WordPress is known for, that several constants lie dormant in the core and often provide quick solutions. In this context I have recently come across two little strings in the core of the backend...
https://wpengineer.com/2261/use-constants-for-deactivate-the-editor-in-wordpress-backend/
So you’ve created a user and added a strong password because you care for your blog’s security? Unfortunately you can’t be sure that the user will keep this strong password since he/she can...
https://wpengineer.com/2285/disable-password-fields-for-non-admins/
You don’t always want to login in WordPress – so I’ve turned off the login for my local development environment, since I don’t need it. So far I know two ways how to do this, which I want...
https://wpengineer.com/2064/stop-wordpress-from-ever-logging-out/
WordPress enjoys great popularity and draw more attention of people who want to gain unauthorized access. As with any open-source software developers and attackers alike can view the code. The ri...
https://wpengineer.com/1796/small-security-tipps-for-your-wordpress-install/
The WordPress database class is quite extensive and provides a range of methods to work effectively with the database and thereby use the WordPress standard. You can find the class in /wp-include...
In WordPress 2.8.5 the whitelist of allowed MIME types for downloads will be valid for administrators the first time. This is a step towards security and you can, with the help of a constant, upl...
WordPress 2.8 is going to be published soon, even though they do not have a date yet. Nevertheless, another small insight into a new feature. After a new installation of WordPress, you get inform...
An XSS scanner, simply be used as a bookmark – that is XSS Rays. The tool is an open source tool that was written in JavaScript and can find cross-browser XSS vulnerabilities. In the developmen...