To regularly optimize my WordPress database tables, I created a small plugin that utilizes the WordPress Cron feature. This comes in handy to perform database optimization for WordPress on a regular basis, without forgetting about it. Just activate and enjoy. And here is the plugin code.
PHP Tag Archive
Cracking PHP rand()
Webapps occasionaly need to create tokens that are hard to guess. For example for session tokens or CSRF tokens, or in forgot password functionality where you get a token mailed to reset your password. These tokens should be cryptographically secure, but are often made by calling rand() multiple times and transforming the output to a string. This post will explore how hard it is to predict a token made with rand().
Minify WP-Super-Cache HTML cache files: WPSCMin a WP-Super-Cache plugin
The WordPress WP-Super-Cache cache plugin doesn’t minify HTML cache files, which I find a disadvantage. Knowing minify libraries, I went looking for an existing solution (why reinvent the wheel?), and found one: WPSCMin. Read on …
Generate pseudo-random passwords with OpenSSL
Generate a random password using OpenSSL. OpenSSL comes in handy when you need to generate pseudorandom strings, for example to be used for passwords. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP, perfect for use with for system accounts and services accounts.
Always_populate_raw_post_data setting in PHP 5.6 & Magento 2.0
Does Magento 2 throw an error about always_populate_raw_post_data being set to 0? And are you having problems installing or updating Magento with PHP 5.6 and PHP 7? Then read on, because here is how to fix upgrades to Magento 2.0 in PHP 5.6 and higher: PHP 7+.
How to optimize PHP OPcache configuration
Tune PHP OPcache and make OPcache perform even better! After you’ve optimized realpath_cache_size, it’s time to fine-tune PHP OPcache. With just a few tweaks you can tune OPcache to make it perform much better, and here is how!
How to add conditional analytics tracking code in WordPress Multisite
In my WordPress multisite, I use one theme for three sites and a tracking code for analytics on my websites. Whether it is Google Analytics or Piwik doesn’t matter. Here is how you can conditionally add tracking codes to your WordPress Multisite: Use a condition in functions.php to add the tracking code for Piwik/Matomo Analytics or Google Analytics.
Add a delay to your WordPress login form
This plugin adds a three second delay when logging into WordPress. This slows down brute-force attacks on your website. However, it is not recommended to use sleep(), because a heavy brute-force attack will let all those POST requests sleep for the given amount of time.
PHP 5.6 default_charset change may break HTML output
An important note for everyone who’s upgrading from PHP 5.4 and PHP 5.5 to PHP 5.6: the PHP default_charset in php.ini changed from “empty” to UTF-8, often breaking sites after upgradiong from PHP 5.4 and PHP 5.5 to PHP 5.6. UTF-8 encoding breaks when upgrading PHP 5.6 to PHP 7.0.
Convert PHP ext/mysql to MySQLi
This post will show you how to convert PHP mysql extension functions to PHP MySQLi extension. Migrating away from ext/mysql to MySQLi (or PHP Data Object (PDO)) is important, because the ext/mysql functions are deprecated as of PHP 5.5.0. If you do not update your PHP code, your website will fail soon!
How to set a good PHP realpath_cache_size
Learn how to set a good PHP realpath_cache_size and optimize your PHP performance. . Increasing realpath_cache_size might greatly improve PHP performance, as PHP states: “this value should be increased on systems where PHP opens many files.” Setting a correct value for PHP realpath_cache_size can greatly improve PHP performance and optimize WordPress – and other CMS’s – websites.
Redirect old URL to new URL or send 404 page with PHP
Redirect pages with PHP. If you’ve moved some old PHP pages, or URLs, to new pages and URLs, you can use the following PHP code snippet to easily redirect all visitors and incoming requests to the new location. This PHP code snippet uses a 301 Moved Permanently redirect, perfect for SEO.
Display commas in WordPress tags
Sometimes you may want to display commas in tag names. For example if you have a business directory listing and want to create one single taxonomy (tag name) “cafe, restaurant, bar”. This post shows you how to create a filter in your functions.php file to display WordPress tags with a comma, enjoy!
Check website availability with PHP and cURL
Perform a PHP cURL request to check if your website is up or not. Verify your website’s online status and availability using just PHP. This script comes in handy because website uptime and availability is important, and you want your website to be always online available. If your website is down, it’ll send you an email to notify you about downtime.
Exploit PHP’s mail() to get remote code execution
If you are able to control the 5th parameter of the mail() function ($options), you have the opportunity to execute arbitrary commands. Remote Code Execution (RCE) in PHP mail()