Clickjacking – How to prevent on wordpress sites

What is clickjacking In simple words Clickjacking means users are tricked into clicking or keystroking on a different site/page making them think they are on their usual site. How can that be a problem from security point of view. Here is an example An example of Clickjacking Lets assume you own a website my_domain.com and you login to it everyday. If this site is not protected from clickjacking a hacker may be able to call this site in an iframe on some page hosted on his domain some_domain_owned_by_hacker.com Now the hacker also adds some javascript to this page which records users keystrokes. Through some means the hacker may trick you in clicking and opening this page. If you do not notice the domain name in the URL then you may feel that it is your own website and may even log in. Due to the keystroke recording script the hacker is then able to get your password. However you may feel that you always check the domain name before performing any transaction on a website and...
Read More

How to automatically alert your users about events happening in their area

This can be easily done if you are already geocoding users addresses (i.e. getting their latitude and longitude) while they register on your website. If you are not doing so then you can go back and geocode all the previous addresses. Now lets assume you have geocoded all the addresses and are storing them in a separate table as shown below Table: user_lat_long [crayon-59e6eb9996f65048518544/] Now create a function to get users from the above table near a certain address (where the event is to be held). [crayon-59e6eb9996f6d487943960/] Now just call the above function with 3 parameters as input Radius => Defines the area you want to set to alert your users e.g. 100 KM Latitude => Latitude of the place where the event is to be held Longitude => Longitude of the place where the event is to be held [crayon-59e6eb9996f72644317277/]  ...
Read More

Shell script to backup database and send it to remote server automatically

This article explains how to create a database backup script to send the backup to remote server  without any manual intervention. For security reasons or to enable disaster recovery it is important to keep database backup copies on some additional server outside your network. The process to create a script for database backup and to autosend it to a remote server is not really so complicated as many would think. To make it simpler let's divide the whole task in 3 different sub tasks Create a backup file of your database. Authorize the origin server i.e. Your current server to send the files to the remote server (So that the remove server knows that it is receiving the files from a genuine source) Create a script to simply SCP the files from the origin server to the remove server Above mentioned are mandatory steps. Additionally you may also want to create a log file to log the status of every step just in...
Read More

How to connect to a remote GIT from Windows PC

Download and Install GIT Tool from below URL: https://msysgit.github.io/ While installing the tool keep all the default settings Create a folder named as projects for your site/application (maybe in your Documents folder) Open GIT GUI tool and generate a key from the Help menu The keys get created in your Users/USERNAME/.ssh folder Import both (public and private) keys to your server using CPanel Open GIT command line tool and navigate to the Documents folder (i.e. one folder above projects) Run the command: git clone ssh://USERNAME@IP_ADDRESS/home/USER/repositories/REPO_NAME   Now just make some changes to your code and commit the change using git commit The changes can be pushed to the remote server using below command git push origin master...
Read More

Set remote GIT on VPS / Dedicated server

It is possible to set Remote GIT on your own server provided your hosting provider allows to install GIT on the server. If your site/application is hosted on VPS or a dedicated server then it much easier to do so. Prerequisite to set remote GIT GIT should be installed on there server If you are on VPS or dedicated server then it is likely that GIT is already installed on the server. To check if GIT is installed or not SSH to your server and try below command. [crayon-59e6eb9997513404302615/] If GIT is installed then it will show the version of GIT. If not it will give an error message. If GIT is not installed then you first need to install GIT on your server. For this you may need root access to your server. If you do not have root access ask your hosting provider to install GIT for you. Once git is installed follow below steps on the server to set remote GIT Create a Directory SSH to your server (using...
Read More

Plot multiple places on Google Maps – WordPress plugin

Plot events, photos, places, etc on Google Maps using a simple Wordpress shortcode which is built using Google Maps API. Everything below can be achieved easily with a simple plugin, XML file to provide the markers and a configurable shortcode Plot Multiple Locations on a Map Marker Clustering (markerclusterer) Ability to click each marker to get more details i.e. through a Marker popup Marker's info popup details is customizable through shortcode and CSS Ability to set initial zoom level Step 1: Get an API Key for Google Maps API First of all we need an API key for Google Maps. You can get an API key from Google Developer Console Here are the steps to create an API Key 1. Visit Google Developer console Projects page and create a project as per your requirement 2. Go to API Manager and select the project created in above step 3. Enable Google Maps JavaScript API and Google Maps Embed API 4. Click the Credentials link 5. Click New Credentials and select API Key....
Read More

Replace wordpress search with Google Custom Search (CSE)

For better search results or due to integration with Adsense you many want to replace wordpress search with Google Custom Search (CSE) Below are the steps to follow using a simple wordpress plugin. [Download Plugin] 1. Register you site on Google Custom Search by filling a simple form as shown below 2. After creating your CSE you will get a search engine ID as shown below. Make a note of this ID. 3. Create a page to display the search results page and add [PW_ADD_GSEARCH_RESULTS] shortcode on this page. 4. Add the the URL of the search results page on the setting screen of the plugin. 5. Comment/Remove the code in searchform.php in your themes folder of probably header.php and add below code instead [crayon-59e6eb999848a661607871/] This will create the search box.        ...
Read More