WHAT IS RANSOMWARE?

Ransomware is a malicious software that encrypts files and locks devices, such as a computer, tablet or smartphone and then demands a ransom to unlock it. Recently, a dangerous ransomware named ‘Wannacry’ has been affecting devices worldwide creating the biggest ransomware attack the world has ever seen.



WHAT IS WANNACRY RANSOMWARE?

WannaCry ransomware attacks windows based machines. It also goes by the name WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY. It leverages SMB exploit in Windows machines called EternalBlue to attack and inject the malware. All versions of windows before Windows 10 are vulnerable to this attack if not patched for MS-17-010. After a system is affected, it encrypts files and shows a pop up with a countdown and instructions on how to pay the 300$ in bitcoins to decrypt and get back the original files. If the ransom is not paid in 3 days, the ransom amount increases to 600$ and threatens the user to wipe off all the data. It also installs DOUBLEPULSAR backdoor in the machine.



HOW IT SPREADS?

It uses EternalBlue MS17-010 to propagate. The ransomware spreads by clicking on links and downloading malicious files over internet and email. It is also capable of automatically spreading itself in a network by means of a vulnerability in Windows SMB. It scans the network for specific ports, searches for the vulnerability and then exploits it to inject the malware in the new machine and thus it spreads widely across the network.



WHAT CAN YOU DO TO PREVENT INFECTION?

– Microsoft has released a Windows security patch MS17-010 for Windows machines. This needs to be applied immediately and urgently.

– Remove Windows NT4, Windows 2000 and Windows XP-2003 from production environments.

– Block ports 139, 445 and 3389 in firewall.

– Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with.

– SMB is enabled by default on Windows. Disable smb service on the machine by going to Settings > uncheck the settings > OK

– Make sure your software is up-to-date.

– Have a pop-up blocker running on your web browser.

– Regularly backup your files.

– Install a good antivirus and a good anti-ransomware product for better security.



WHAT ARE WE DOING ON OUR WINDOWS SHARED SERVERS?

We are already in the phase of applying Windows updates on all our shared hosting Windows servers. However we need to reboot servers in-order to apply those security patches. We shall announce the schedule for server reboot in this thread shortly.



WHAT YOU NEED TO DO IN CASE OF OUR WINDOWS DEDICATED SERVERS?

You need to patch the Windows dedicated server immediately using the steps mentioned in the link : https://goo.gl/PYIEis



You can also refer to the following links to apply the necessary fix:

https://technet.microsoft.com/library/security/MS17-010

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

https://support.microsoft.com/en-in/help/4013389/title



For dedicated servers, once you have applied necessary changes, you need to reboot the server.

Contact Form 7 Custom Validations - Wordpress

If you wanted to add custom Validations for Contact from 7 fields, here is the code
 But the name we use in Wordpress back-end should match with $name in the below code. I added validations for URL, Zip and Phone number

 For Custom URL use "url" - [text* url]
 For Zip Code use "ZipCode" - [text* ZipCode]
 For Phone Number we can use "'PhoneNumber1', 'PhoneNumber2', 'PhoneNumber3', 'PhoneNumber4', 'PhoneNumber5', 'PhoneNumber6', 'PhoneNumber7'"  - [text* PhoneNumber1]



<?php

// URL Validations
function get_valid_url( $url ) {

    $reg_cond = "((https?|ftp)\:\/\/)?";
$reg_cond .= "(\?[a-z+&\$_.-][a-z0-9;:@&%=+\/\$_.-]*)?";
$reg_cond .= "(\:[0-9]{2,5})?";
    $reg_cond .= "([a-z0-9+!*(),;?&=\$_.-]+(\:[a-z0-9+!*(),;?&=\$_.-]+)?@)?";
    $reg_cond .= "([a-z0-9-.]*)\.([a-z]{2,3})";
    $reg_cond .= "(\/([a-z0-9+\$_-]\.?)+)*\/?";
    $reg_cond .= "(#[a-z_.-][a-z0-9+\$_.-]*)?";

    return preg_match("/^$reg_cond$/", $url);
}

function contact7_validations($result,$tag) {
$type = $tag['type'];
$name = $tag['name'];


if($type == 'text*' && $_POST[$name] == ''){
$result['valid'] = false;
$result['reason'][$name] = wpcf7_get_message( 'invalid_required' );
}



// Custom URL Validation
if($name == 'url') {
$url = $_POST['url'];

if($url != '') {
if(get_valid_url($url)){
$result['valid'] = true;
} else {
$result['valid'] = false;
$result['reason'][$name] = 'URL Entered is invalid.';
}
}
}


