To regularly optimize my WordPress database tables, I created a small plugin that utilizes the WordPress Cron feature. This comes in handy to perform database optimization for WordPress on a regular basis, without forgetting about it. Just activate and enjoy. And here is the plugin code.
Webapps occasionaly need to create tokens that are hard to guess. For example for session tokens or CSRF tokens, or in forgot password functionality where you get a token mailed to reset your password. These tokens should be cryptographically secure, but are often made by calling rand() multiple times and transforming the output to a string. This post will explore how hard it is to predict a token made with rand().
The WordPress WP-Super-Cache cache plugin doesn’t minify HTML cache files, which I find a … Read More
OpenSSL comes in handy when you need to generate random passwords, for example for system accounts and services. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP…
Does Magento 2 throw an error about always_populate_raw_post_data being set to 0? And are … Read More
Tune PHP OPcache and make OPcache perform even better! After you’ve optimized realpath_cache_size, it’s time to fine-tune PHP OPcache. With just a few tweaks you can tune OPcache to make it perform much better, and here is how!
In my WordPress multisite, I use one theme for three sites and a tracking … Read More
This plugin adds a three second delay when logging into WordPress. This slows down brute-force attacks on your website. However, it is not recommended to use sleep(), because a heavy brute-force attack will let all those POST requests sleep for the given amount of time.
Deny direct access to PHP files in wp-content/uploads/. The following PHP function secures your WordPress website by disabling the execution of PHP scripts in wp-content/uploads, on Windows Server IIS web servers. It creates a web.config file for this purpose.
An important note for everyone who’s upgrading from PHP 5.4 and PHP 5.5 to PHP 5.6: the PHP default_charset in php.ini changed from “empty” to UTF-8, often breaking sites after upgradiong from PHP 5.4 and PHP 5.5 to PHP 5.6. UTF-8 encoding breaks when upgrading PHP 5.6 to PHP 7.0. Fix
PHP with ini_set( ‘default_charset’, “” ); or in your php.ini with default_charset = “”.
Learn how to set a good PHP realpath_cache_size and optimize your PHP performance. . Increasing realpath_cache_size might greatly improve PHP performance, as PHP states: “this value should be increased on systems where PHP opens many files.” Setting a correct value for PHP realpath_cache_size can greatly improve PHP performance and optimize WordPress – and other CMS’s – websites.
Redirect pages with PHP. If you’ve moved some old PHP pages, or URLs, to new pages and URLs, you can use the following PHP code snippet to easily redirect all visitors and incoming requests to the new location. This PHP code snippet uses a 301 Moved Permanently redirect, perfect for SEO.
Sometimes you may want to display commas in tag names. For example if you have a business directory listing and want to create one single taxonomy (tag name) “cafe, restaurant, bar”. This post shows you how to create a filter in your functions.php file to display WordPress tags with a comma, enjoy!
Perform a PHP cURL request to check if your website is up or not. Verify your website’s online status and availability using just PHP. This script comes in handy because website uptime and availability is important, and you want your website to be always online available. If your website is down, it’ll send you an email to notify you about downtime.