Blog

RSS WordPress Blog
  • How WordPress Is Creating a Faster Web April 15, 2024
    WordPress's massive reach of over 40% of the web comes with a similarly large responsibility. Read about what the WordPress project is doing to enhance performance for its users and the web.
    Felix Arntz
  • WP Briefing: Episode 77: Let’s Talk About Data Liberation April 15, 2024
    Explore the WordPress Data Liberation project in this exclusive behind-the-scenes episode discussing WordPress migrations. Joining us is WordPress Executive Director Josepha Haden Chomphosy, along with special guest and sponsored contributor Jordan Gillman. Together, they'll look at how the project is expanding opportunities to benefit from the freedom and flexibility WordPress offers. Don't miss this enlightening […]
    Brett McSherry
  • WordPress 6.5.2 Maintenance and Security Release April 9, 2024
    Note: Due to an issue with the initial package, WordPress 6.5.1 was not released. 6.5.2 is the first minor release for WordPress 6.5. This security and maintenance release features 2 bug fixes on Core, 12 bug fixes for the Block Editor, and 1 security fix. Because this is a security release, it is recommended that […]
    Aaron Jorbin
  • WP Briefing: Episode 76: A WordPress 6.5 Sneak Peek April 2, 2024
    Join WordPress Executive Director, Josepha Haden Chomphosy, as she offers an exclusive preview of the upcoming WordPress 6.5 release, accompanied by special guest Dave Smith, one of the Editor Tech leads for this release. Don’t miss this opportunity for an insider’s look!
    Brett McSherry
  • WordPress 6.5 “Regina” April 2, 2024
    WordPress 6.5 "Regina" is here! Named in honor of Regina Carter, renowned jazz violinist and educator, this release was made possible by over 700 contributors. Download WordPress 6.5 “Regina” today.
    Matt Mullenweg
  • WordPress 6.5 Release Candidate 4 March 28, 2024
    WordPress 6.5 RC4 is ready for download and testing. Reaching this phase of the release cycle is an important milestone. Check out what's coming in this release and how to get involved with the open source project.
    Lauren Stein
  • WordPress 6.5 Release Candidate 3 March 19, 2024
    WordPress 6.5 RC3 is ready for download and testing. Reaching this phase of the release cycle is an important milestone. Check out what's coming in this release and how to get involved with the open source project.
    Lauren Stein
  • WP Briefing: Episode 75: WordCamp Asia 2024 Unwrapped March 18, 2024
    WordCamp Asia 2024 was a dynamic three-day celebration of collaboration, diversity, and innovation in the WordPress project. This week, Executive Director Josepha Haden Chomphosy shares her insights and experiences from the event, which featured one of the largest Contributor Days in the region, a variety of speakers, engaging panel discussions, and workshops. Josepha offers her […]
    Brett McSherry
  • WordPress 6.5 Release Candidate 2 March 12, 2024
    WordPress 6.5 RC2 is ready for download and testing. Reaching this phase of the release cycle is an important milestone. Check out what's coming in this release and how to get involved.
    Lauren Stein
  • Highlights from WordCamp Asia 2024 March 9, 2024
    Over 1,300 attendees gathered at the Taipei International Convention Center in Taiwan for WordCamp Asia 2024. The three-day event emerged as a vibrant celebration showcasing the collaboration, diversity, and innovation that drive the world's most popular web platform.
    Reyes Martínez
RSS Sucuri Blog
  • What is Cookie Hijacking April 23, 2024
    Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive information, including session tokens that authenticate users to a web application. By hijacking these cookies, attackers can impersonate users and gain unauthorized access to private accounts and sensitive data. Given […]
    Cesar Anjos
  • JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS April 18, 2024
    Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The most interesting thing about that malware was how it used dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs. We’ve been tracking this campaign ever since — […]
    Denis Sinegubko
  • WordPress Maintenance: Tasks & Best Practices April 16, 2024
    If you’re managing a WordPress site, it’s crucial to ensure it runs smoothly and securely. Many site owners worry that WordPress maintenance is a complex chore that requires a ton of technical expertise, but that’s not entirely true. This guide is here to show you the steps you can take on your own to help […]
    Rianna MacLeod
  • Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker April 11, 2024
    In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code — for example, the miscellaneous scripts area of the Magento admin panel, or WordPress plugins such as Custom CSS & JS. Custom script editors are popular with bad actors because they […]
    Matt Morrow
  • Web Shells: Types, Mitigation & Removal April 8, 2024
    Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These scripts exploit vulnerabilities like SQL injection, remote file inclusion (RFI), and cross-site scripting (XSS) to gain entry. Once deployed, web shells allow attackers to manipulate the server, leading to data […]
    Cesar Anjos
  • Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS April 2, 2024
    We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a massive player in ecommerce as well, thanks to the adoption of Woocommerce and other plugins that can easily turn a WordPress site into a fully-featured online store. This popularity also […]
    Puja Srivastava
  • WordPress Vulnerability & Patch Roundup March 2024 March 25, 2024
    Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
    Sucuri Malware Research Team
  • Sign1 Malware: Analysis, Campaign History & Indicators of Compromise March 20, 2024
    A new client recently came to us reporting seemingly random pop ups occurring on their website. While it was clear that there was something amiss with the website it was difficult to reproduce the issue. However, by inspecting our server side scanner logs we were able to locate the source of the unwanted behavior — […]
    Ben Martin
  • What is .htaccess Malware? (Detection, Symptoms & Prevention) March 15, 2024
    The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with black hat SEO tactics, or inject content — the range of possibilities for misuse is vast, making it a prime target for hackers. .htaccess malware can be hard to pinpoint […]
    Ben Martin
  • Sucuri WordPress Plugin Updates for 2024 March 13, 2024
    At Sucuri, we believe in making the internet safe for everyone. One way we show this is through our free WordPress security plugin. The Sucuri WordPress plugin is available for download in the WordPress repository. It comes with a range of security features, including WordPress hardening, malware scanning, core integrity check, post-hack features and email […]
    Rianna MacLeod

Boot Partition Space

Posted by on 7:04 am in Server Administration | 0 comments

If your /boot partition is mounted separately , it is always a small compare to other partitions on the server. If the older kernels are not removed, then it gets full quickly.  In order to remove the older kernels safely we can use the package manager. For REHL/CentOS systems you can use below command. sudo yum install yum-utils && sudo package-cleanup --oldkernels --count=2 For the Debian and Ubuntu systems you can use below commands. First, check your kernel version, so you won’t delete the in-use kernel image, running: uname -r Now run this command for a list of installed kernels: dpkg --list 'linux-image*' | grep ^ii and delete the kernels you don’t want/need anymore by running this: sudo apt-get remove linux-image-VERSION Replace VERSION with the version of the kernel you want to remove. When you’re done removing the older kernels, you can run this to remove ever packages you won’t need anymore: sudo apt-get autoremove And finally you can run this to update grub kernel list: sudo...

read more

Bash Cases Statement

Posted by on 9:14 am in Bash Script | 7 comments

The case construct in bash shell allows us to test strings against patterns that can contain wild card characters. Bash case statement is the simplest form of the bash if else then condition statement. The simple example for this is if you are expecting different inputs from a user and want to execute specific command sets on the choice used.     case $variable in pattern1 ) statements ;; pattern2 ) statements ;; * ) statements ;; … esac   We can see the common use of the case statement in the init scripts of the services which has the options like start, stop, restart and status.  ...

read more