Weblog Tools Collection » otto http://weblogtoolscollection.com Weblog Tools Blogging Tools Blog Mon, 13 Feb 2012 13:00:19 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 Theme Malware Anatomy http://weblogtoolscollection.com/archives/2010/12/10/theme-malware-anatomy/ http://weblogtoolscollection.com/archives/2010/12/10/theme-malware-anatomy/#comments Fri, 10 Dec 2010 20:00:30 +0000 Jeff Chandler http://weblogtoolscollection.com/?p=9171 One of the biggest problems facing users of WordPress today especially when it comes to themes is malware. I’ve seen my fair share of websites using themes whose functions.php file contains base64 encrypted code that when decrypted, shows spam links. However, there also a number of themes that have code within them that installs malware onto the web server. After Chip Bennett, one of the Theme Team Reviewers noticed at least one of his themes were being made available on a website that claimed to have free WordPress themes, he discovered that something was not right. All of the themes available on the website contained some sort of malware that would be installed onto the users site once enabled.

Otto does a great job going in-depth and explaining exactly how this particular piece of theme malware works. Most of the explanation is over my head but it gives you a sense of not only how desperate but also how clever these spam kings are getting in having their way with your website. This is why we preach that you always get your free themes from the WordPress.org Theme Repository because each theme is now reviewed with human eyes to make sure none of that garbage gets into the repository.

The theme repository contains almost 1,300 themes but quite a few of them look like they were designed in early 2000. So I can understand why users would want to expand their reach and check out the wider marketplace of freely available themes but just remember, when you download and use a theme that is outside of the repository, you do so at your own risk.

As an aside, this video which was produced by Leland of Themelab.com provides a great explanation as to why you want to stay away from using Google when searching for freely available themes.

]]> http://weblogtoolscollection.com/archives/2010/12/10/theme-malware-anatomy/feed/ 25 WordPress 2.7 Comment Enhancements http://weblogtoolscollection.com/archives/2008/09/30/wordpress-27-comment-enhancements/ http://weblogtoolscollection.com/archives/2008/09/30/wordpress-27-comment-enhancements/#comments Tue, 30 Sep 2008 08:20:43 +0000 Jeff Chandler http://weblogtoolscollection.com/?p=4260 Otto, who is a well known and respected member of the WordPress community has published a pretty cool article (WordPress 2.7 Comment Enhancements) which explains the various comment enhancements that have made it to the core of WordPress 2.7 thus far. Otto’s reasoning behind the post was to allow theme authors to gain a head start on creating themes which will be compatible with WordPress 2.7. One thing to keep in mind while reading this article is that, this information was compiled from using the latest developmental version of WordPress 2.7. This means things may not be set in stone with further additions or retractions possible before the initial release.

Here are some of the enhancements that Otto covers:

  • Creating a 2.7 compatible comments.php file
  • Password protection check
  • The comments loop
  • The power of Ajax
  • Styling

Thanks Otto.

]]> http://weblogtoolscollection.com/archives/2008/09/30/wordpress-27-comment-enhancements/feed/ 6