Detecting and cleaning the DOLLY WordPress mu-plugin backdoor

August 14, 2024 by admin

Hooded figure with neon mask holding tablet displaying 'Uploading Virus' progress bar — visualizing the DOLLY WordPress mu-plugin backdoor exfiltrating credentials

Last week I cleaned a six-site WordPress compromise on one of my OpenLiteSpeed boxes. The most interesting payload was the “DOLLY” mu-plugin family — a credential-harvesting backdoor that hides itself with a few clever tricks and survives most casual cleanups …

Rotating WordPress salts as incident response: the step everyone skips

July 23, 2024 by admin

Close-up of a metal combination lock with rotating numeric dials — visual metaphor for rotating WordPress salts to a new secret combination (photo: Felix Moeller / Pexels)

You’ve cleaned the malware files, deleted the backdoor admin accounts, rotated everyone’s password. The site is fine, you’re fine. Three weeks later someone logs in with a session cookie they grabbed during the compromise window and creates a fresh admin …

Home Assistant on a Raspberry Pi 4: getting started without Hue or SmartThings vendor lock-in

July 20, 2024 by admin

You’ve bought into one smart-home ecosystem — Hue lights, or SmartThings hub, or Apple HomeKit — and now every new device you consider has to be compatible with that brand. Three years in, you’ve also accumulated a Wyze camera, a …

PF firewall on macOS: writing a tiny pf.conf to block outbound traffic from one specific app and ignore everything else

June 7, 2024 by admin

You installed a beta of some app. It’s slow, the UI’s weird, and Activity Monitor shows it making outbound network calls every two seconds — telemetry probably, or analytics, or who-knows-what. You’d uninstall it but you actually need the app …

Per-vhost PHP versions in OpenLiteSpeed: keep one site on 7.4 while everything else moves to 8.2

May 17, 2024 by admin

Close-up of PHP source code displaying version_compare("5.2", PHP_VERSION) check and require_once includes — typical PHP version handling code (photo: Pixabay / Pexels)

Modernizing the PHP runtime on a multi-tenant LSWS box is rarely an “all sites at once” affair. Some sites are on a custom theme that uses PHP 4-style class constructors. Some have a plugin still calling create_function(), removed in …

Why Does My Mac Keep Switching Screens?

April 21, 2024 by admin

https://computerinfobits.com/why-does-my-mac-keep-switching-screens/

Thank you!…

How to use free protovpn VPN on ubuntu 20.04 using linux CLI?

March 17, 2024 by admin

protonvpn

Please note this is going to lock you out from your server and you will need to reboot to connect again. You should know what are you doing. While I am writing this, I am connected to my server …

display-posts-news-ticker

March 14, 2024 by admin

# display-posts-news-ticker

WordPress plugin to display WordPress posts in a nice news ticker.

– display-posts plugin is required to be installed from here: https://wordpress.org/plugins/display-posts-shortcode/

– Telex JS newsticker is used from here (no need to download or install): https://github.com/sjaakp/telex

Change …

start-fortnox-sync (from Airtable)

April 5, 2023 by admin

– Was made for internal Use.

Starts Pricelist sync to Fortnox on the main shops server. Waits for 30 minutes for each pricelist to finish.
NOTE: Add airtableToken & main server authorizationLink to make it work.

(async function() { var…

update-currency-rates (Airtable)

April 5, 2023 by admin

Finds pricelists on Airtable on all bases by checking 2 tables: Pricelist & (*).
(*) tables contains all the currency rates in this format:

(Please note that SEK is master currency)
Code. Rate
—- —-
SEK 1.0000000
USD 0.0972745
AED …