Let’s find out that how can we actually start diving deep into learning Android:

1. developer.android.com

This website is sufficient for someone to learning android app development. It acts as a guide which covers from soups to nuts of android development. It also has a training feature where step by step methods are used.

2. TheNewBoston Channel on YouTUBE (Thanks to Abhishek Gahlot for sharing)

As per Mr. Anandan in the coming times, 90% of a website’s content will be video. Since every likes watching a video. So the above mentioned channel has 200 videos for dedicated android training.

The above mentioned resources are more than sufficient for someone who wish to learn android.

Kindly check the following presentation on design and development of mobile apps since mobile app development is different from native app development.

1. Site Hosted on a Vulnerable Server: Most of the times a WordPress site gets attacked just because of a vulnerable server since WordPress is highly secured from various attacks. So running after cheap web hosts isn’t a good decision.
2. Badly Configured WordPress Installation: Most of the times the site isn’t properly configured in terms of security which leads to many exploits.

Now let’s consider a attack scenario to understand the topic in a better way:

An attacker first of all attacks the most vulnerable site hosted on a server. After that he simply uploads a script known as shell and tries to traverse the whole server, which results in access to many websites. Most of the times a SymLink Attack is done to get access to all the domains hosted on that particular server. This results to access the wp-config.php file of any site using WordPress. Now the attacker gets access to the database and simply adds a new user to the database or modifies the password of the present user. Finally he logs into the admin panel and modifies any theme or plugin with the shell and thus gains full access.

Now we have sufficient information to repair a WordPress Installation. Let’s divide the cases:

Case 1: The homepage is showing something inappropriate and we can’t log into the admin panel

Step1: Access PHPMyAdmin and check the wp_users table. If no values are present then move to Step 2 else move to Step 3

Step 2: Execute the following queries:

</p>
INSERT INTO `databasename`.`wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES ('1', 'myblog', MD5('password'), 'John Doe', 'info@johndoe.com', 'http://www.johndoe.com/', '2012-06-07 21:03:00', '', '0', 'John Doe');

INSERT INTO `databasename`.`wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '1', 'wp_capabilities', 'a:1:{s:13:"administrator";b:1;}');

INSERT INTO `databasename`.`wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '1', 'wp_user_level', '10');
<p style="text-align: justify;">

Step 3: If the table wp_users and wp_usermeta has values then the delete all the records and then move to Step 2.

Step 4: Remove all other index.html or index.php files and create a index.php in the root with the following code:

</p>
&lt;?php

define('WP_USE_THEMES', true);

require('./wp-blog-header.php');
<p style="text-align: justify;">

Step 5: Your installation should work fine, if still you find some error then check another case.

Case 2: We can’t log in to the Admin Panel and the site working fine

Step 1: This means that someone has simply deleted the username or changed the password.

Step 2: Access PHPMyAdmin and access the wp_users table, if the user is available and all the other values like email, etc. are correct then execute the following query:

</p>
<p style="text-align: justify;">UPDATE  `database`.`wp_users` SET  `user_pass` = MD5(  'password' ) WHERE  `wp_users`.`ID` =&lt;your user id&gt;;</p>
<p style="text-align: justify;">

Step 3: After successfully logging into Admin Panel, kindly change your password once again since WordPress has a flaw, i.e., it stores salted passwords but work with simple MD5 Hashed password.

There can be many other cases but mainly the above two solves the issue unless someone hadn’t deleted the whole database. Finally here’s a list of things to do for future protection:

1. Delete all the files of WordPress installation except the wp-content folder
2. Upload the wp-admin, wp-includes and root files from latest WordPress archive
3. Upload the Emposha’s PHP Shell Detector and scan for any shell script
4. Finally run the installation and follow the steps mentioned in this article

 This brings us to the end of this article and I guess that next time when someone’s WordPress installation is attacked then he/she should be able to repair on its own. Now if you’ve any types of questions then please proceed. Even I can assist you as well.

So following are the steps to be followed:

Protecting wp-config.php

The most important file of the WordPress installation is the wp-config.php which needs to be protected at any cost.

1. File Permission: Permission may be changed to 400 or 440.
2. .htaccess Protection: This provides a protection from SymLink attacks.

