WordPress Exploit on Milw0rm.

Following yesterdays security announcement for wordpress, a freely available exploit has been published on milw0rm. What this means is… if you haven’t upgraded DO IT NOW, as the amount of attacks will go up very quickly.

If you look through the exploit you can see that it takes advantage of existing user accounts, so a further security option can be to disable the “anyone can register” option… within wordpress admin, click options -> general and “untick” the box. (If it is on and you don’t need it)

Note the explot mentions that it hasn’t been tested on the 2.0.x series, but bare in mind that the wordpress team updated both trees so the chances are it will work, so both 2.1.x & 2.0.x users should upgrade.

Recent phpBB Topics on WordPress Plugin v0.3

UPDATE: This Plugin has been updated, please download the update from http://wordpress.org/extend/plugins/phpbb-recent-topics/, and please comment on the new post, thanks.

phpBB recent topics admin interface in WP 2.3.x

Admin GUI

Another day, another plug-in update…..Version 0.2 never saw the light of day, after fixing my compatibility issue I moved straight into setting up the admin interface. So here we have it, a proper implementation

Download phpBB Recent Topics

Installation

Unzip phpbb_recent_topics.tgz in your `/wp-content/plugins/` directory. (You’ll have a new directory, with this plugin in /wp-content/plugins/phpbb_recent_topics)
Activate the plugin through the ‘Plugins’ menu in WordPress
Configure the plugin, you need to tell wordpress about phpbb, this is done in the wordpress menu ‘Options’ -> ‘phpBB Recent Topics’
The following Settings are required:
- * The name of your phpBB database (e.g phpbb)
- * The name of the table where topics are held (the default is phpbb_topics )
- * The full url of your forum for links (e.g. http://www.mydomain.com/forum)
- * The number of topics to show. (If left blank you get 5)
Hit ‘Update Options”
To output the list of topics in a page or post…
- * create a new page/post, type {phpbb_recent_topics} , hit ‘Publish’ or ‘Create new page’
To output the list of topics in your theme sidebar…
- * edit sidebar.php and inside <div id=”sidebar”> type…
```
<?php
if (function_exists('phpbb_topics')) {
phpbb_topics();
}
?>
```

A bit about Database configuration.
If wordpress & phpBB share a DB already then set $PHPBBDB to DB_NAME and everything will be fine, else you’re going to need to GRANT the wordpress user read access to phpBB.

How to GRANT wordpress read only access to phpBB ?
If you don’t know it already you need to find your wordpress mysql user id, it’ll be in wp-config.php

define('DB_USER', 'wp_user');     // Your MySQL username

and you should have already found your phpbb database & table for the above.
You need to type the following syntax into your mysql database

GRANT SELECT ON phpbb_database.phpbb_topics TO wp_user@localhost;

this can be achieved by logging into phpmyadmin as your phpbb user, selecting SQL and pasting the correct GRANT into the text box.

Upgrading from Version 0.1
Upgrading is optional. This version has two major changes: The first basically fixes the compatibility issue I have running two php ob_start processes in wordpress; the second is the introduction of a “proper” admin interface (rather than hacking the php file).
To upgrade, make a note of the following settings:

$PHPBBDB = "phpbb"; //phpBB db name
$TOPIC_TABLE = "phpbb_topics"; //phpbb topics table
$SITEURL = "http://www.mydomain.com/forum"; //Forum URL

Deactivate version 0.1, and follow the Installation instructions above

Frequently Asked Questions

Can I output 10 Topics in my Page, and 3 Topics in my Sidebar ?
- Yes ! In the WordPress menu ‘Options’ -> ‘phpBB Recent Topics’, set ‘The number of topics to show’ to 10, and then in your sidebar include…<?php
  if (function_exists(‘phpbb_topics’)) {
  phpbb_topics(3);
  }
  ?>
Can I exclude a certain forum from the list ?
- In this version, the only way to do that is to hack /wp-content/plugins/phpbb_recent_topics/display/display.php, change
```
$results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE ORDER BY topic_time DESC LIMIT $LIMIT");
```
  to
```
$results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE WHERE forum_id != 1 ORDER BY topic_time DESC LIMIT $LIMIT");
```
  to exclude forum 1 from the list. I plan to setup a proper solution to this in the next version.

