Peng Zhang on January 4th, 2015

First off, this can be done, but without some minor issues. And this solution is probably more fit for those who are techy and understand the Internet. It would be more trouble for support if the solution is handed over to a client who does not have much basic internet knowledge. With that out of [...]

Continue reading about Securing WordPress site without Buying an SSL Certificate

FTP is an unsafe protocol. avoid using FTP as much as possible; never use the credentials of the hosting customer account for FTP, even though many hosts allow that to be used for FTP as well; use the file manager provided within cPanel for uploading files, as a secure option; test out the WebDisk feature [...]

Continue reading about Security Best Practices for Web Administrators of Shared Linux Hosting

Peng Zhang on February 15th, 2012

I encountered a Sharepoint security oddity with a document library. Basically, a user who does not have permission to access a folder within a document library can actually view the folder when he/she uses a particular link format. Note that it is using to open a window on a folder. See the different link [...]

Continue reading about Security Problems with Certain Link Format to Document Library

Peng Zhang on September 16th, 2011

Here are the resources that helped me to hide Site Actions menu for those in the visitors and members groups. The main idea is to use the SPSecurityTrimmedControl around the Sharepoint:SiteActions tag, and a carefully chosen Permissions attribute in the SPSecurityTrimmedControl.  

Continue reading about Hide Site Actions Menu for Visitors and Members

Peng Zhang on July 18th, 2011

I was always curious and now finally has the opportunity to test it out myself. Below is a list of domains that I tested from within China: – gets re-directed to – no response – no response – no response – works OK – no response vimeo – [...]

Continue reading about Are Facebook and Twittering Blocked in China?

Peng Zhang on December 1st, 2010

After setting up various tests, googling, tinkering with bits of html and css, I was able to nail down the cause of this nasty nagging alert – “This page contains secure and nonsecure items” in Internet Explorer (IE). I was suspecting that any “http://” references anywhere in the html page, referenced javascript and css files [...]

Continue reading about Nonsecure Content Alert in IE