I was going through and cleaning up some plugin settings recently on a WordPress site and received an error when attempting to access Feed Comments Number admin settings page. The error states that you do not have sufficient permissions to access the page though that was not the case because I was logged in as an administrator. Luckily I had run into this exact error awhile back and knew exactly where the problem was. Below I describe the error in more detail and provide resolution to the issue.
After upgrading the Fast Secure Contact Form plugin for WordPress you should definitely test to make sure things are working properly because you likely will receive an error when submitting the contact form if you are using the built in captcha. The error which is explained in more detail complains of not being able to read a token file. Below we describe how to quickly resolve the Fast Secure Contact Form captcha error.
It is possible to receive an error after updating wpscan via “svn up” complaining about the nokogiri gem. This might be confusing because likely you already have the nokogiri gem installed on Backtrack Linux however it is likely a simple path issue. To resolve you can issue the below gem install –user-install command as shown in the below example.
Recently I have been doing a lot of testing on a couple of my web sites that run WordPress and realized that securing your site takes a bit of effort. There are some plugins that do a great job at certain things however I wasn’t able to find any that did a great job of securing everything that I would prefer be secured. Below I describe a multi-pronged approach to securing your WordPress site from hacking attempts using multiple WordPress plugins as well as performing a couple manual steps that ensure the WordPress details exposed to the world are minimal.
One of my favorite apps in Backtrack Linux that I recently discovered is wpscan. There are a ton of WordPress sites in the wild and using wpscan is an excellent way to begin an audit on a WP site. There are a couple things that wpscan does that is really amazing such as enumerating logins from WordPress sites and enumerating WordPress plugins that are installed. Below are a couple examples of how wpscan can be useful for WordPress web site analysis.