Logging to file could also be useful when debugging very visual things (where you don't want extra messages) such as themes. Also background scheduled cron jobs are the same as Ajax calls and run with no user interface so you need to send the messages to file not to the screen.
Although it is possible to configure the logging modes yourself via php.ini or .htaccess, WordPress sets up some constants in the WP_CONFIG.php file which make it simpler to setup debug logging to file.
The setting first is the master control for debugging.
Without this setting nothing will get logged.
The next setting is
This tells WordPress to log everything to the /wp-content/debug.log file, if you want to log to an alternative location do not include this setting and use the settings described in the first reference below.Finally we need to turn off the display of setting to the user (or Ajax call) using the following setting
if you set these three settings then you should have logging to file. It's worth turning this off once your debugging session has finished as the file can get quite large quite quickly.
The WordPress brute-force login attacks show little sign of abating and we recommend all users ensure their sites are secured against this attack.
Since spring 2013, hackers have been calling the WordPress login url with "standard" usernames (like 'admin') and thousands of passwords. In our experience nearly all users have 'admin' as a user account so this makes them especially vulnerable.
Well - not a solution exactly but it should protect your site being hacked.
The solution we propose is to change your username to something only you know about. If you are creating a new WordPress site, don't use the default 'admin'. Choose a new username.
If you have an existing site, you can't simply delete the user 'admin' - therefore there are lot's of free plugins around to change it instead. The one we've been using is called 'Username Changer'. Install it, activate it, change your username and then remove it. It's a one off job.
2020Media can help
Additionally 2020Media would like to see these WordPress attacks stop - realistically this is not going to happen - it's a distributed attack from botnets, and things will change only when it's not worth the hackers while any more.
2020Media are happy to change your login username for you plus we can add additional server-side security which will mitigate the denial-of-service aspects of the attack.
The Managed WordPress service from 2020Media is something anyone not logging in to their WordPress site on a weekly basis should seriously consider. Even if you do, get peace of mind as updates to WordPress, Themes and plugins are done for you. Read more
Two updates within 24 hours.
1. Joomla users should check what version they are using and download and install the latest patch.
Joomla! version 2.5.13 and earlier 2.5.x versions; and version 3.1.4 and earlier 3.x versions has been declared vulnerable to Inadequate filtering leads to the ability to bypass file type upload restrictions. This basically means if you have a upload box on your site, hackers can use it to upload malicious code to your hosting space.
The solution is to upgrade today to the newest Joomla version, Upgrade to version 2.5.14 or 3.1.5 depending on which release you are on.
2. WordPress has released a new version, which fixes 700 bugs and includes a brand new template. The new version is 3.6 and all users are advised to upgrade.
2020Media strongly recommends users make a backup before doing an upgrade. We are also happy to do upgrade for customers on request, free of charge.
Dates have been announced for a WordPress conference in London later this year.
The very first WordCamp London will take place on 23rd & 24th November 2013!
The two day event will have one main conference day and the second day will be a Contribute Day where you can come along, hack, write, support, and contribute to WordPress.
What's a WordCamp?"WordCamps are informal, community-organized events that are put together by WordPress users like you. Everyone from casual users to core developers participate, share ideas, and get to know each other".
The first day will comprise presentations from WordPress experts and enthusiasts from the UK and around the world. The second day will be a Contributor Day – both seasoned and new community members will spend the day working on the project.
PhotoDropper has over 62 million free images that WordPress owners can access and insert right from their WordPress dashboard.
They also have a premium tier that offers more professional photos on a pay-by-the-photo basis.
Many people can locate images from stock photo websites or their own libraries, but this involves extra steps of downloading the image, resizing perhaps, then uploading to the WordPress site. Checking for copyright also takes more time. This plugin does it all from within WordPress, using Creative Commons licences.
The PhotoDropper plugin is free!
You can download the plugin here, or just search for “PhotoDropper” from inside your plugins dashboard.
With PhotoDropper you have access to the entire Flickr Creative Commons database offering you over 243.8 million Creative Commons images all totally free and totally legal for you to use on your website… As long as you follow the simple licensing, which PhotoDropper makes easy.
What is Creative Commons?
Creative Commons lets people share any work (photo, graphics, writing, etc.) with the world so that anyone can use and remix their creations under the licensing terms the authors provide. It is usually denoted with “Some Rights Reserved” instead of “All Rights Reserved.”
Flickr (part of Yahoo) has one of the world’s largest collections of such photos that people have shared with just such a license.
The PhotoDropper Plugin makes the process of finding and adding these photos to your posts simple and takes care of necessary attribution automatically.
Learn more about the Creative Commons license along with its rules and restrictions here.