wp Archives | DomainInvesting.com
Neustar Domain Names


Snoop Around and Access Someone’s WordPress Dashboard Panel


While doing some testing on one of my websites that uses Wordpress, I registered as a subscriber.   Later on, while still logged in as the subscriber, I typed in the URL that I would have used as the admin, forgetting that I wasn't logged in as the admin. Surprisingly, I was still taken to the back-end dashboard of the website, although I didn't have the same level of access or ability to make changes.

Although there isn't much (if anything) that can be done in the Dashboard as a subscriber, there is still a treasure trove of information that can be found. A subscriber can see the publisher's post count, comment count, spam count, recent incoming links, and possibly most importantly, the Wordpress version that is running on the website.

The reason it's important to shield others from seeing the Wordpress version you are running is because many WP updates have security components due to known exploits. If someone is behind on their upgrade, a hacker may be able to do something malicious with one of the known exploits. There → Read More

WordPress 2.9.1 Update Ready


As you may recall, I blogged about the problem I encountered when I updated my blog to Wordpress 2.9. In a nutshell, my posts were missing their schedule, which happened once before after a blog overhaul. I have since found a fix to the issue (well, my designer/programmer found it), but I am still cautious as a result.

I just noticed that Wordpress is urging people to update to WP 2.9.1 now with a notice at the top of the Admin dashboard. If you are thinking about making the upgrade, it's advisable to see what features were changed and to evaluate whether it's worth the bit of risk that could accompany any upgrade.

If you do decide to upgrade to 2.9.1, make sure you back your site up first before you push the button. Trust me, one small issue can cause hours of work for you or for your programmer. You were warned! → Read More

Protect Your WordPress Blog


I was viewing a friend's website on my Blackberry the other day, when I noticed a bunch of random unrelated links above his header. There were Viagra links, Honda links, Cialis links, Acai links...etc. You name the affiliate link, and it was probably there. When I visited his site on my laptop, those links were nowhere to be seen.

Several months ago, I had a similar problem, which my developer diagnosed as some sort of code injection. This was attributed to my not upgrading to the latest Wordpress version (currently 2.8.4). Basically when security flaws are found, Wordpress closes those holes in the next edition, and site owners need to upgrade ASAP. Because hackers and other malicious people can then learn what security flaws were found in the previous version, they can exploit those flaws in blogs and websites that aren't running on the most recent version.

In any case, it can be a bit tricky to remove the cause of the malicious links, but it's important to do so, otherwise your site is leaking "search engine link juice," and → Read More

WordPress Errors or Theme Errors?


I was having a few problems on the back-end of my blog for a couple of weeks. I assumed it was because I recently updated my blog to WP 2.8, and although I was kicking myself for upgrading, there wasn't much I could do. After a couple of weeks, I was faced with other random problems, and it began to get more than annoying.

After my designer was unable to access the admin panel of my blog, and I couldn't even access it unless I was on my personal laptop, I began to worry. What if my laptop suddenly lost access, too, and I was blocked from my own blog. Fortunately, that didn't happen, but I was lucky to have the help of Kevin Leto, who taught me a trick.

While I had assumed my problems stemmed from a faulty Wordpress upgrade, Kevin wasn't convinced. He had me go into the appearance section of the Wordpress dashboard and select the default theme temporarily. Once I did so, all of the problems disappeared, allowing him to determine that the fault was in my current theme coding rather than Wordpress.

Once Kevin isolated the → Read More