Finally Subversion
You also might be interested to know that I’ve been getting to grips with the wordpress plug-ins svn, so you can get work directly from here; and when wordpress.org re-crawls my readme the latest version will also be available on wordpress.org/extend/plugins/

root cookie v1.2 (wordpress plugin)

UPDATE: This Plugin has been updated, please comment on the new post, thanks.

I’ve been a bit slow, aja pointed out the fault a few days ago, but I’ve been a bit slow off the mark

Anyway, here’s the official announcement,

root cookie version 1.2

This version primarily fixed the logout issue, and yup, I’ve learnt by my mistakes it loads it gently too

How to Monitor wordpress with Nagios

WordPress like many web applications relies on apache (or something else) to serve the HTTP pages and mysql to store the data. Your wordpress website is important to you, so you need an external monitoring system to let you know what’s going on.

Nagios is a great, enterprise class, open-source monitoring application; and what you need do is configure it to exactly represent how wordpress works; if you can get that right you can immediately get notified if any piece of the puzzle fails.

I’m going to write up a simple example of how to monitor wordpress and it’s associated jigsaw pieces, so we’re going to setup one host with appropriate dependant services. Ultimately, you should configure nagios to suit exactly how your environment works, but hopefully this “how to” will get you started.

Basic Config.
To configure nagios you need have services (such as http) associated with hosts; to get started, I’m going to have to assume you have followed another “how to” and have nagios up and running, and monitoring localhost, you can even use my own config generator to get you started Basically you should have a generic check-host-alive host.cfg entry like so:

define host{
        use                     generic-host            ; Name of host template to use
        host_name               linickx.com
        alias                   My WebSite
        address                 www.linickx.com
        check_command           check-host-alive
        max_check_attempts      10
        check_period            24x7
        notification_interval   120
        notification_period     24x7
        notification_options    d,r
        contact_groups  admins
        }

The first (and easiest) part of wordpress to monitor is the web-server which serves the web pages on port 80, so a /etc/nagios/serivces.cfg entry like.

define service{
	use                             generic-service         ; Name of service template to use
	host_name                       www.linickx.com
	service_description             HTTP
	is_volatile                     0
	check_period                    24x7
	max_check_attempts              10
	normal_check_interval           1
	retry_check_interval            1
	contact_groups                  admins
	notification_options            w,u,c,r
	notification_interval           960
	notification_period             24x7
	check_command                   check_http
}

Getting Technical.
Have you noticed the deliberate mistake ? I’m using resolvable names in my config files, this is deliberate as my website is on a shared server, and check_http with an IP address is very different to check_http www.linickx.com , but in order for www.linickx.com to work, DNS needs to be working. While we are here, it makes sense to monitor that as well. In /etc/nagios/checkcommands.cfg add an entry similar to….

# 'check_dns' command definition
define command{
        command_name    check_dns_linickx-com
        command_line    $USER1$/check_dns -H www.linickx.com -a 69.73.189.228
        }

Where the -a ip address , is the ip of your “A Record”, if you don’t know what that is you can use dnsstuff.com to find it for you. You can now create a service that uses that command…

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       linickx.com
        service_description             DNS
        is_volatile                     0
        check_period                    24x7
        max_check_attempts              10
        normal_check_interval           5
        retry_check_interval            1
        contact_groups                  admins
        notification_options            w,u,c,r
        notification_interval           960
        notification_period             24x7
        check_command                   check_dns_linickx-com
        }

We have HTTP and DNS monitored, all the wordpress data is stored in a mySQL database, so now you need to monitor that, to do that you need to setup another checkcommand; add the following.

