SECRET_KEY is the new addition to wordpress Security which is introduced in the WordPress 2.5. SECRET_KEY is used to secure WordPress Cookies. But an attacker can use this Key to intrude the WordPress system. In a recently found vulnerability discovered by xiam and published in Security Focus shows that an attacker can get into the system through this technique.
Continue reading “WordPress 2.5 SECRET_KEY and SALT Cracking Vulnerability”
The New WordPress 2.5 has intoduced a security feature for wordpress cookies called SECRET_KEY. It will make cookies secure against attacks where someone has hacked into your database via an SQL injection exploit. SECRET_KEY is defined in the wp-config-sample.php file like this :
// Change SECRET_KEY to a unique phrase. You won’t have to remember it later,
// so make it long and complicated. You can visit http://api.wordpress.org/secret-key/1.0/
// to get a secret key generated for you, or just make something up.
define(’SECRET_KEY’, ‘put your unique phrase here’); // Change this to a unique phrase.
Continue reading “WordPress 2.5 SECRET_KEY”
WordPress has recently released their 2.5.1 version with some security fixes and over 70 annoying bug fixes according to their say. Allgeeks.info is currently upgraded to the new version 2.5.1 and I am fully satisfied with the new upgraded wordpress system. It is really cool. If you still haven’t updated your wordpress I will suggest you to do so as soon as possible and enjoy the new features and secured wordpress system. You will get the latest version of WordPress here :
Continue reading “WordPress 2.5.1 Security Fix”
Myspace.com has recently taken link redirection approach to track down link spamming in their Social space. You will notice links in profile and comments posted in Myspace are converted automatically to http://www.msplinks.com/ .
When first introduced there were some misconceptions came up about this automatic link conversion which spread like wild fire throughout Internet. We will try to talk about some of them to know the facts.
Continue reading “Msplinks.com Good for Myspace Bad for Spammers and SEO”
I wish everybody knows what is Myspace Trains are. Here some words for those who doesn’t have any idea about Myspace Trains –
Myspace Train is a Technology used by the myspace users to create more friends. The users are not known to each other. They just have a friend adding spree. So they participate in the Process. In their language “Do you want to be famous in Myspace – Join the Train”
So what you have to do to get into a Train?
You have to add every persons in the Train (A page of links where the links lead to add a person). When you are finished adding all the friends then you have to put your myspace friend id in a input box and join. Done!
Continue reading “Myspace Train of Password stealers”
Myspace users can use SWF (Flash movies) to make their Layout. But Flash movie can be more than a simple animation. It has the ability to do action. This is called Action Scripting. While you are viewing someone’s Profile with Animated Flash movie your profile data’s like your email address and password can be hijacked from your cookie and saved in a place in behind.
Continue reading “Myspace SWF Hack – it works”