BLOG ARCHIVES

  • HOW TO DISABLE DIRECTORY BROWSING IN WORDPRESS

    AUTHOR: // CATEGORY: Development, Wordpress

    No Comments

    By default when your web server does not find an index file (i.e. a file like index.php or index.html), it automatically displays an index page showing the contents of the directory. This could make your site vulnerable to hack attacks by revealing important information needed to exploit a vulnerability in a WordPress plugin, theme, or your server in general. In this article, we will show you how to disable directory browsing in WordPress.

    An example of directory index browsing in WordPress

    Why You Need to Disable Directory Browsing in WordPress

    Directory browsing can be used by hackers to find out if you have any files with known vulnerabilities, so they can take advantage of these files to gain access. For the comprehensive security of our sites, we use Sucuri for WordPress security. They have a simple dashboard which allows us to do this and perform many other WordPress security strengthening steps with in few clicks.

    Directory browsing can also be used by other people to look into your files, copy images, find out your directory structure, and other information. This is why it is highly recommended that you turn off directory indexing and browsing.

    Video Tutorial

    If you don’t like the video or need more instructions, then continue reading.

    To disable directory browsing in WordPress all you need to do is add a single line of code in your WordPress site’s .htaccess file located in the root directory of your website. To edit the .htaccess file you need to connect to your website using an FTP client.

    Once connected to your website, you will find a .htaccess file in your site’s root directory. .htaccess is a hidden file, and if you can not find it on your server, you need to make sure that you have enabled your FTP client to show hidden files.

    You can edit your .htaccess file by downloading it to your desktop and opening it in a text editor like Notepad. Now at the end of your WordPress generated code in the .htaccess file simply add this line at the bottom:

    1 Options -Indexes

    Now save your .htaccess file and upload it back to your server using your FTP client. That’s all you need to do. Directory browsing is now disabled on your WordPress site and people trying to locate a directory index on your website will be redirected to WordPress 404 page.

    Credits:
    http://www.wpbeginner.com/wp-tutorials/disable-directory-browsing-wordpress/

  • HOW TO FORCE DOWNLOAD FILES

    AUTHOR: // CATEGORY: Development, Wordpress

    No Comments

    How to Force Download of Mp3 Files Instead of Streaming

    For example, you’re running a mp3 site on wordpress and hosting audio files on your own server. By default when an user click on a mp3 file link, it automatically play the audio instead of downloading. This could make your site user annoying as he have to right click on the file and choose Save As to download it. In this article, we will show you how to Force Download of Mp3 files instead of Streaming without plugins.

    You can disable this streaming feature in WordPress by add some lines of code in your WordPress site’s .htaccess file located in the root directory of your wordpress install. To edit the .htaccess file you need to login into your hosting and navigate to File Manager.

    Once navigated to your file manager, you will find a .htaccess file in your site’s root directory. .htaccess is a hidden file by default, so if you can’t find it on your server, you need to make sure that you have enabled your file manager to show hidden files.

    You can edit your .htaccess file by downloading it to your pc or code edit feature on your server. After open it at the end of your WordPress generated code in the .htaccess file simply add these lines at the bottom as shown in the image below:

    force download mp3 instead of play wordpress

    You can change or add any other file type based on your need (example: pdf, mp4, doc)

    Now save your .htaccess file. That’s all you need to do. Streaming feature is now disabled on your WordPress site and people can download mp3 files hosting on your blog by just click on it.

    We hope this article will help you to learn How to force download after a click on the mp3 file link. For questions and feedback you can leave a comment below or join us on our forum.

    Credits:
    http://wpcage.com/force-download-mp3-files-instead-of-streaming/

  • BIGDUMP SQL IMPORT

    AUTHOR: // CATEGORY: Development, Open Source

    No Comments

    So … sometimes you on shared hosting and you need to import a large database. Problem phpmyadmin only supports a max of > 50MB. So the first option is to check the php.ini or the cursed .htaccess file – however many times shared providers override these or won’t allow an apache restart immediately.

    So in comes BigDump SQL Import (http://www.ozerov.de/bigdump/)

    Usage

    1. 1- Download this file or from the http://www.ozerov.de/bigdump.zip
    2. 2- Open bigdump.php in a text editor, adjust the database configuration and dump file encoding.
    3. 3- Drop the old tables on the target database if your dump doesn’t contain “DROP TABLE” (use phpMyAdmin).
    4. 4- Create the working directory (e.g. dump) on your web server
    5. 5- Upload bigdump.php and the dump files (*.sql or *.gz) via FTP to the working directory (take care of TEXT mode upload for bigdump.php and dump.sql butBINARY mode for dump.gz if uploading from MS Windows).
    6. 6- Run the bigdump.php from your web browser via URL likehttp://www.yourdomain.com/dump/bigdump.php.
    7. 7- Now you can select the file to be imported from the listing of your working directory. Click “Start import” to start.
    8. 8- BigDump will start every next import session automatically if JavaScript is enabled in your browser.
    9. 9- Relax and wait for the script to finish. Do NOT close the browser window!
    10. — IMPORTANT: Remove bigdump.php and your dump files from your web server.

     

    Credits to http://www.ozerov.de/bigdump/usage/

    Happy importing

  • .HTACCESS REDIRECT

    AUTHOR: // CATEGORY: Development, Open Source

    No Comments

    So like me who doesn’t like to install in the root of a server, you may need to redirect an incoming web connection to another directory (sub) or an alternative page. It’s also cool if you want to redirect to a website under construction page etc.

    I do this with the cursed .htaccess file by adding this line

    # This allows you to redirect index.html to a specific subfolder
    Redirect /index.html http://www.abc.com

    Where abc in (http://www.abc.com) is you redirected site. You could include a subdirectlyt by adding the slashed link (http://www.abc.com/def)

    Happy redirecting.

  • MAXIMUM FILE UPLOAD SIZE – PHP.INI

    AUTHOR: // CATEGORY: Development, Open Source, Wordpress

    1 Comment

    On shared hosting/VPN or cloud if you’d like to increase the default max file upload size from 10M check our the below

    You need to set the value of upload_max_filesize and post_max_size in your php.ini (in the example below 40M is what I’ve set the max upload to, however you can change to whatever you’d like eg. 100M etc.):

    ; Maximum allowed size for uploaded files.
    upload_max_filesize = 40M
    
    ; Must be greater than or equal to upload_max_filesize
    post_max_size = 40M
    
    Or in the cursed .htaccess file 
    
    php_value upload_max_filesize 40M
    php_value post_max_size 40M

    Happy uploading ....

  • MAC OS X HIDDEN FILES

    AUTHOR: // CATEGORY: Development, Mac OS X, Open Source

    No Comments

    Sometimes you just need to edit the cursed .htaccess file and on the Mac by default the file is “hidden” – here’s how to show all.

    To show all hidden files and folders, in Terminal in OS X 10.9 Mavericks:

    [wc_code]defaults write com.apple.finder AppleShowAllFiles -boolean true ; killall Finder[/wc_code]

    Getting back to cleanliness:

    [wc_code]defaults write com.apple.finder AppleShowAllFiles -boolean false ; killall Finder[/wc_code]

    To show all hidden files and folders, in Terminal for earlier versions of OS X 10.8 and prior:

    [wc_code]defaults write com.apple.finder AppleShowAllFiles TRUE ; killall Finder[/wc_code]

    Getting back to cleanliness:

    [wc_code]defaults write com.apple.finder AppleShowAllFiles FALSE ; killall Finder[/wc_code]

    Or if you lazy and would like an app (there’s always an app) – download this (FinderRevealer.zip (app))