# mySQL command definition
define command{
	command_name    check_mysql
	command_line    $USER1$/check_mysql -H $HOSTADDRESS$ -u $ARG1$ -p $ARG2$
}

This check command will log into the database and report OK if it is working, much better than check_tcp 3306 . Now you can add the following service entry

define service{
	use                             generic-service         ; Name of service template to use
	host_name                       www.linickx.com
	service_description             mySQL
	is_volatile                     0
	check_period                    24x7
	max_check_attempts              10
	normal_check_interval           5
	retry_check_interval            1
	contact_groups                  admins
	notification_options            w,u,c,r
	notification_interval           960
	notification_period             24x7
	check_command                   check_mysql!USERNAME!PASSWORD
}

For this to work the user will need to have permissions to log into the nagios machine, so if you followed the wordpress codex and added “TO wordpressusername@localhost” in your mysql statement, you’ll need to add that to run

GRANT ALL PRIVILEGES ON databasename.* TO wordpressusername@NAGIOS-SERVER;

where NAGIOS-SERVER is a resolvable name or ip address. Note: Don’t forget about firewalls ! Make sure that TCP 3306 is open between your nagios box & wordpress website.

The bit that actually monitors wordpress.
You are now independently checking both HTTPD & MYSQL, but what if wordpress can’t actually connect (lets say wp-config.php is screwed), both these checks will pass and nagios will stay green; what you need to do is monitor a page. If that page works , everything’s fine, if the page fails (and you get the default database connection error page) then nagios flags and alert. We’re going to add another checkcommand

# 'check linickx.com wordpress' command definition
define command{
        command_name    check_wp_linickx
        command_line    $USER1$/check_http -H $HOSTADDRESS$ -u /blog/about-me -s "About Me"
        }

You can alter this in anyway you want, but what it does is it looks for http://$HOSTADDRESS$/blog/about-me (so http://www.linickx.com/blog/about-me) and if that page returns “About Me” then everything is OK.

Tidying up with dependencies.
We’ve already established that if either mySQL, http or DNS fails, wordpress will fail, so we want to ensure we don’t get hit with double alerts about the same problem, enter dependencies. HTTP is dependant on DNS, enter the following in /etc/nagios/dependencies.cfg (make sure you have cfg_file=/etc/nagios/dependencies.cfg in /etc/nagios/nagios.cfg )

define servicedependency{
        host_name                       linickx.com
        service_description             DNS
        dependent_host_name             linickx.com
        dependent_service_description   HTTP
        execution_failure_criteria      n
        notification_failure_criteria   u,c
        inherits_parent         1
        }

and WordPress is dependant on HTTP & mySQL , so you need…

define servicedependency{
        host_name                       linickx.com
        service_description             HTTP
        dependent_host_name             linickx.com
        dependent_service_description   WordPress
        execution_failure_criteria      n
        notification_failure_criteria   u,c
        inherits_parent         1
        }

define servicedependency{
        host_name                       linickx.com
        service_description             mySQL
        dependent_host_name             linickx.com
        dependent_service_description   WordPress
        execution_failure_criteria      n
        notification_failure_criteria   u,c
        inherits_parent         1
        }

You can check your config with nagios -v /etc/nagios/nagios.cfg , assuming you have no errors wait for checks to go green and begin testing. Tests you can run can be anything from unplugging the cable from your nagios box to simulate a complete failure, to stopping the mysql service on your website to make sure check_mysql works.

Making it pretty for the hell of it.
Nagios has a web interface, one of the things we can do is customize it to represent our config, how about a pretty icon for our website ? or a custom wordpress action ? Here’s how to setup a pretty icon and action (button to click on) for our wordpress service.

To get started, you’ll probably need a copy of the wordpress logo from the svn , I then cut the “W” out to make a square icon, but you can do what you like Firstly something non essential: To display any icon in nagios as a “host icon” you’re going to need it in both png and gd2 image format, you’ll have to install a conversion tool. (for redhat)

yum install gd-progs

to run the conversion, use the following…

pngtogd2 wordpress-logo.png wordpress-logo.gd2 0 1

that’ll give you a chunk size of 0 and no compression as recommended for nagios.

