I’m developing a Custom Theme for a WordPress site and I want to use WordPress […]
Tag: security
Is it safe to assume that a nonce may be validated more than once?
From what I have gathered, once a nonce is generated it is valid for reuse […]
Why allow overriding crucial pluggable functions wp_verify_nonce and wp_create_nonce?
Among the functions in /wp-includes/pluggable.php are the functions wp_verify_nonce and wp_create_nonce. Both functions are very […]
Moving wp-config.php up 2 levels
Is it possible to change a setting so that wp-config.php could be moved up two […]
Allow Profile HTML for select users
I know there are a ton of post out there about how to allow html […]
Is it safe use wp_editor in public contact form
I’m going to make a contact form for my site, and i want to use […]
When to use esc_url, esc_html, esc_attr, and friends?
Discovered esc_url today while customizing an _s theme. I understand what the function does (sanitizes […]
How brute-forcer knows that the password is cracked for target username?
There are very many brute-force attacks (mostly for ‘admin’ username) on WordPress sites. All these […]
How can I prevent weak customer passwords in Woocommerce?
I enforce strong passwords across my WordPress sites using ithemes security; however one of my […]
Using esc_html with HTML purifier and CSSTidy: Overkill?
Currently my text area input (which accepts custom CSS input from a user) in the […]
No More Posts Available.
No more pages to load.