Another Wordpress plugin bites the dust (thanks, Wordfence)

  • SpinRite v6.1 is Released!
    Guest:
    That's right. SpinRite v6.1 is finished and released. For the full story, please see this page in the "Pre-Release Announcements & Feedback" forum.
    /Steve.
  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Announcing “BootAble” – GRC's New Boot-Testing Freeware
    Please see the BootAble page at GRC for the whole story.
  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)


Lob

What could possibly go wrong?
Nov 7, 2020
161
44
It seems @Steve has another weekly report of Wordpress issues. This time, the finely-named HTTP headers to improve web site security has been pulled.

Temporarily but obviously serious enough to need the tug from the plugins library. I feel ashamed that I was using it to easily set HTTP headers :D

Wordfence (free) reported it to me and I thought I would share it here....I've been using Wordfence for a long time and it is a great addition if you (are lazy enough to) run Wordpress.

Critical Problems:
* The Plugin "HTTP headers to improve web site security" has been removed from wordpress.org.
 
When I initially started using WordPress, I experimented with a variety of plugins. With time and experience, I realized that the majority of them were superfluous - at least for my purposes. However, there were a few plugins that I utilized again in several projects. Prosvit.design or Advanced Custom Fields were my go-to tools. These are basic custom field additions to pages and posts - for example, you can include the publishing date, price, or any other information that site users will see in addition to the regular headlines and text. That it is important to utilize a plugin in order to understand how useful it is!
 
Last edited:
I've been using WordPress and WordFence for many years for a blog. I don't have any automation or ordering or interactive features. After @Steve 's various discussions, I want to revamp it and make it all completely static but haven't gotten around to it. I definitely like WordFence. They're great at doing the security research. It's a bummer that WordPress is attacked so much. I have minimal plugins but I do have a couple that disable all automation, including the REST API and something else I cannot remember at the moment. I don't want ANY automation or API's running that the bad guys can latch onto until I can totally staticify the site. Premium WordFence has some cool features including country blocking IP filters and advanced attack prevention. You also get instant upgrades for new malware definitions and real time IP blocking for IP's that are detected by their entire customer network as launching attacks. Unfortunately for private blogs with no source of revenue, the premium service costs $ 100 / year, a non trivial amount.

May your bits be stable and your interfaces be fast. :cool: Ron
 
I was running Wordpress for a while, but I made sure to use as little extras plugins as I could, and have auto update turned on.

I have since migrated off Wordpress, to plain old HTML and CSS hosted on GitHub pages for free.