</pre>
<pre>&lt;files wp-config.php&gt;
order allow,deny
deny from all
&lt;/files&gt;</pre>
<pre>

Protect wp-admin folder

define('DISALLOW_FILE_EDIT', TRUE);

It will be foolish to say that a website is fully secured and can’t attacked because vulnerability may be present in any of the component of the website or the server may be using some outdated components which can be sufficient to launch an attack. So it becomes very tough for a normal user to have a determine that is their content secure or not?

In my last semester, we were taught software engineering which was quite an interesting subject since it gave a great exposure to various topics of software engineering. So the most appealing was the software quality; if we follow some rules, regulations, standards, etc. then we can drive-off many issues on both the functional and non-functional end.

Following is a small checklist which may help to the budding programmers for getting huge success:

Both of the checklists are endless but the main motive is to create an awareness regarding quality and security. First of all on the quality domain, if we follow a standard and a proper development model then the we end up with a manageable code which can be easily maintained and performs well on the security domain as well.

Now on the security domain, I would just like to say that we needn’t become a security professional to secure our code/website, it’s just that a basic know-how is sufficient to protect ourselves. If we follow a basic discipline to establish a cause-and-effect relationship then it’s more than sufficient.

Finally I would like to say that in today’s world we can’t ignore security as well quality of our code/website since these two domains have really become the paradise for success and if we don’t initiate the transition process then we can never imagine secured cyber space. So if we want to become a successful web developer then we must consider both the domains! Best of luck to all you……..happy development

After a long time, I had to spare some time for writing this article since today it became the black day in the history of Indian Blogging. The most influential blogging site of India, Digital Inspiration run by Amit Agarwal got attacked and all the data was deleted (link). Amit Agarwal, who is India’s First Professional Blogger and he has always been a source of inspiration for all the indian bloggers. His worthy efforts has allowed India to get a place in the worldwide competition of top blogs. I’m really very dejected with this sort of attack

About the Attack

Few days back, the hacker(Ocim32) had injected an adf.ly script in www.labnol.org and generated revenue of $28. The script was removed several times though the attacker managed to reinsert it. On 27^th June, the site was hacked but somehow recovered (link). Finally on 1^st July, the attacker took the extreme step and deleted almost all the websites of the Digital Inspiration Network.

What do we learn?

The main website www.labnol.org was running on WordPress and DreamHost was the hosting firm. Nothing seems to be wrong in the choice of software and webhost. If we look at the insights then WordPress has penetrated the blogging network and majority bloggers are using it. Now if a blog of such high repute got compromised then the warning bells are ringing.

We can’t say that a blog of such value wasn’t using correct security measures. Can we trust on WordPress anymore? This is the only question to be asked since what should we do if something like this happens with us. Every day many websites running on WordPress gets targeted to various types of attack, who is to be held responsible: the hackers or poor security.

We need to form an association for protecting India on the cyber world else everyday one or the other sites will be targeted. Apart from that proper awareness regarding security should be the first priority!

Finally I would like to say that this event is sure shot eye-opener for all the blogger of India. Now make it a point to secure your sites since it’s better to secure than to call up a war!

Hello Folks,

Most of you might be aware with PHP and the way PHP has penetrated into the nerves of the internet; that we don’t need words to appreciate it. I personally feel that my own freelancing career has given me huge opportunities offshore but whenever I approached anyone in my country always came across a question that from where did you learnt PHP. And there wasn’t much appreciation on saying that I learnt on my own since in India everyone wants a certificate for assurance.

Recently I saw an advertisement of Innobuzz’s Distance Learning Program which certifies us as a PHP Professional. The course has been designed by experts and secondly it is highly effective for newbies as well professionals who are just looking for a certificate.

This program contains videos, presentations, demos and case studies in GUI based environment. The course can be simply ordered online and will be delivered to our doorstep. After completion of this course, we need to appear for an online exam and on clearing it a digital certificate is generated. Also the hard copy is delivered to us. Innobuzz is a globally recognized name in the IT circles for various training and IT projects. So this certificate will be of great value to anyone who enrolls into it. Now the best part about this course is that it comes with a nominal cost of INR 4500 only.