But if you just want service icons, then you can get away with just a png. Save any custom images in /usr/share/nagios/images/logos/ make sure they’re readable ( e.g. chmod 644 file ) and we’re good to go.

So the config file, 1st make sure you have cfg_file=/etc/nagios/serviceextinfo.cfg enabled in /etc/nagios/nagios.cfg . My sericeextinfo.cfg has the following…

define serviceextinfo{
	host_name               linickx.com
	service_description     WordPress
	notes                   My website  powered by wordpress !
	icon_image              wordpress-w.png
	icon_image_alt          WordPress
	action_url              http://$HOSTADDRESS$/blog/wp-admin/
}

What this does is it adds my wordpress-w icon to the nagios status pages, and give me a “red star” type icon which when I click on takes me to my wordpress admin page… cool !

Some compulsory Screen-shots.

That should just about wrap it up, one fully monitored wordpress installation; as you can see this can be adapted to monitor any php / mysql app Please let me know if you have any further suggestions.

Compatability issues with phpbb recent topics plugin ?

I’ve recently run into a compatibility problem with my phpbb topic plugin, basically I tried to copy the code I did ( the ob_start / stop buffer thing ) and I found that the second time I ran the loop it didn’t work !

Anyway in lieu of working on an admin interface for setting up the phpbb connection I’m solving this, if anyone is having a similar issue please let me know.

Oh, and this might be of interest…

———- Forwarded message ———-
From: Nick
Date: 12-Mar-2007 11:38
Subject: Re: Recent phpBB Topics on WordPress Plugin
To: Paul Stokes

Hi Paul,

You can do this by playing with the SQL statement in the plugin, for example
SELECT * FROM $TOPIC_TABLE WHERE forum_id != 1 ORDER BY topic_time DESC LIMIT $limit
would exclude topics from forum 1

hope that helps,
Nick

On 11/03/07, Paul Stokes wrote:

Hello,

First I must say what a great plug-in you have here!
Is there a way to keep the hidden forums topic hidden?
Thanks
-Paul

Service Recovery Scripts & Error Page Tips.

A couple of weeks ago, I was proper ill with flu; the problem with looking after your own server is that only you can fix it – it’s well and good having monitoring systems (nagios) telling you about faults, but if you can’t read or see the alerts the fault won’t get resolved.

During this time I was ill, for an unknown reason the mySQL process on my server died, as such my website (and others I look after) were down for 8 hours. The fix was simple, one command, restart the service and normal service was resumed (excuse the pun).

This led to me to the conclusion that there must be a way to get the server to fix it’s self. after all, why do a job when you can get a computer to do it for you ! Fortunately I had a light bulb moment and realised that I could use the init scripts that are provided by redhat, the below code will restart apache (httpd) and mySQL on a redhat based system in the event that the service was not stopped cleanly. (In-fact this config has only be tested on CentOS, your mileage may vary on anything else)

#!/bin/bash

# taken from redhast default scripts - /etc/rc.d/init.d/functions

# Set up a default search path.
PATH="/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin"
export PATH

status() {
        local base=${1##*/}
        local pid

        # Test syntax.
        if [ "$#" = 0 ] ; then
                echo $"Usage: status {program}"
                return 1
        fi

        # First try "pidof"
        pid=`pidof -o $$ -o $PPID -o %PPID -x $1 ||
             pidof -o $$ -o $PPID -o %PPID -x ${base}`
        if [ -n "$pid" ]; then
# Uncomment this if you want OK messages
#               echo $"${base} (pid $pid) is running..."
                return 0
        fi

        # Next try "/var/run/*.pid" files
        if [ -f /var/run/${base}.pid ] ; then
                read pid < /var/run/${base}.pid
                if [ -n "$pid" ]; then
                        echo $"${base} dead but pid file exists"
                        /etc/init.d/${base} restart
                        return 1
                fi
        fi
        # See if /var/lock/subsys/${base} exists
        if [ -f /var/lock/subsys/${base} ]; then
                echo $"${base} dead but subsys locked"
                /etc/init.d/${base} restart
                return 2
        fi
        echo $"${base} is stopped"
        return 3
}

# found in /etc/init.d/httpd
httpd=${HTTPD-/usr/sbin/httpd}

status mysqld
status $httpd

If you save this, as /etc/cron.hourly/auto_recovery.sh , then do chmod +x /etc/cron.hourly/auto_recovery.sh , assuming you’ve not changed the default cron setup, every hour mySQL & httpd will be checked, if they have died the’ll be restarted and root will get an e-mail about what happened.

