK-JS-JQUERY-174006
https://snyk.io/blog/after-three-years-of-silence-a-new-jquery-prototype-pollution-vulnerability-emerges-once-again/
https://github.com/jquery/jquery/pull/4333

Issue Description 4

According to its self-reported version number, jQuery is at least 1.4.0 and prior to 1.12.0 or at least 1.12.4 and prior to 3.0.0-beta1. Therefore, it may
be affected by a cross-site scripting vulnerability due to cross-domain ajax request performed without the data Type.
Note that the scanner has not tested for these issues but has instead relied on y on the application’s self-reported version number.

Solution 4

Upgrade to jQuery version 3.0.0 or later.

Install WordPress Plugin “jQuery Updater”

https://github.com/jquery/jquery/issues/2432
https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1 eac4d0b42837804cfffcba4bb2

Issue Description 5

The HTIP protocol by itself is clear text, meaning that any data that is transmitted via HTIP can be captured and the contents viewed. To keep data
private and prevent it from being intercepted, HTIP is often tunnelled through either Secure Sockets Layer (SSL) or Transport Layer Security (TLS).
When either of these encryption standards are used, it is referred to as HTIPS.
HTIP Strict Transport Security (HSTS) is an optional response header that can be configured on the server to instruct the browser to only
communicate via HTIPS. This will be enforced by the browser even if the user requests a HTIP resource on the same server.
Cyber-criminals will often attempt to compromise sensitive information passed from the client to the server using HTIP. This can be conducted via
various Man-in-The-Middle (MiTM) attacks or through network packet captures.
Scanner discovered that the affected application is using HTIPS however does not use the HSTS header.

Solution 5

Depending on the framework being used the implementation methods will vary. however it is advised that the • Strict-Transport-Security’ header be
configured on the server.
One of the options for th s header is ‘rnax-age ‘. which is a representation (in milliseconds) determining the time in which the client’s browser will
adhere to the header policy.
Depending on the environment and the application this time period could be from as low as minutes to as long as days.


Add below to your functions.php

// HSTS Headers
add_action( 'send_headers', 'mo_strict_transport_security' );
function mo_strict_transport_security() {
header( 'Strict-Transport-Security: max-age=15552001; includeSubDomains; preload' );
}

https://tools.ietf.org/html/rfc6797
https:/lwww.owasp.org/index.php/HTIP _Strict_Transport_Security_Cheat_Sheet
https:/lwww.chromium.org/hsts
https://hstspreload.org/
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently installing the Jetpack Plugin on a website for its many benefits, and trying to enable any of the site fucntions brought up an error

Error updating settings. Api404Error

This plugin actually relies on WordPress JSON Query which can be found in the ‘dir’ /wp-json/ e.g. http://www.pariswells.com/blog/wp-json/

For the effected website this was not found ( 404) , this website was actually copied from another site so the .htaccess was mis copied.

Recreatiing the Permalinks for the site found under Settings ( Just set to something else and save , then change it back recreates this )

This resolved the issue

VN:F [1.9.22_1171]
Rating: 10.0/10 (2 votes cast)
VN:F [1.9.22_1171]
Rating: +1 (from 1 vote)

The Fucntion for this is :  http://codex.wordpress.org/Function_Reference/comment_reply_link

Howvever you can disable discussions in Comments via :

Enable nested comments in Admin > Settings > Discussion:

Enable threaded (nested) comments levels deep

 

Can also be personalised via 

Personalizing the WordPress Comment Reply Link

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Debian

sudo rm -f /etc/ssh/sshd_not_to_be_run
sudo systemctl enable ssh
sudo systemctl start ssh

Ubuntu

sudo mv /etc/init/ssh.conf.back /etc/init/ssh.conf
sudo start ssh

Setting the IP

sudo ifconfig eth0 192.168.1.234 netmask 255.255.255.0 up 

Check DiskSpace

Disk Space : df -h

Restart Services

“/opt/bitnami/ctlscript.sh” or “/etc/init.d/bitnami”

MySQL Logs

/opt/bitnami/mysql/data/mysqld.log

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Add the Following Code to your Functions.php theme file ( under Appearance ) 

/*
 * Split Description\TagLine
 */
    function get_split_description() {
        $title = get_bloginfo( 'description', 'display' );;
        $lines = explode(' &#8211; ', $title);
        $output = false;
        $count = 0;
 
        foreach( $lines as $line ) {
            $count++;
            $output .= '<span class="line-'.$count.'">'.$line.'</span><br> ';
        }
 
        return $output;
    }

 

 

Change in your header.php file to use the following :

<p class="site-description"><?php echo get_split_description(); ?></p>
					<?php endif; ?

 

 

Then change your Tagline to line 1 – line 2 ( with a slash and space in between ) 

VN:F [1.9.22_1171]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently upgrading a customer wordpress plugins I got greated with a

Call to undefined function doing_action()

When trying to login to the admin section , this was on Line 616 in file /google-analytics-for-wordpress/admin/class-admin.php

Comment this line out ( change to

//return doing_action( 'yst_ga_aggregate_data' ) && defined( 'DOING_CRON' ) && DOING_CRON;

Which will let you login to wordpress , update the wordpress version , and re-uncomment the line and save

return doing_action( 'yst_ga_aggregate_data' ) && defined( 'DOING_CRON' ) && DOING_CRON;
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)