Create HTML5 Vertical Endless Runner cross platform games

Using Phaser framework and other FREE software
Endless runner games are gaining more and more popularity and they are really easy to code.
I will take you by hand through the creation of a complete HTML5 vertical endless runner cross platform game with a lot of features and room for customization.
100 pages + 31 source code examples with a free update to come in a few days.

10 ways to secure your WordPress blog

Emanuele Feronato WordPress

Find out how InfoSec Institute can help you receive your CISSP Certification and become an IT professional.

As old readers know, my blog has been hacked several times. You can read about my first hack and what to do when your blog has a virus, but now it’s time to prevent hackers from injecting malware in your WordPress blog.

Follow these simple 10 steps, they aren’t ordered in any way, just a list I am writing to help you making your blog more secure

1) Don’t display your WP version: hackers know security holes and exploits of every WP version, and unfortunately in your header.php file you probably have this line:

Remove this tag or simply remove the php function returning the WP version. Your new generator tag should look something like

2) Protect your /wp-content/plugins/ directory putting a blank index.html file in it. In latest WP versions there is an empty index.php file that does the same job. This way nobody will see the plugins you installed, checking for exploitable ones.

3) Use a secure password, it shouldn’t be your girlfirend’s name or your daughter’s name. A good password is made by at least 8 characters using both uppercase and lowercase and numbers.

4) Change your login name with something different than “admin”. Most WP installations still use the default admin login to log into administrator area. If your blog is under a brute force attack, you will make hackers life a bit harder if they have to guess both the password and the login name.

5) Install Login LockDown plugin. Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.

6) Choose a good hosting company or keep your web server updated. You can secure your WP blog in a million ways, but if your server has security issues, you’re doomed anyway.

7) Secure your /wp-admin/ directory. Create a file called .htaccess in such directory and place this script:

Change xxx, yyy and zzz with IP’s you currently log in from

8) Keep your WP version (not too) updated. While old WP versions may have security bugs that aren’t fixed anymore, installing the latest release can expose you to unknown bugs during the first day. If it’s not a critical security update, my advice is to wait at least a couple of days before installing the new version.

9) Get rid of bad bots adding these lines to your main .htaccess file (the one in your WP root)

If you look in your server logs you will probably see attempts by automated scripts (bots) to hack your site. This happens to all sites, and the Libwww-perl agent is recognized to be one of thw worst of them. Check this Google search for more information.

10) When you are about to install a plugin, Google for it, to make sure nobody is reporting security issues

… and death to pirates…

Stay up to date
Follow me on the social networks and never miss a post.

Official Emanuele Feronato Facebook page

Official Emanuele Feronato Twitter account

From null to full HTML5 cross platform game

I will take you by hand from the bare bones of JavaScript programming through the creation of a full cross platform HTML5 game, with detailed explainations and source code.

If you don't know where to start, then From null to full HTML5 cross platform game is the book for you.

Comments 12

  1. Ernesto Quezada

    Just so you know, the RSS is throwing this:

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 1827

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 1827

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 2180

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3025

    Warning: implode() [function.implode]: Argument must be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3077

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3108

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3108

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3151

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3151

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3292

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3292

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 1827

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 1827

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 2180

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3025

    Warning: implode() [function.implode]: Argument must be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3077

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3108

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3108

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3151

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3151

    Warning: array_keys() [function.array-keys]: The first argument should be an array in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3292

    Warning: Invalid argument supplied for foreach() in /web/htdocs/www.emanueleferonato.com/home/wp-content/plugins/wp-syntax/geshi/geshi.php on line 3292

    :S

  2. Pingback: Keep your WordPress Blog (or any site) clean with new Google Webmaster Tools : Emanuele Feronato

  3. Mattias Wirf

    About the wp-version, it’s printed with wp_head() in many themes. To remove the version, add this in your themes function.php:

    remove_action(‘wp_head’, ‘wp_generator’);

  4. Pingback: Help needed – War to hackers : Emanuele Feronato - italian geek and PROgrammer

  5. Oliver

    Hi,
    the first step to secure your wordpress blog…

    1.When you download wordpress you have a folder called “wordpress”.Rename that to something strange for example “deathtoallhackers”.Upload that folder to your root directory.This is strange and unusual but it will help.The next step is to move the index.php and .htacces file from the “deathtoallhackers” folder back to the root.Then open the index.php file and change this:

    require(‘./wp-blog-header.php’);

    to this:

    require(‘./deathtoallhackers/wp-blog-header.php’);

    now log in at http://yourawsomeblog.com/deathtoallhackers/wp-admin

    in the admin area go to settings->general and make sure that your settings to your wordpress url points to:
    http://yourawsomeblog.com/deathtoallhackers

    and blog adress url:

    http://yourawsomeblog.com

    this will keep your root directory clean.

    btw…use your own strange word:-)

  6. Mike Duguid

    Further to these, I’d avoid using shared hosting as it makes elevated file permissions a lot more dangerous (VPS are extremely cheap nowadays), and stop using FTP and move to an encrypted file transfer mechanism (gumblar type ftp sniffing explits account for a lot of injected sites)

  7. Jamey Trainor

    if your laptop and home PC’s are on the same network, someone from other end can find out what is going on other PC’s, if they know what is administrator password for your home PC’s. But as far as i know it’s against law. so it’s depend on other side, but it’s not an easy task to do and not worth it.

Leave a Reply

Your email address will not be published. Required fields are marked *