Awhile back I noticed that the Amazon Machine Tags plugin I use on various sites stopped working and wasn’t sure why since it had not been updated in quite awhile. When initially investigating I was hoping that there was an update I had missed that would resolve the issue with Amazon Machine Tags however that was not the case. Luckily the fix was easy and is documented below.
WordPress database error Duplicate entry X for key yarpp_content for query UPDATE wp_posts SET, MySQL Error
Today I was adding a note to a WordPress article I had written a couple of days ago and it appeared to POST without issue after I clicked the Update button in the WordPress admin. I went to the front-end of the site to verify the new content formatted correctly and to my surprise it wasn’t displaying so I figured I must have left a HTML tag or something open since I didn’t get any errors within the WordPress admin when I clicked the Update button for the Post. After further review the content didn’t exist and it appeared that the article had not posted the update at all since there were zero revisions from today. Fixing the problem is easy by using the below information that describes where I located the error, the error itself, and how to resolve it by issuing a single MySQL command.
Late last night I realized that the traffic for Question-Defense.com was way down for the day and thought it was related to some recent updates I had performed on the site. I spent probably an hour or so last night verifying that nothing was out of the ordinary with the site and wasn’t able to find any issues. Upon waking up this morning the traffic again was extremely low for this time of the day even on a Saturday so we started to investigate. One of the referrers that traffic had dramatically decreased for was Google so we went to Google and performed a search that we knew would return a link to Question-Defense.com. Sure enough upon clicking on the link to Google we hit the question-defense.com URL and then we were immediately redirected to finditnow.osa.pl. Below we describe the issue in more detail, provide specifics about how our site was hacked, and provide the information needed to locate and resolve the problem.
I have been using the Flexible Upload D3Z Edition WordPress plugin for a couple years now on various sites that I work on or manage. To me it provides a much easier interface to upload images while building thumbnails on the fly than the default WordPress image media upload. The issue is the Flexible Upload D3Z Edition plugin has not been updated since WordPress version 2.6.X so it has broken on more than one occasion. So when upgrading to WordPress 3 recently it broke the Flexible Upload D3Z Edition plugin and below I describe how to fix the plugin so it will operate without issue in WordPress 3.X.
Recently there was a 0-day vulnerability posted for WordPress which allows users with edit post capabilities to issue SQL injection attacks against the WordPress site. Depending on the type of site that you run this isn’t a huge deal unless you allow any users that sign up to edit and publish articles on the WordPress site. One of the things that could help assist in this type of scenario is knowing who logins in and when as well as knowing if there are failed logins which could help indicate malicious activity. Below is information on a plugin that can accomplish both of these goals.