Milw0rm is a great source of security exploits, subscribing to it’s feed is a good way of getting a heads up on where the next attack might come…. there are a lot of script kiddies that do nothing more than download milw0rm exploits and fire them randomly into the internet hoping to get a hit!

The thing is there are a lot of exploits found everyday and it can start to fill-up your RSS Feed Reader, so it’s a good idea to filter out things that are useful to you, as an expample I have created a simple Yahoo! Pipe which delivers only WordPress exploits found on Milw0rm!

I’ve been wanting to do this for a while, this is the 1st in a planned short series of tutorials for my root cookie WordPress plugin.

I’ve decided to start with the purpose I wrote the plugin, then I’ll move onto a couple of tutorial which answer some of the FAQs I get.

Scenario.
Before you start you need a working copy BLANK of WordPress, in a sub directory, with a url like domain.com/wordpress.
A BLANK copy is a fresh install, using the default theme and only my root-cookie plugin installed, remember after activating the plugin clear your browsers cookies.

Whilst playing with my bad-behavior callback function, I noticed something quite crucial; plug-ins load in alphabetical order!.

I noticed that every time a new version of BB is released / upgraded I had to re-paste my callback function into bad-behavior-wordpress.php – DOH!

To get around this I decided to create a new plug-in called linickx-bb-callback.php, but I noted that the counter wasn’t increasing. Changing the file name to aaa_linickx-bb-callback.php fixed the issue, sweeeeet!

I’ve had an e-mail from Edward Laverick saying that my WordPress root Cookie plugin doesn’t work in WP2.7.

I have a few points to make….

• Not All Cookies are plug-able.
  A google search of the WordPress SVN show’s that there are setcookie actions outside of the avilable pluggable functions; the only way to change these that I know of is to hack the trunk code.

I’m looking to improve linickx.com; I’d like to include more of my online identity, I stumbled across yibble.org and the layout / look / feel is very close to what I’m looking to do. My current theme is tumblr inspired but has it’s limitations, for example if I tweet & blog on the same day my front page has “posts” with duplicate titles

A self host tumblr or sweetcron are options except that I like WordPress and I can’t be doing with the hassle with maintaining multiple apps… this is why I stopped using gallery, gallery is a brilliant app I just don’t have the time to keep it and WP and “another” up to date and secure.

My WordPress/PHPBB plug-in is probably the most popular thing I’ve written and I’d like to point out a recent post on Weblog tools Collection… Here they mention possible collaboration between the WP & PHPBB developers, this can only be a good thing as I know from personal experience that it’s something the community at large want.

The Bad Behaviour plug-in for WordPress comes with a weekly counter in the admin dashboard, but do you want a wicked footer like mine?

106,386 dodgy geezas have been blocked by Bad Behaviour and 36,926 spams were eaten by Akismet.

Akismet comes with a counter you can use in themes/plugins…


$akcount = get_option('akismet_spam_count');
$akcount = number_format($akcount);
echo $akcount;


But with Bad Behaviour you have to do a little more work. To start with you need to get BB to record in the database each time it blocks someone, this is done by adding a function to ~/wp-content/plugins/bad-behavior/bad-behavior-wordpress.php , add the following code…..

I use twitter tools to post my twitter tweets to my blog; the thing is that twitter can sometimes slow down or break completely, this in turn kills wordpress.

To improve things I’ve changed how often I check twitter, you can do the same by editing the plugin file (wordpress/wp-content/plugins/twitter-tools/twitter-tools.php), see below for a code snippet…


function tweet_download_interval() {
#return 1800;
return 14400;
}

Enjoy!

This is a small update, it incorporates the patch submitted by toni to fix the widget, thanks toni

The old information still applies…

Admin GUI

If you’re happy with v0.4 and have it running fine then don’t bother, in fact edit phpbb_recent_topics.php so that WordPress stops complaining about finding a newer version.

Download phpBB_Recent_Topics_0.4.1 from wordpress.org

What’s New?

• The widget patch mentioned above!

What’s Old?

• Most importantly I have tested this plugin with phpBB3 and WP2.5 so I’ve updated the readme.txt to reflect this.

Recently I’ve been having this problem with my WordPress + Bad Behavior + Delicious blog posting combo, in a nut shell, delicious was showing an error:

[10/22/08 05:00:03 AM -0700] Creating blog post at http://correct_url.com/xmlrpc.php ...ERROR: Failed due to General Exception: Curl returned non 200 HTTP code: 417. Response body:

And I couldn’t work out why, after some digging/googling, I thought to look in my bad behaviour logs, and found a match for my apache log…


76.13.6.189 - - [19/Oct/2008:23:00:29 +0100] "POST /xmlrpc.php HTTP/1.1" 417 796 "-" "PEAR_XML_RCP2/0.0.x"

I’ve contacted both yahoo (who now own delicious)

UPDATE: This Plugin has been updated, please comment on the new post, thanks.

Thanks to Scott Kingsley Clark for giving me the kick I needed, but I’ve finally gotten around to updating my root Cookie plugin for WordPress, we’re now at Version 1.3 !!

The point of the plugin is to strip out the path from the cookie so that it can be referenced by other applications; wordpress 2.6 has a whole new cookie structure and this broke the old version, but I’ve been so swamped recently that it wasn’t maintained.

I thought I’d write a post about this error message as it’s pretty much the main reason that I ever receive comments or e-mails from the WordPress community. Sadly the complaints I receive from the community out weigh the complements, but I guess that’s life

Thank you to all those who have downloaded and enjoyed my plug-in and all those who have taken to say something nice.

The problem with this error message Missing argument 1 for phpbb_topics() is that I don’t actually know how to fix it. If you look in the source code you’ll see that I’ve tried to trap “empty variables”…

It’s been a while since I’ve used bbPress, but a major milestone from the automattic guys has pretty much broken the theme.

I’ve done a complete re-write; as before I’m only distributing the style.css (and a screenshot) no template.php files, this ensure that no security issues are associated with my theme.

Installation

• Create a “my-templates” directory in your bbPress installation directory
• Download unzip k2 for bbpress in that directory
• Under “design” and “themes” select k2
• done

UPDATE: This Plugin has been updated, please download the update from http://wordpress.org/extend/plugins/phpbb-recent-topics/, and please comment on the new post, thanks.

Admin GUI

It’s been a year since the last release so perhaps this version should be called “about time!” v0.4 has primarily been released as a bugfix version, if you’re happy with v0.3 and have it running fine then don’t bother, in fact edit phpbb_recent_topics.php so that WordPress stops complaining about finding a newer version.

Download phpBB_Recent_Topics_0.4 from wordpress.org

What’s New?

• Most importantly I have tested this plugin with phpBB3 and WP2.5 so I’ve updated the readme.txt to reflect this.

So WP2.5 is out, and I figured it was about time I squashed that load bug on phpbb_recent_topics, while I’m at it I figure I’ll wigetize it.

The problem is that the example on the automattic site doesn’t actually work! If you paste…

function widget_myuniquewidget($args) {
    extract($args);
?>
        <?php echo $before_widget; ?>
            <?php echo $before_title
                . 'My Unique Widget'
                . $after_title; ?>
            Hello, World!
        <?php echo $after_widget; ?>
<?php
}
register_sidebar_widget('My Unique Widget','widget_myuniquewidget');

Into a blank plugin you get this in your logs…