We had a lot of spam users in our multisite wordpress system. This was because we had self-registration enabled for a period. Not a smart thing to do… anyway, I wrote a bash script in order to find which users id’s from the Mysql database that could potentially be spam users. With this list of

For those who are running a WordPress site today at May 2013, you should know about this on-going BruteForce attack against many WordPress sites around the world. http://www.bbc.co.uk/news/technology-22152296 Here at University of Bergen, we are also working on to protect our multisite WordPress installation. How is this “attack” performed? There is a so-called “botnet”, where

We are upgrading to WordPress Multisite 3.5.1  tomorrow. In addition we are also upgrading 20 plugins and 7 themes. This time we hope that we don’t experience the problem with the Atahualpa theme, and we hope everything goes well. Good luck 🙂 Details: https://rts.uib.no/projects/wp

After we upgraded our test wordpress multisite to 3.5 we realized that that both the ‘admin’ user and the other siteadmin users where suddenly added as a ‘participant’ to all the wp sites we had. Siteadmin shouldn’t be a member or participant to any blog in a multisite wordpress installation we think. The biggest problem

I had to send emails to all the Blog admins in our WordPress Multisite installation. This is how I did it: [code lang=”php”] <?php # Alert Blog Admin php script # connect to blog db, select from, find all blog admin email adresses # get subject, body from pre-created local files, send the email #