Unable to create directory-parent directory writable? wordpress 2.7

I was having uploading images on one of my WordPress 2.7 & 2.8 blogs. It gave me the following error:
Unable to create directory /home/username/server/wp-content/uploads/20XX/MM/ Is it parent directory writable by the server?

After a long time searching I found this solution from http://www.cyriac.me

Step 1: Log into your admin panel

Step 2: Go to Settings>>Miscellaneous

You will see two options,

Store uploads in this folder
Full URL path to files
Most probably you will see


in the first field.

Step 3: Edit that to just


Some people were suggesting that you solve the problem my making the folders permissions 777, meaning anyone can do anything to that particular folder. As a security guy, I knew this was a bad idea (and it also did work for me 🙂 ). I kept searching and ran into that solution.

Worked like a charm! thanks cyriac for putting solution on the blog.


The normal.dot error in MS Work 97-2003 is annoying to say the very least.  The Normal.dot is the main default template file in Microsoft Word. Because it contains a lot of customization settings, it is prone to corruption.

Here is a very simple way of fixing the Normal.dot error.  Click here for step by step instructions on how to fix the normal.dot file.


        fix normal.dot normal.dot error word 2000 normal.dot can't find normal.dot        normal.dot word 2000 normal.dot in word 2000 word 2003 normal.dot how to find the normal.dot in word 2000 normal.dot issues in word 2000 where is normal.dot in word 2000 word 2000 normal.dot corruption word 2000 what is normal.dot how to change normal.dot in word 2000 97 normal.dot not open word corrupt normal.dot microsoft word normal.dot  

How to get Malware/Virus/Trojans on your Home Windows computer:

1) Use Window 9x/2000/XP out of the box DO NOT bother to reconfigure it

Don't create any login accounts with strong passwords
Do all work from the adminstrator account (Windows does this out automatically  so   don't do anything)
Do not bother with patches no matter how critical (Windows will prompt you to update, just ignore it)
Don't disable the guest account
Don't change the name of default administrator account
Enable as many network protocols as you can


2) Use Internet Explorer

If you want your system to get infected with all kinds of malware DO NOT use Firefox or anytype of pop up blockers
When you use IE, don't increase the security under: Tools | Internet Options | Security tab, just leave it as is
Ensure all Java and ASP scripting languages are enabled, allowing other computers to load software on your computer remotely
Never patch Internet Explorer

3) Connect directly to the Internet

Do not use any kind of firewall 
Do not use Network Adress Translation (which will hide your IP adress)
Do not load SP2 for Window XP

4) Surf the deadliest sites with no protection

Surf Serial/Crack/Warez sites and always completely trust their sites
Porn sites with no protection
Screen Saver sites
“hacker sites”  not all hackers sites just “black hats” and script kiddie type sites
Find dark IRCs

5) Behavior that will help you get your system infected.

Download Screen Savers from site you are not sure about
Open emails from people you don't know
If you get a Security Warning that says “Do you want to download XXXXPROCUT NAMEXXX..” Don't even bother reading the rest just click yes.

6) Software that is more than likely infected

Tools bars that automatically download without your permission
Kazaa and some other free P2P tools


List of Tools for faster Infection:

Internet Explorer  (Firefox can affectively block malware)
Broadband/DSL (use of a firewall using Network Adress Translation will hide you system)
Windows 9.x/2k/XP (open source OSes such as Linux are less likely to be hacked)


Detected Spyware! System error #384

detected spyware system error #384

This is a bogus error screen that replaces your browser's home page. The message Reads:

Detected Spyware! System error #384

Your IP address is XX.XXX.XX.XX. Using this address a remote computer has gained access to your computer and probably is collecting the information about the sites you've visited and the files contained in the folder Temporary Internet Files. Attention! Ask for help of install the software for deleting secret information about the sites you visited.

You computer is full of evidences!

More than likely, this message is just the tip of the iceberg. Using simple intrusion detection tools you will see that your system has scores of viruses, trojans, worms and other malware installed on it. The message is trying to get you to purchase some scamware.


How to remove the “Detected Spyware! System error #384” message and all the malware on your system?

There are actually a few relatively easy ways for removing this malware:



COMPLETELY RE-INSTALL WINDOWS (self explanatory, and complete overkill unless you have rootkit on your system or something crazy like that.)


Spy Sheriff Removal

I was doing some testing on my Windows XP system surfing about some
sites of “ill repute” with IE6 and got hit with something called Spy

Spy Sheriff is like a watered down version of PS Guard or Smithfaud.  Like PS
, Spy Sheriff claims to want to remove all the malware it infects
you system with.  Both of these horrible bits of malicious code
are what I like to call scareware.  The get loaded on to your
system along with about 100 other viruses, worms and trojans and take
over you desktop with a message like “Spyware Infection”.  The
application then “scans” your system.  And tells you that you must
activate the Spy Sheriff or PS Guard in order to clean your
system.  When attempt to remove Spy Sheriff using Add/Remove programs, it simply adds itself again once you reboot.

In the background, all the malware they loaded on your system are
collecting data and send status report to a parts of the world. 
The scareware will usually make sure you know this to convince you to

Here is how to remove Spy Sheriff.

Beer Can Padlock Shim aka "Masterlock Master Key"

How to build a better padlock shim using a very special hacker tool… A beer can.

This was picked from Deviant Ollam at Defcon 13.  This is yet
another reason I love Defcon.   I've heard the arguement that
we [security professionals] should NOT “promote” hacking or do anything to suggest that it is cool.

But I think that is a pretty stupid thing to say… because hacking IS
cool.  Its not always bad and definitely not always good.  As
far as going to events like Defcon… The IT and Security Industry are
so slow and firewalled with corporate BS that they will actually hide
things the consumners need to know.  Just look at CiscoGate
Or, do like a typical government, know that there is a problems but be
so filled with overhead and beauracracy that they can not do any thing
about it even if they cared enough to.

You don't have that kind of big brother crap at the Defcon.  If
its broke you fix it and if it is fixed you break it to see if its

the locks on the doors into your house are no good don't you want to
know about it ASAP?

Ollams Site:

read more | digg story

Use Google To Find Passwords

Google hackers have been doing this for a while now. Here is a tutorial on finding passwords using google. This could be used to secure your own web server.

Security Professionals charged with protecting IT infrastrutures would do well to become the most aggressive hacker of their own networks. This would help them to proactively seek out new exploits on their network, webserver, or IS they protect.

read more | digg story

Google Hacking Explained

What is Google hacking? How is Google used by hackers as a tool? Read this article for more information.

Johny Long, author of the official Google Hacking book will be at the Las Vegas, NV Defcon 13 Convention signing books. 

read more | digg story

Secure RSS Syndication

Solution for making your own private RSS Syndication using bloglines, encryption and Greasemonkey. 

The way you'd use this is to make an RSS feed that you can access from anywhere.  Then encrypt it and use a Firefox script on Greasmonkey to decrypt it (at least thats the way I understand it).  The cool thing about it is that you could throw it right on pages with all relevent information across the web.  As soon as you updated it, it would reflect in your aggreggator.

I could see this being used for my many network passwords, but not my accounts.  I'm a little to paranoid for that.

read more 

1 2