Cookie set without HttpOnly flag
Have you tried adding Header always edit Set-Cookie (.*) “$1; HttpOnly” Header always edit Set-Cookie (.*) “$1; Secure” to your .htaccess? Found this on StackOverflow
wp-config
Google Page Speed Insights not recognising WP-Cofig settings?
The enfoce_gzip constant, and the other in the same group in your config, actually refer to how wordpress should serve admin side related JS and CSS, and it seems like you are interested in the front end. Setting gzip compression is something that you should do in your server configuration level (several options depending on … Read more
What is the difference in the WP memory limits?
Max is used on the admin side, WP_MEMORY_LIMIT is used on the front end. Don’t increase the memory available more than you need to or you’ll run the risk of running out of RAM if you have too many simultaneous hits on pages.
Ways to load admin-ajax faster without initializing all plugins?
If your requests take 3-5 sec to finish, then there is most likely something else going on. The admin Ajax itself won’t take that much to load. You might be having some heavy plugin, or having some hooks running expensive meta queries on load. You can try the REST-API, which is slightly faster than Admin-Ajax. … Read more
Moving wordpress site from localhost to live server using GoDaddy cPanel
The issue was the file path. I moved all of my localhost files from the subfolder into the main public_html folder. I moved a couple of existing files – home.html/404.shtml/layout.css into a sub folder and the site now works.
WP_MEMORY_LIMIT didn’t work in wp-config, only within default-constants.php
Your code appears to be using he incorrect quote characters. You have ’ instead of ‘. This can happen if you copy it from a site where the quotes have been converted to ‘fancy quotes’ by the publishing platform but the author didn’t catch it. So replace define(‘WP_MEMORY_LIMIT’, ’128M’); With define(‘WP_MEMORY_LIMIT’, ‘128M’);
Why was my new WordPress installation’s config page publicly viewable when first installed?
This is a problem with dreamhost documentation/practice (and I assume with all “one click” installation of wordpress). They should have clarified that you should complete the installation in few minutes from creating the site. The wordpress installation, with its two parts, is assumed to be done at one go. But then, realistically there is no … Read more
Need help fixing my wp-config file [closed]
Use wp-config-sample.php as a guideline. Rename your current wp-config.php file to wp-config-borked.php. Then copy wp-config-sample.php to wp-config.php. Then change the database name and credentials (user, pass) in the wp-config.php file. Never share your wp-config.php file. It contains the ‘keys to the kingdom’. If you have shared, change the database’s credentials via hosting “MySQL Databases”.
White screen of death on admin pages after moving wp-config up two levels for security
wp-config.php includes files, it’s not just a config file, and WordPress isn’t built to allow putting the file 2 levels up. However, WordPress already supports loading wp-config.php from 1 level up. With all of this in mind though, this is only really a protection if you’re worried about mis-configuring your server. Unless PHP execution is … Read more
Are the wordpress settings (abspath, disable core updates) added by SiteGround of any use after I’ve migrated to a different host?
Both of these settings are used in all WordPress installs – they’re not specific to any host. The ABSPATH ensures that WordPress knows which folder to look in to find all of its files. Whether Core auto-updates are good or bad really comes down to your own processes and preferences. For security reasons, enabling the … Read more