One rather embarrassing thing has just reared it’s ugly head and that’s noticing that all the links in my posts are getting the HTML stripped prior to displaying. So there is a rouge plugin that’s performing some modification to the content before it’s put in front of you. Everythings fine in the DB, the posts are exactly as I have written them, links and all. Unfortunately it’s about 4:30 am here and I’ll have to stare at this with fresher eyes tomorrow. While it’s interesting, in a strange way, it’s just about made my blog useless at the moment… And just when I was link happy giving thanks to everyone in the previous post. After I hunt down the culprit ( the usual suspects ) I’ll report back here. I think I need to add a "Whoops" category now!

UPDATE

I’ve just noticed that this is happening under the "Posts belonging to Category ‘Plugins’" pages. I think that’s my fault!

UPDATE #2

Well I finally got to delve into where the "code" was misbehaving. The funny thing is that on this current theme, the Categories Widget is using the archive.php file, under /wp-content/themes/eximius. Of course this is the Eximus Theme. Now the archive.php is using the_excerpt() function to display the post and not the_content() function. There is a much better description of what’s going on at http://codex.wordpress.org/Function_Reference/the_excerpt It’s time for a theme change anyways now the site is upgraded to WordPress 3.0.

I’m near completion of my latest plugin that requires a little CSS magic.
Being a huge Fan of CSS, I thought it best to check out how it could be done.

I’ll give credit where credit is due.

Thanks goes to  Artem Russakovskii and his post on wordpress-plugin-development-how-to-include-css-and-javascript-conditionally-and-only-when-needed-by-the-posts

And as a follow up from the good folk from the WP Codex – http://codex.wordpress.org/Function_Reference/wp_enqueue_style and also regarding a new look on CSS and styling Anchor Tags – the Proper Way…. as shown by Anatoly Lubarsky at http://blogs.x2line.com/al/articles/159.aspx

To all of the above, a big thanks. I went from “hey how do you go adding in CSS with a plugin” to having it working in about 20 minutes, including research and dreaming up new stuff.

That’s another step forward in the Plugin “How To’s”.

With all the recent attacks recently, security is on the top of most people’s mind.  There are some very simple things that you can do to make your blog  less of a target.

First, how do blogs get hacked in the first place? Because of it’s design, there are many vulnerable areas in a WP site.In brief:

• Outdated plugins and themes
• Using plugins from unknown sources
• using an older version of WordPress
• Weak passwords
• using admin as your username
• insecure or incomplete installations
• leaving certain files on your server, such as the readme.html
• not removing your WP version from various areas on your site.
• keeping the default database prefix.
• and several other ways that we’ll cover another time.

Fortunately, WP has several plugins that make doing many of these security measures a breeze.

Here’s a list of my favorite ones

Login Lockdown ~ records the IP address of every failed login attempt. If more than a set number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel and admisitrators can release locked out IP ranges manually from the panel.

WP Secure ~ does a multitude of functions that used to have be done manually, such as:

upgrade to the last version of wordpress
check plugins that are out of date
Remove error information on login-page
Hide your wordpress version(frontend & dashboard)
Remove really simple discovery
Remove Windows Live Writer
Remove core update information
Remove plugin & theme update information
Add index.php for plugin directory which hides your plugins folder
Change the default admin username & tests the strength of your password
Restrict access to wp-config.php file, wp-includes & wp-content folders
Restrict wp-admin for only your Ip
–> Restrict access to wp-admin Manual
–> Check files and folder permissions

Secure WordPress ~ does pretty much the same thing as WP secure, plus it also provides a  free malware and vulnerabilities scan with SiteSecurityMonitor.com

WP-MalWatch ~ is a scanner designed to help alert you when hackers have been at work inside your blog. WP Malwatch does not protect your blog, it only logs suspicious events and alerts you possible security breaches.

AntiVirus ~ scans your blog for exploits and spam injections and provides anti-virus protection for your blog. Although it’s a very useful plugin, many themes will show a false positive, because it doesn’t recognize some of the code that is used.

WordPress File Monitor ~ monitors your WP site for added/deleted/changed files. When a change is detected an email alert can be sent to a specified address. Be aware that whenever a plugin updates, or creates any change, you will be notified.

There are many others out there. As I test them out, I will tell you what I think.

Look them over and choose the ones that you like best. I have them all installed and have not had any compatibility problems so far.

Plugins make life  more enjoyable. Takes a lot of the headaches out of building a interactive website.

There is a plugin for just about anything you want you website to do.

If you can’t find what you are looking for then you need to find Tim Brownlaw. The code guru of the internet. By the way did I mention that he is the owner of www.advancedwordpresstutorials.com