So what are you waiting for………simply apply for this course and become a Certified PHP Programmer

Useful Links

1. Innobuzz Website

2. Brochure for Certified PHP Professional Course on Distance Learning

Well the venue was Seminar Hall and I was present on dot. The whole event was organized by the Microsoft Student Partners and I should say that it was well managed. Riya Tayal was the anchor of the event and played her part well.

The main speech was given by Robert Sinclair, Chief Accessibility Officer, Microsoft, Redmond Office and it was mainly concentrated on role of accessibility in the application development process for mobile and other devices. A remarkable statement by Rob “India has more than 70 million disabled and if 10% of that population buys your application then imagine the profits earned”. The overall session was really amazing though the QA round was simply awesome.

Taiwan Excellence, which represents innovative and technological image of Taiwan’s competitive industries, is a symbol of Innovation, Reliability, and Value. Such excellence is radiated in many of Taiwan’s niche industries, particularly the ICT industry, of which many have become renowned brands in their field. In 2011, Taiwan Excellence along with selected 35 Taiwan international brands expects to bring Excellent Lifestyles to consumer’s daily life.

The event started in the InOrbit Mall, Vashi with the announcement of the “IT Travellers Go! Malaika Arora Khan was also present for brand promotion. There was a registration desk of Digit and gifted Silicon Power pen drives to 40 early birds. All the Digit community members residing in Mumbai and Pune were invited for the event. Even invitations were mailed to across INDIA. Various products from various Taiwanese companies like Acer, Asus, MSI, D-Link etc. were on display. Digit editorial team members also interacted and guided about the various products and technologies. I was very glad to interact with the editorial team of Digit. It was a perfect destination for all the geeks and technocrats!

The next part of this event was held at Yogi Midtown Hotel in Vashi. It was an interactive session among Acer, BenQ, D-Link and MSI moderated by the Soham Raninga, Online Editor of Think Digit. It was followed by the question-answer session. All the attendees were able to interact with the brand representatives in the question-answer session. I also got a chance to interact with them. And finally the dinner was served and this grand event came to a happy ending.

Near about 26 Taiwanese brands had participated in this event and the audience present mainly constituted of tech lovers and enthusiasts. And the brand forum consisted of Acer, BenQ, D-Link and MSI. Check this link (www.thinkdigit.com/events/taitra/blogs.php) for more articles on this event!

Finally this whole event was a huge success and allowed everyone including myself to get in contact with the like-minded people and mingle with the great personalities who hold a great position in the evolving IT world.

Also received the following error message:

After a bit of research I found an easy solution to fix this problem.

Step 1:

Download this file and place it in the installation directory of Joomla.

Step 2:

Open index.php in the installation directory of Joomla. Add the following lines on top of the file(index.php):

include(“repair.php”);

session_save_path($work_path);

 Now initiate the installation process and the problem will disappear.

Mozilla Firefox Implementation

1. Install an add-on named User Agent Switcher. This add-on allows us to switch the user agent (user agent is the technical name of a browser).
2. Now download useragentswitcher.xml(Right click and save it). After that open the User Agent Switcher Options from the addons tab.
3. After that switch the user agent by Tools->Default User Agent->iPhone 3.0
4. Now open http://m.google.com/ instead of http://google.com  or any website of your choice.
5. Main idea is that accessing a website in mobile version reduces the loading time but allows us to access the desired content.
6. Most of the popular websites are having a mobile version but the problem is that accessing it directly from a browser doesn’t allow us to access the mobile version.

Google Chrome Implementation

1. Install an extension named User-Agent Switcher for Chrome. This allows to switch the user agent similar to the Firefox Add-on.
2. After the extension is installed, we can manually add the user agents by simply opening the useragentswitcher.xml in a editor like Notepad++ and copy the user agent strings.

1. Develop Menu -> User Agent -> Select iPhone or iPad
2. For adding custom user agents: Develop->User Agent->Other. This will open a popup where a custom  user agent string can be entered which is generally in this format: Mozilla/[version] ([system and browser information]) [platform] ([platform details]) [extensions]

Internet Explorer Implementation

Simply visit Fiddler’s Tool for scripts and add-ons used to switch user agents.

So next time whenever you come across a slow internet connection simply switch your user agent to a mobile or handheld device and access the mobile version. I have tried my best to explain the steps still if something is left do let me know. And don’t forget to check the pictures of my Himachal Trip.