How to properly secure my WordPress installation?
Links: http://codex.wordpress.org/Hardening_WordPress http://perishablepress.com/press/tag/security/ (lots of great articles) http://www.wpsecure.net/secure-wordpress/
server
Implement ssl to a WP docker container [closed]
Implement ssl to a WP docker container [closed]
WordPress .htaccess subdirectory problem
Even though static files and directories do work with a mod_rewrite’d wordpress installation in the servers root you might need to exclude your CodeIgniter subdirectory from that mod_rewrite lineup. You can do so by placing an additional .htaccess file into the CodeIgniter directory and disable mod_rewrite in there: <IfModule mod_rewrite.c> RewriteEngine off </IfModule> Related: apache … Read more
Multisite behind Varnish
I found a fix here: http://core.trac.wordpress.org/ticket/15936 You basically need to modify wp-includes/ms-settings.php like this (remove ‘-‘ lines; add the ‘+’ line): @@ -26,18 +26,8 @@ if ( !isset( $current_site ) || !isset( $current_blog ) ) { + $_SERVER[‘HTTP_HOST’] = preg_replace( ‘|:\d+$|’, ”, $_SERVER[‘HTTP_HOST’] ); $domain = addslashes( $_SERVER[‘HTTP_HOST’] ); – if ( false !== strpos( … Read more
How to monitor server for error establishing a database connection
You can actually use Pingdom to check for this kind of error, rather than a straight forward check for a response from the server you can configure the check to look for a particular string on the page. For instance, if your page has some kind of consistent bit of text on the homepage then … Read more
Update, add, remove plugins, themes or wordpress behind load balancer
This is a fantastic question – I’ve personally never run into this before, but here’s what I’d try, assuming: you have an image of a server that you’ve been using to spin up new instances you’re using a CDN and cloud storage for images and uploads (rather than having a local uploads folder) With those … Read more
Character encoding issue after changing servers
After spending the entire day working on this, I finally found a guide that worked perfectly: https://theblogpress.com/blog/seeing-weird-characters-on-blog-how-to-fix-wordpress-character-encoding-latin1-to-utf8/ Before that, I tried following @Rarst’s information, tried exporting the database and manually cleaning it, tried the UTF-8 Sanitize Plugin with a modified version from here http://www.prelovac.com/vladimir/ultimate-solution-to-weird-utf-character-encoding-problem (which actually worked pretty well, but didn’t fix all the characters. … Read more
Is it safe to use $_SERVER[‘REQUEST_URI’]?
$_SERVER[‘REQUEST_URI’] will not be empty in WordPress, because it is filled in wp_fix_server_vars() (file wp-includes/load.php). This function is called in wp-settings.php before any plugin is loaded. So you can use it. But always escape the value. It is global and can be changed by any other code, so you cannot trust its value. A different … Read more
Can you have a blog in a subdirectory hosted on a different server?
A reverse proxy could work, such as varnish or nginx. Using varnish as an example: backend blog { .host = “blog-server-ip”; } backend default { .host = “current-domain-ip”; } sub vcl_recv { if (req.rul ~ “^/blog/”) { req.backend = blog; } }
In which directory do I find the HTML file of my wordpress pages?
WordPress stores content in the database, there are not any physical files with the content of the pages(or posts). The theme’s template files control how to render and display your site, you can find those files in wp-content/themes/YOUR-ACTIVE-THEME-NAME-HERE.. You can find lots of information on themes and their development here. http://codex.wordpress.org/Theme_Development Additional information and guidance … Read more