Cool eh !

A final finishing touch: I wanted to change the default “Database Down” error messages on my two most popular applications.

Melvin Rivera has written a tutorial on how to customize the wordpress error page, note that it involves editing a file outside of wp-content, that means you’ll have to re-do this “hack” every time you upgrade wordpress.

PHPBB: Setting a custom error page on that is really easy, first create a php page displaying your message. Then at the bottom of /path/to/phpbb-install/includes/db.php you’ll see

// Make the database connection.
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);
if(!$db->db_connect_id)
{
message_die(CRITICAL_ERROR, "Could not connect to the database");
}

change it to

 // Make the database connection.
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);
if(!$db->db_connect_id)
{
 include("/path/to/my-custom-error-page.php");
        die();
}

Now if you database dies, for the time it’s down (before cron fixes it) wordpress & phpbb sites would get a much prettier error message. Obviously there’s no solution for apache as there’s nothing to serve the pages, but hopefully this kind of thing doesn’t happen to often

Recent phpBB Topics on WordPress Plugin

UPDATE: This Plugin has been updated, the latest version is available on wordpress.org please comment on the new post, thanks.

Written primarily for my wife to use in the future, but I’ve developed a pluging that allows you to post a list of recent phpBB threads/topics within wordpress.

If found this plugin by Brandon Alexander but it wasn’t right for my needs, firstly he looks up usernames from phpBB, now my phpBB & wordpress installs don’t share databases and I thought it was a bit of a security risk giving wordpress access to my users password hashes… and secondly that plugin gives a list of recent posts, not what I wanted, and wanted threads (topics).

This is the 1st version, the massive fault with it is that you have to edit the file (to tell it where to find phpBB), I’m not yet smart enough to include an admin interface.

Installation: Download phpbb_recent_topics.txt and save as phpbb_recent_topics.php in your wordpress plugins directory. Edit the file, and change these bits to your appropriate settings…

$PHPBBDB = "phpbb_database"; // phpBB db name
$TOPIC_TABLE = "phpbb_topics"; // phpbb topics table
$SITEURL = "http://www.domain.com/phpbb"; //Forum (phpbb) URL

How to GRANT wordpress read only access to phpBB ?
If you don’t know it already you need to find your wordpress mysql user id, it’ll be in wp-config.php

define('DB_USER', 'wp_user');     // Your MySQL username

and you should have already found your phpbb database & table for the above.
You need to type the following syntax into your mysql database

GRANT SELECT ON phpbb_database.phpbb_topics TO wp_user@localhost;

this can be achieved by logging into phpmyadmin as your phpbb user, selecting SQL and pasting the correct GRANT into the text box.

Plugin Usage.
The plugin can be used in two ways, for those who don’t like editing templates you can call (type)

{phpbb_recent_topics}

from any post or page, and it will be replaced with an list of the last 5 topics.

For those who want to include the list in a sidebar template or similar, call the following function: phpbb_topics(), something like

 if ( function_exists('phpbb_topics') ) { phpbb_topics(5); }

where by the number 5 can be replaced with anything less that 10, and that’ll be the number of topics returned.

Hopefully that all makes sense, feel free to contact me with problems.

UPDATE: Comments about combatability issues here please.

SNAP Contest ! – vote for me !

When I installed snap I mentioned that it’d be really cool if they could make it work with site advisor…

cool is if it could be plugged into mcafee site advisor so that users could see if it�s a safe link before clicking it.

well last night I recieved an e-mail about snap running an Idea’s contest. How’s that for cool, my idea is in the competition… vote for me !

