Posted on

Parsing WordPress RSS Feed

Tested in content types
Content-Type:application/rss+xml;
Content-Type:text/xml;

$url = 'https://domain.com/blog/?feed=rss2';
$feed1_xml = simplexml_load_file($url) or die("feed not loading");

To get the first post title
echo $feed1_xml->channel->item[0]->title;

To get the first post published date
echo $feed1_xml->channel->item[0]->pubDate

Returned date is in this format Wed, 20 Apr 2016 04:22:10 +0000
You can also convert it to ‘Y/m/d’
date('Y/m/d',strtotime($feed1_xml->channel->item[0]->pubDate));

Posted on

New Custom Post Type is not working

-rw-r--r-- 1 user members 842 3月 8 18:21 single-about.php
-rw-r--r-- 1 user members 842 3月 8 18:36 single-course.php

I already have an existing custom post type “about”. It’s loaded using single-about.php
I added new custom post type “course” and copied single-about.php content to single-course.php but the new post under “course” custom post type cannot be viewed.
And there’s also no sign that single-course.php is used.

The solution was to flush rewrite, you can do this by going to Settings > Permalinks and just hit Save Changes and everything works as expected after that.

Posted on

Protecting WordPress Login

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

# Stop Apache from serving .ht* files
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

# Protect wp-login
<Files wp-login.php>
AuthUserFile ~/.htpasswd
AuthName "Private access"
AuthType Basic
AuthUserFile /absolute-path-to-htpsswd/.htpasswd
Require valid-user
</Files>

https://codex.wordpress.org/Brute_Force_Attacks

Posted on

Cleaning Malicious Scripts Injected in WordPress PHP files


Note: This only works if the scripts are injected to the first line of every PHP files.

First backup the files
$ tar -zcvf public_html.infected.tar.gz public_html

Then go inside public_html to execute the code there
$ cd public_html

Find all files with .php extention and execute the sed command.
sed will do an infile search and replace. -i will backup the file to be edited and add .infected suffix.
'1 s/.*/<?php/' does search in first line from .* (means all of first line) and replace with <?php

Note: There’s a possibility that the site may function, so be ready to fix it.
The problem I encountered with this is that few php files that only have html contents are having errors bec of <?php in the first line.
Check the server log for details errors.

Another error I encountered from wordpress pages is that <?php get_header();?> in the first line is replaced with <?php

Execute the cleanup code below
$ find . -type f -name "*.php" -exec sed -i.infected '1 s/.*/<?php/' {} \;

Check the command has no adverse effect on the site.
After checking the site is still working, delete infected files

$ find . -type f -name "*.infected" -delete