The .hph extension trick: how WordPress malware survives cleanups by shadowing .php files

by
Four nearly identical white binders standing in a wooden box, suggesting how easy it is to overlook a slightly differently-named file in a directory listing (photo: Mateusz Dach / Pexels)

You clean a WordPress malware infection. You find every .php file with the suspicious signature, quarantine it, restore from backup, harden the site. Three weeks later the same backdoor is back. Same filename, same content, same behavior. You’re sure you …

Wordfence forensics: mining wp_wfhits and wp_wfissues to reconstruct a breach timeline

by
Top-down view of two detectives examining black-and-white photos and fingerprint cards on a desk — visual metaphor for piecing together a breach timeline from log evidence (photo: RDNE / Pexels)

If you’re cleaning up a WordPress compromise and the site has Wordfence installed, you have more forensic data than you think. Even on the free plan, Wordfence quietly logs every blocked request, every plugin-vulnerability advisory, every flagged file, and every …

Jellyfin self-hosted media server: setup, Intel QuickSync hardware transcoding, and the Roku and Apple TV client situation in 2026

by

Plex used to be the answer for “I have a hard drive full of movies and want to watch them on my TV.” Then Plex started showing ads, requiring sign-in, gating features behind subscriptions, and breaking the offline path. Jellyfin …