Root Cookie WordPress – Plugin updated !

UPDATE: This Plugin has been updated, see please the new post, thanks.

Unless there’s a security risk, I’m always slow to upgrade my blog to the latest & greatest WP, the reason is plugins, when there’s a major revision update, plugins cause problems, so it’s usually best to wait for the maintainers to fix them before upgrading.

Anyway, I started to test the upgrade, and realised that I had a plugin that didn’t work, and yes you guessed it, it was the one I wrote ! – DOH !

It appears that v2.1 was more fussy about pluggable functions, but a quick fix and it’s done, so I give you…

Root Cookie, Version: 1.1

Standard wordpress plugin rules apply, save as root-cookie.php, stick it in your wp-content/plugins directly and activate, log-out (or clear your cookies) and when you log in you’ll get a cookie with the full domain path… happy days !

k2 for bbPress

UPDATE: This theme has been updated, please see the new post, thanks.

I’m thinking about hosting a forum for some friends to use, so I thought I’d take a look at bbpress; I look after phpbb for my better half, and find the patching & modding a bit of a pain, the stuff photomatt does never lets me down, so I thought I’d take a look at his attempt at a forum.

For “regular” forum users I think they may find the interface a bit of a shock, but that doesn’t bother me, there are some features missing, but the community have been putting plugins together to plug the gap (poor, poor pun, sorry !).

~~The main thing I noticed was a lack of theme repository and~~ EDIT: Theme & Plugin Repo here at http://proforums.palmansworld.com, I really hate green with an absolute passion, so although the default theme is slick, I couldn’t stand looking at the green ! Anyway, since this could be a service on my work in progress, I wanted it to match the k2 theme I’m using, I found there wasn’t one available to download, so to cut a long post short….

Download k2 for bbpress here

It’s a work in progress, there’s a ~~demo available here~~ sorry demo closed., I don’t think it’s a bad 1st crack !

EDIT: I’ve added a screenshot since the demo site will ~~probably change~~ is down.

Blog CheckUp – WordPress: Improve with SEO

I noticed the other day, that the google rank for linickx.com has dropped from a respectable 4, to a pitiful 0 !

The reason for the drop is obvious, November & December have been busy real work months for me, and I’ve not been able to post much online.. no art, no php, no comments, nothing ! Now photomatt has recently blogged about the disconnect between productive good techies and people who have time to blog, so I won’t go into it here; I will just say that I agree, and I think my blog reflects that. What I didn’t realise about my google rank is that the age of your links contributes to your overall PR. So although all those other links to linickx.com still exist on the web they’re getting older so they must not count as much; of course this is speculation, google keep to themselves how their ranking is made up, but it’s the only thing that’s changed.

Anyway to get back on the map I thought I’d better take a look at these SEO posts I’ve been seeing about the place (which I guess this is yet another of ! )

1st step – site maps !
Now I already had a sitemap, powered by Arne Brachhold’s wordpress plug in , but it doesn’t hurt to check it’s working every now & again; to do this I logged into google sitemaps and checked out the reports, basically it’ll tell you if there have been any errors, remembers errors mean google can’t view the page properly, which in turn effects it’s PR. I had a couple (4) of “404 Not founds”, so I went through my posts and fixed them.

Validate your pages !
Search engines can’t see your site, they can only read the html code, and if that’s wrong, then so will the index and PR be. I’d gotten out of the habit of checking pages, you’ll notice at the bottom of my theme is a link to say this site is valid, it’s really important that after posting you click this to make sure it works; if it doesn’t, well all is lost before you start.

Page & Post titles
All the articles talk about setting your page titles correctly, I’d noticed ages ago that anaylitics showed the same title for stuff but I’d never gotten round to looking at it. It turns out I’d made a “school boy error” on my custom theme, and the <title> tag within my html didn’t grab the post title from wordpress – DOH ! It was eaily fixed by adding <?php the_title(); ?> into header.php. If you didn’t write your theme there is a plugin that can do it for you…. sadly neither of these fix the titles for my custom scripts, so I guess I’ll have to stick that back on the to-do list !

