Posted on 12-06-2008
Is your Wordpress blog hacked? Why not upgrade to the latest version?
Filed Under (MyTestBox News) by Mircea Goia

Wordpress logo

If you are running Wordpress blog software (and it’s not upgraded to the latest version) you might have been a target for hackers who are looking to take over blogs for search-engine optimization (SEO) of other sites they control, traffic-redirection and other bad purposes.

Most of the attacks consist in using SQL injection and XSS cross-site scripting and that is because the user input isn’t filtered properly by the software. Some of the attacks use bots which can create hundreds of spam pages on your blog automatically, place a backdoor (so the hacker can come back at later time) or steal users passwords.

Hackers are taking advantage of the open-source nature of the software to look and analyze the source code of a specific software they want to attack and test it for potential vulnerabilities. Then the developers and users have to detect, track down, and shut down the vulnerabilities in the code that those attackers are using.
The pattern seems to be the same: when a new hole is found, it’s broadly exploited, then developers rush out a patch and/or a new release. Most of the damage inflicted by the automated exploits can be reversed with an upgrade but in some cases you can be left with thousands of spam pages and images to clean up (and they are usually well hidden). If the attacked software is very popular (and that attracts hackers too) - like Wordpress - then thousands of installs can be compromised.

Chances are that a blog owner realizes late that his blog was hacked that why it is important to keep up with the latest upgrades and security patches from Wordpress.com and keep an eye on your blog: monitor the statistics, the blog usage, have frequent backups and track other security blogs for news about any security holes one of them is BlogSecurity.net.

Read the rest of this entry »


Sphere: Related Content

(1) Comment    Read More   
Posted on 08-05-2008
MyTestBox.com widget launches! Get our web software reviews on your website or blog!
Filed Under (Miscellaneous) by Mircea Goia

After a couple of weeks of development we launched MytestBox.com widget!

You can see it in action here www.mytestbox.com/get-widget . Now you can have our reviews on your site or blog, free without any registration required!

The websites or blogs where you will use our widget should be in the technology related field (download sites, software reviews sites, forums, gadgets, tech blogs, software tutorials sites, tech news, social media sites and so on). It should complement your website/blog by offering more value to your visitors.

Soon, we will offer news from the software industry and will have a widget for that too.

If you think you can contribute with reviews (and get paid eventually) please contact us using the Contact page. You can have a look at our review requirements here.

If you are a company and you want your web software to be reviewed please contact us too at the same Contact page.

In the future we want to compile a list of the websites/blogs which uses our widget and publish it here.

Those websites/blogs will get a free link (not nofollow) to them so it may help them in Google ranking.

 

——— For websites

As you will see the widget is highly configurable from a control panel (Widget Configuration) without reloading the page.

You can play as long as you want and when you are content with the result you can copy the Javascript code from below the configuration panel and paste it on your website (Copy and paste the following code in your page).

If you copy the Javascript code as it is without any configuration then the default widget will be presented. And you see already how it looks on Get our Widget page.

This Javascript code is designed to work for regular websites which are not blogs (usually blogs don’t allow Javascript code to be embedded in post or page. You have to hack the core pages of the blog or blog theme).

 

——- For WordPress blogging software platform

We have also developed a plugin for Wordpress blogging software platform. Checkout Wordpress here (it’s free to use) and our review about this blogging software platform (video-tutorials included)

It easy to install and use and you can download it from our widget page or download it directly from here. Download the Wordpress plugin now!

These are the steps to make this widget work (after un-zipping):

 

  • Copy the folder “mytestbox_widget” in your “wp-content/plugins/” directory (”mytestbox_widget” has two files: mytestbox_widget.php and conf.js (which is a Javascript file)
  • Activate the widget on your “Administration->Plugins” page
  • Go to “Options” page and click on “MytestBox.com Widget Configuration” and then configure the widget using the form provided there and then click “Update Options” (save it)
  • Go to “Presentation” page and then “Widgets” page (in the sub-menu under the Presentation) and drag AND drop the box named “MyTestBox.com Widget” to your sidebar
  • Save Changes and that’s it! You can see now the widget on your website. Enjoy!

    •  

    == Configuration of the widget ==
    Go to “Options” page and click on “MytestBox.com Widget Configuration” and then configure the widget using the form provided there and then click “Update Options” (save it).
    You can see the configuration in real time.
    For more instructions please read README.txt file included in the download.

     

    If you find this widget (and plugin) useful please help us make it popular! Send it to your friends or to people you think may benefit from it.

    You can also share this post using Share This feature we have at the bottom of it (Digg it, Stumble it, Bookmark it or send it by email).

    Thank you!


    Sphere: Related Content

    (3) Comments    Read More   
    Posted on 30-03-2008
    WordPress - the most used open source blog software
    Filed Under (Blog Systems) by Thursday Bram

    Wordpress blog software has its origin in Michel Valdrighi’s b2 software. In 2003 b2 became the genesis of WordPress www.wordpress.org, a fork project using the b2 source code, which simply had fallen behind web standards and on which no further development was planned. Matt Mullenweg and Mike Little, two bloggers, began developing WordPress and were soon joined by Valdrighi. It took a year, but WordPress’ versatility and open source nature, combined with a decision by the developers of Movable Type to radically raise prices for their software, led WordPress to be one of the frontrunners in blogging software.WordPress’ value lies in its easy customization. It seems like there is a plugin for everything: Akismet (akismet.com) catches spam, podPress (podpress.org) turns a WordPress installation into a podcasting platform, etc. And it only takes a little knowledge of PHP to write your own plugin. WordPress is routinely used as a content management system for websites not meant to act as blogs - it can be used to create a directory just as easily as it can be used to post updates to a blog.

    There are some video-tutorials for WordPress 2.3 and 2.5 at the end of the full article. Check them out!

    Just What WordPress Needs

    To run WordPress, all you need is a server that supports PHP and MySQL. While the WordPress developers recommend Apache or Litespeed web servers for users who plan to subject their WordPress installation to more than typical abuse, it’s not necessary. If you’re planning to install WordPress, you don’t even need the most recent versions of either PHP or MySQL: PHP 4.2 or greater and MySQL 4.0 or greater will work just fine.

    Getting WordPress Running

    For those individuals without much technical savvy, WordPress can be an ideal CMS for a single simple reason: one-click install. Many web hosts have begun offering accounts with what is essentially an automatic installation process: users simply select WordPress as their CMS of choice and the host takes care of setting it up.

    If you’re interested in handling the installation procedure yourself, it’s still not overly complicated - as long as you know a few basics about setting up a website: to start, download the installation package from WordPress (wordpress.org/download/) and unzip it. From there, you’ll need to create a database for WordPress on your web, along with a MySQL user with all privileges (for both accessing and modifying the database). Rename the file “wp-config-sample.php” to “wp-config.php” and open it in the text editor of your choice. Fill in your database details.

    Wordpress config

    At this point, you’ll need to decide if you’d rather have WordPress on the root of your domain or on a subdirectory. To integrate WordPress into the root, move all the files contained in your unzipped installation package (excluding the directory itself) into the root directory of your web server. If you’d rather have your WordPress installation on a subdirectory, move the entire directory into the root directory of your web server (including the directory itself). You can rename the directory if you wish.

    Read the rest of this entry »


    Sphere: Related Content

    (3) Comments    Read More