While prototyping a WordPress plugin I’m writing, I experimented with supplying default templates to display pages related to a custom post type. This is accomplished using the template_redirect action API. If the following technique is not used, any special templates a plugin provides would need to be copied to the active theme, making plugin installation […]
HowTo: Securing WordPress wp-content and wp-includes Directories
After some banging around in mod_rewrite, I sorted out how to prevent prying fingers from directly executing PHP modules that are contained within the wp-content and wp-includes directories. With few exceptions, PHP modules in these directories should not be directly access by a browser client.