Meta Tags
“Back in the day” meta tags where the way serach engines classified your site, but abuse of the keywords tag, by repeating words to improve PR, means that they’re not as important as they used to be. Today though, I’m on the search engine offensive apart from spam I’m willing to try anything. This wordpress plugin does the job for you. The advantage of using the plugin, rather than setting them in my theme, means that the description can be dynamially added based on the post, rather than having the same description for all pages, the more words that people search for that hit me, the better !

Related Posts
Search engines need a way to weave through your site, in the past I’ve relied on my web site map (not the same as sitemap.xml) to do the job, but it appears that this is not enough, so I went for the related entries wordpress plugin, the good thing about the latest version is that the formatting can be done within the wordpress admin interface. (The reason this is good, as it means minimal changes to my theme php, which is when problems occur.)

Share This !
At the beginning of what is becoming a marathon post, I talked about my PR being related to incoming links (i.e. links to linickx.com). In the past I’ve just had a small “Bookmark Page” link on each post, this link would then submit the page to del.icio.us for people to share, well alex king has written a share this plugin to expand the idea, but for any service. I like the idea alot, now all I need to do is to find a way to submit my posts to all the services automagically.

Nothing to do with SEO
The final change I’ve made was to install a snap plugin, now this will have no effect on my PR, but it is quite cool, what it does is add a little floating window preview any external links, allowing readers to take a glimpse of what they’re clicking on before they actually click. To be honest, I’ve not yest decided if this is a good thing or annoying, but would be cool is if it could be plugged into mcafee site advisor so that users could see if it’s a safe link before clicking it.

Fingers crossed this will have an impact, but one thing is for sure, it won’t hurt !

Cookie Path Plugin For WordPress 2.0 (root Cookie)

UPDATE: This Plugin has been updated, the below links to the new file, but please comment on the new post, thanks.

I’ve been busy this AM, my site is a little bit integrated with WordPress, basically I call the header and footer from WP so that my custom code changes themes when WordPress does

I want to take it further and use the authentication cookie, so that my code recognizes me when I log in (in the same way WordPress does). In order for linickx.com to see the cookie set by linickx.com/blog, I need to change the COOKIEPATH. The change is actually quite simple, in fact the “set cookie” function is a pluggable one

The function / plugin I’ve written is really simple, all I’ve done is change the PATH to be / (root) that way linickx.com or linickx.com/blah can reference the cookie, and because it’s set to / the plugin can be used on any site !

To install:

Save root-cookie.txt in your plugins directory as root-cookie.php (Right Click – Save As)
From the Plugin Manager in the Dashboard, “Activate” the plugin
Log out, and log in again
Done

Now your cookie can be referenced from any custom code you may have written outside of your WordPress install directory !

CoComment Plugin for WordPress……

My health isn’t too great at the moment, so I’m a little behind the times

I just found this CoComment Plugin for WordPress and thought it was worth a plug ! I like CoComment because I really think it’s going to make people life easier, personally I’ve started commenting on blogs; I never really did before because I couldn’t be bothered to find out what was said after I left, but now I get the conversation delivered as an RSS feed !!!!!!!!!

So to spread the word you’ll find a co-comment link at the bottom of my posts, get the plugin and spread the word yourself !

h4x0r on themes.wordpress.net

Tiz cool when things get published on other sites, my h4x0r theme is on themes.wordpress.net

cool

shame i can’t work out how to link to them properly !

h4x0r (Hacker) / The Matrix Theme for WordPress

I thought I’d try something different

I’ve been playing with wordpress for nearly a year now, and thought it’d be cool to make a publicly available theme, I wasn’t sure on what to do so I thought I’d start with a simple pallet. My theme is a black on green code looking theme, you know the hacker site style; to make it more interesting I added some matrix references, and silly bits of php code.

The theme has been tested on wp 1.5 & 2.01 (including a blank one as requested on the codex) , there is a screenshot and I’ve also installed a theme switcher so you can demo it

h4x0r is available for download here, please let me know your thoughts.