Windows Server 2016 was finally released last week, meaning we can finally lift the idiotic 260 characters limitation for NTFS paths. In this post I’ll show you how to configure the Enable Win32 long paths setting for the NTFS file system, through Group Policy (a GPO). Also for Windows Server 2019.
Read More »Enable NTFS long paths in Windows Server 2016 and 2019 by Group Policy In various hosting environments, WordPress core-, plugin- and theme updates sometimes fail because of enabled opcode caches. Popular PHP opcode caches are OPcache, WinCache and APC. This little WordPress Must Use Plugin tries to flush opcode caches. Making your live a bit easier when updating WordPress Core, Plugins and Themes.
Read More »Clear PHP opcode caches before WordPress Updates: ease the updating process WinCache, or Windows Cache Extension for PHP, is a PHP accelerator that is used to significantly increase the speed of PHP applications running on Windows Server IIS. Besides increasing the speed of PHP applications, WinCache decreases CPU usage making it a win win situation extension.
Read More »The WinCache effect: Save with object caching WordPress load testing with ApacheBench.
ab is a small benchmark utility that comes with Apache. It’s a really simple HTTP load generating tool, ideal for a simple WordPress load & speed test. How fast does your WordPress site respond? How many HTTP requests per second can your server handle? These are questions on which ab can shed some light.
How to measure WordPress’ loading time and executed database queries?
During an HTTP request, WordPress executes a lot of queries on your MySQL database. Not just the database queries take time, also loading and executing PHP takes time. How do you measure this?
Read More »Measure WordPress loading time and queries Found via cyber-ir.com: This paper is the best I have ever read on how to build IOC’s with Windows Event ID’s. I highly recommend you to read it, it contains very useful information and some very interesting behavioural examples of attacker activity. If you are looking to enhance your detection in your core network this is the document!
Read More »Intrusion Detection with Windows Event ID’s Who said WordPress is slow on Windows Server IIS? Gzip compress and serve WP-Super-Cache or Cache Enabler static HTML files, to supercharge your WordPress blog. Here is how to serve gzip compressed HTML files through Windows Server IIS: create smaller, compressed, static HTML files, that are downloaded faster. This works with WP-Super-Cache and Cache Enabler on IIS!
Read More »Tips to speed up WordPress, serve gzip compressed static HTML files
9+ Practical tips to optimize WordPress hosting
Optimized WordPress hosting is a subject on which a lot is written about. And therefore, this post is not about where to host your WordPress blog, or who offers the best WordPress hosting. This post is for you developers, what you can do to optimize your WordPress hosting stack.
Read More »Optimize(d) WordPress hosting (9+ practical tips) Over the course of one week I had the opportunity to audit two hacked WordPress websites. I could quickly discover two vulnerabilities: a Cross Site Scripting, or XSS, in a premium WordPress theme Akal, and a Denial-of-Service in an undisclosed newsletter plugin. This post describes the Akal premium WordPress theme XSS vulnerability.
Read More »WordPress advisory: Akal premium theme XSS vulnerability Disk cleanup in Windows Server using DISM is one of the most popular posts here on Saotn.org. It is still valid for Windows Server 2016 and up. So apparently, disk space usage is an issue in Windows Server. Which made me wonder: what more ways to clean up disk space in Windows Server are there?
Read More »5 Extra ways to clean up disk space in Windows Server You sometimes need to list and get all MAC addresses of all Hyper-V virtual machines in your network. Either for your Hyper-V administration or provisioning if you don’t set an unique MAC address automatically. Here is how to get all those MAC addresses easily with PowerShell.
Read More »List all MAC addresses of all Hyper-V Virtual Machines This is a very interesting read on how Dario Weißer (@haxonaut), cutz and Ruslan Habalov (@evonide) were able to find a PHP unserialize bug to exploit and gain remote code execution on Pornhub. Pornhub’s bug bounty program is at Hackerone In stead of actively attacking Pornhub, they took another road and attacked what Pornhub is built upon: PHP.
Read More »“How we broke PHP, hacked Pornhub and earned $20,000”
Having an SSL certificate in your WordPress is the de-facto standard nowadays, did you know that? Google ranks sites having HTTPS higher in their SERP. But in WordPress, how do you configure an SSL certificate and HTTPS URL? You’ll learn the important steps to move WordPress from http to https in this post.
Read More »SSL in WordPress: how to move WordPress to HTTPS? The definitive guide Are you running into MySQL load problems? Learn how to tune MySQL servers for a heavy InnoDB workload, by configuring innodb_buffer_pool_instances. Dividing the InnoDB buffer pool into multiple instances improves Disk I/O. By doing so, you run your database and website more efficiently and faster. Here is a little help for you.
How to migratie an Windows Server 2008 R2 KMS to Windows Server 2012 R2, for volume activation of Microsoft products? On a new KMS server? You don’t, apparently there is no Windows Server 2008 (R2) KMS to Windows Server 2012 R2 migration. There is no way to automatically transfer your KMS role along with the products its activating to another server. Luckily Charity Shelbourne wrote up a handy how to for this task.
Read More »KMS Migration from 2008 R2 to Windows Server 2012 R2 and KMS Activation Known Issues