Security?
Posted inWeb application security

WordPress .htaccess security best practices in Apache 2.4.6+

Apache Access Control done right in WordPress .htaccess, 'Allow/Deny from all' versus 'Require All Granted/Denied'. Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?
05/11/2018Posted inWeb application security
Posted inWindows Server

RewriteProxy with .htaccess in IIS

Rewrite and proxy HTTP requests in IIS using a .htaccess. In my case scenario, I had to proxy requests in IIS, because a website was moved from web server A to B, and the DNS wasn't updated yet. All HTTP requests for the moved website are handled in IIS' Default Web Site; that's the wildcard host, and the original host no longer existed there. We needed to match our website and proxy those requests to the new IIS web server. This can either be done using a proxy with IIS URL Rewrite, IIS Application Request Routing (ARR), or a .htaccess file handled by Helicon Ape.
08/10/2015Posted inWindows Server
Posted inWindows Server

Convert .htaccess to web.config

This post describes some of the IIS URL Rewrite Module web.config equivalents of commonly used Apache .htaccess settings. This is useful when you convert your Apache .htaccess to IIS web.config. The second part of this post outlines how to use Internet Information Services Manager to import and convert .htaccess rules to web.config.
08/02/2013Posted inWindows Server
IIS Manager for Remote Administration in Windows 10
Posted inWindows Server

Install and setup IIS Manager for Remote Administration in Windows Server IIS (step by step)

In this article you’ll learn how to install and setup IIS Manager in Windows 11/10 to manage your website(s). You can also follow these steps to install Internet Information Services (IIS) Manager on a Windows Server Core edition, to locally or remotely manage hosted websites. This post also shows how to install IIS Web Management Service (WMSVC) on Server Core using PowerShell.
22/04/2021Posted inWindows Server
Set PHP handler accessPolicy (Request Restrictions) to Read in IIS
Posted inWeb application security

Disallow direct access to PHP files in wp-content/uploads/

It's recommended to disallow access to and execution of PHP files in wp-content/uploads folder. Preferably without the use of a security plugin. Blocking access to PHP files in WordPress wp-content/uploads folder is easily achieved with a .htaccess file on Linux Apache, or web.config accesssPolicy in Windows Server IIS, and here is how. Secure your WordPress site with this simple, yet effective, tip!
16/03/2020Posted inWeb application security
WP-Super-Cache logo
Posted inWordPress

Tips to speed up WordPress, serve gzip compressed static HTML files

Who said WordPress is slow on Windows Server IIS? Gzip compress and serve WP-Super-Cache or Cache Enabler static HTML files, to supercharge your WordPress blog. Here is how to serve gzip compressed HTML files through Windows Server IIS: create smaller, compressed, static HTML files, that are downloaded faster. This works with WP-Super-Cache and Cache Enabler on IIS!
05/09/2016Posted inWordPress
Your WordPress hosting at Warp Speed - img. credits: Christian Daryanto Limas @ flickr
Posted inWordPress

Optimized WordPress hosting (9+ practical tips)

WordPress optimized hosting is a subject on which a lot is written about. And therefore, this post is not about where to host your WordPress blog, or who offers the best WordPress hosting. This post is for you developers, what you can do to optimize your WordPress hosting. This post is not about setting up high-availability, fail-over, clustering, IIS versus Nginx versus Apache, RAID 1, 5, 6, 10, different types of storage, and so on. It’s about solving performance issues.
31/08/2016Posted inWordPress