// Custom Zip Code Validation
if($name == 'ZipCode') {
$ZipCode = $_POST['ZipCode'];

if($ZipCode != '') {
if(!preg_match('/^[ABCEGHJKLMNPRSTVXY]{1}\d{1}[A-Z]{1} *\d{1}[A-Z]{1}\d{1}$/', $ZipCode)) {
if(!preg_match('/^\d{5}(-\d{4})?$/', $ZipCode)) {
$result['valid'] = false;
$result['reason'][$name] = 'Zipcode Entered is Invalid';
}
}
}
}

// Phone Validation

$PhoneNumber = array('PhoneNumber1', 'PhoneNumber2', 'PhoneNumber3', 'PhoneNumber4', 'PhoneNumber5', 'PhoneNumber6', 'PhoneNumber7');

foreach($PhoneNumber as $phoneValid) {
if($name == $phoneValid) {
$validPhone = $_POST[$phoneValid];

if($validPhone != '') {
if(preg_match('/^(?:1(?:[. -])?)?(?:\((?=\d{3}\)))?([2-9]\d{2})(?:(?<=\(\d{3})\))? ?(?:(?<=\d{3})[.-])?([2-9]\d{2})[. -]?(\d{4})(?: (?i:ext)\.? ?(\d{1,5}))?$/', $validPhone)
|| preg_match('/^([\+][0-9]{1,3}[\ \.\-])?([\(]{1}[0-9]{2,6}[\)])?([0-9\ \.\-\/]{3,20})((x|ext|extension)[\ ]?[0-9]{1,4})?$/', $validPhone)
&& strlen($validPhone) > 9
&& strlen($validPhone) < 30
&& (int)($validPhone)) {
} else {
$result['valid'] = false;
$result['reason'][$name] = 'Phone Number Entered is Invalid';
}
}
}
}


return $result;
}

//Filter For Text Field
add_filter('wpcf7_validate_text','contact7_validations', 10, 2);
add_filter('wpcf7_validate_text*', 'contact7_validations', 10, 2);
 ?>

Tunoff JSON Rest API - Wordpress

Wordpress has introduced REST API Future from 4.4 version, this addition will makes it possible to access our content using JSON API, Which is good for other user to access your content easily.

To disable the REST API and don't want to use REST API

Add the code beloe to your theme ->  functions.php

add_filter('json_enabled', '__return_false');
add_filter('json_jsonp_enabled', '__return_false');

Social media share links - Wordpress - Without plugin

To use social media share link in a wordpress site without the use of any plugin, follow the below steps.

This snippets is useful in lopps under posts or pages, by adding this code you can get the share icons under every posts and page.

Step 1:

Find "page.php", "index.php" and  "single.php"

In these 3 pages you will find a while loop, add the code below just before end while <?php endwhile; ?>


//  Delicious
<a rel="nofollow" href="http://delicious.com/post?url=<?php the_permalink(); ?>&amp;title=<?php echo urlencode(get_the_title($id)); ?>" title="Bookmark this post at Delicious">Bookmark at Delicious</a>

// Blinklist
<a rel="nofollow" href="http://blinklist.com/index.php?Action=Blink/addblink.php&amp;url=<?php the_permalink(); ?>&amp;Title=<?php echo urlencode(get_the_title($id)); ?>" title="Share this post on Blinklist" >Blink This!</a>

// Digg
<a rel="nofollow" href="http://digg.com/submit?phase=2&amp;url=<?php the_permalink(); ?>" title="Submit this post to Digg">Digg this!</a>

// Google Plus
<a rel="nofollow" href="https://plus.google.com/share?url=<?php the_permalink(); ?>" title="Share on Google Plus">Google Plus</a>

// StumbleUpon
<a rel="nofollow" href="http://www.stumbleupon.com/submit?url=<?php the_permalink(); ?>&amp;title=<?php echo urlencode(get_the_title($id)); ?>" title="Share this post at StumbleUpon">Stumble this!</a>

// Facebook
<a rel="nofollow" href="http://www.facebook.com/sharer.php?u=<?php the_permalink();?>&amp;t=<?php echo urlencode(get_the_title($id)); ?>" title="Share this post on Facebook">Share on Facebook</a>

// Twitter
<a rel="nofollow" href="http://twitter.com/home?status=<?php echo urlencode("Currently reading: "); ?><?php the_permalink(); ?>" title="Share this article with your Twitter followers">Tweet this!</a>

