Wordpress dictionary attack

Today early in the morning my monitoring system notified me about unusual high outgoing traffic on my hosting platform. I traced the problem down the webserver which is also hosting this abandoned website. Looking into this with iptraf revealed that this traffic is coming only from one IP. At first…

[security] wordpress 2.5.1 which fixes CVE-2008-1930

Cause the subject, I did build a new package which can be installed on etch, lenny and of course sid. You can fetch it from http://ftp.cyconet.org/debian/archive/bpo/wordpress/2.5.1-1~bpo40+1/ or get via deb http://ftp.cyconet.org/debian etch-backports main non-free…

Subscribe to Comments

Just a quick note ... I just installed and activated the Subscribe to Comments plugin. So you are able to be notified if there will be created a new comment on a post.…

software depencies

First the good thing: I updated wordpress to 2.3. Now the bad thing: I updated wordpress to 2.3. With 2.3 there where many infrastructure changes. For a complete list, see the Release Announcement. The most extensions breaking change was the implementation of native tag support. Referencing to…

wordpress plugin and widget packages

Yesterday I was going through the plugins and widgets, if there are any updates or such. I realized again, that updating of plugins (and maybe searching for the relocated download source) makes me mad. Also testing and switching back is annoying much. So I decided to package plugins and widgets…

New Wordpress (2.2.0) etch-backport

I did rebuild the brand new version of wordpress for etch. New user requests and etch-bpo stated: Is the backport neccessary? I don't think we should upload packages to bpo simply because we can do it if you can install the package directly from testing without any recompilation we shouldn't…

Hacking google-highlight plugin

Today I found a nice plugin for highlighting search strings from referrer called google-highlight, when coming from a search engine. The problem was, when the site includes a substring of $_SERVER["SERVER_NAME"] it was highlighted ... maybe not what you want. Here is the patch:…