Archive › January, 2012

WordPress Security Tips

Oftentimes, when a customer complains of their site being defaced or infected with malware, we will investigate and discover that they are using a CMS such as WordPress. The danger in using these packages, from a security standpoint, is that they are so common as to make a large target for malware writers. Combine this with their support for third-party add-ons and the rapid speed of development, and it’s easy to see how vulnerabilities can creep in.

If you’re looking for a quick and dirty security intro, here it is — Update, update, update. Check release notes for any vulnerability fixes; if you see any, it’s time to upgrade. In addition, audit your plug-ins. Third-party add-ons are often not checked as thoroughly as the core code. Just because a plug-in is popular doesn’t mean that it’s secure.

Having said that, when it comes to more comprehensive information specific to WordPress, we’d prefer to direct you to the experts:

http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/development/2009/09/keep-wordpress-secure/

As always, we welcome your questions and feedback!

Comments ( 1 )

Get Server CPU Usage of A Specific User

Suppose your user name is jimgreen and you can run the following command to get a very specific CPU usage of it in real time:

top -b -n 1 -u jimgreen | awk 'NR>7 { sum += $9; } END { print sum; }'

You can even further capture the usage metric in PHP and do conditional actions:
$usage = shell_exec("top -b -n 1 -u jimgreen | awk 'NR>7 { sum += $9; } END { print sum; }'");
Now $usage contains the CPU usage of the user jimgreen.

Comments Off on Get Server CPU Usage of A Specific User