//  Furl
<a rel="nofollow" href="http://furl.net/storeIt.jsp?t=<?php echo urlencode(get_the_title($id)); ?>&amp;u=<?php the_permalink(); ?>" title="Share this post on Furl">Furl This!</a>

//  Reddit
<a rel="nofollow" href="http://reddit.com/submit?url=<?php the_permalink(); ?>&amp;title=<?php echo urlencode(get_the_title($id)); ?>" title="Share this post on Reddit">Share on Reddit</a>

Step 2:

you can replace the text with your custom icon

For Example

//  Reddit
<a rel="nofollow" href="http://reddit.com/submit?url=<?php the_permalink(); ?>&amp;title=<?php echo urlencode(get_the_title($id)); ?>" title="Share this post on Reddit">
<img src="http://http://wordpress-code-snippets.blogspot.com/images/reddit.png" alt="Reddit' />
</a>

Step 3:

Done!!

How to create custom css option in a custom theme.

Adding custom css to a theme which is custom build is very easy, just follow the below steps.

Why custom css?

We can edit css from editor of a theme, but when we save it css will be reformatted with lot's of white space. This action will effect on Page load speed. To avoid this we can use an option called custom css and we can load the css in header which overrides the current css.

Let's make it quite simple with available plugins. i am using OPTION TREE

Step 1:

We will integrate OPTION TREE in the theme

1.Download the latest version of OptionTree and unarchive the .zip directory.
2. Put the option-tree directory in the root of your theme. For example, the server path would be /wp-content/themes/theme-name/option-tree/.
3. You must deactivate and/or delete the plugin version of OptionTree.
4. Add the following code to the beginning of your functions.php.
5. Create a folder (admin) and create a page (theme-options.php).

add_filter( 'ot_theme_mode', '__return_true' );
add_filter( 'ot_show_pages', '__return_false' );
require( trailingslashit( get_template_directory() ) . 'option-tree/ot-loader.php' );
require( trailingslashit( get_template_directory() ) . 'admin/theme-options.php' );

Step 2:

Add the below code to the (theme-options.php).

<?php
/**
 * Initialize the custom Theme Options.
 */
add_action( 'init', 'custom_theme_options' );

/**
 * Build the custom settings & update OptionTree.
 *
 * @return    void
 * @since     2.0
 */
function custom_theme_options() {

  /* OptionTree is not loaded yet, or this is not an admin request */
  if ( ! function_exists( 'ot_settings_id' ) || ! is_admin() )
    return false;

  /**
   * Get a copy of the saved settings array.
   */
  $saved_settings = get_option( ot_settings_id(), array() );

  /**
   * Custom settings array that will eventually be
   * passes to the OptionTree Settings API Class.
   */
  $custom_settings = array(
    'contextual_help' => array(
      'sidebar'       => ''
    ),
    'sections'        => array(
      array(
        'id'          => customcss',
        'title'       => __( 'Custom Css', 'theme-text-domain' )
      )
    ),
    'settings'        => array(
      array(
        'id'          => 'custom_css',
        'label'       => __( 'Custom Css', 'theme-text-domain' ),
        'desc'        => sprintf( __( 'Custom Css', 'theme-text-domain' ), '<code>wpautop</code>', '<code>media_buttons</code>', '<code>tinymce</code>', '<code>quicktags</code>' ),
        'std'         => '',
        'type'        => 'textarea-simple',
        'section'     => 'customcss',
        'rows'        => '15',
        'post_type'   => '',
        'taxonomy'    => '',
        'min_max_step'=> '',
        'class'       => '',
        'condition'   => '',
        'operator'    => 'and'
      )
   
    )
  );

  /* allow settings to be filtered before saving */
  $custom_settings = apply_filters( ot_settings_id() . '_args', $custom_settings );

  /* settings are not the same update the DB */
  if ( $saved_settings !== $custom_settings ) {
    update_option( ot_settings_id(), $custom_settings );
  }

  /* Lets OptionTree know the UI Builder is being overridden */
  global $ot_has_custom_theme_options;
  $ot_has_custom_theme_options = true;

}
?>


Step 3:

Add this below code to your heder.php above </head> tag.
<?php
if ( function_exists('ot_get_option') ) {
$custom_css = ot_get_option( 'custom_css' );
}
?>
<style>
<?php echo $custom_css; ?>
</style>

Step 4:

Done!!

Note: You can find this option under Apperance->Theme Options -> Custom Css