Query all WordPress posts in MySQL not having a Yoast SEO meta description
Query all posts in WordPress not having a Yoast SEO meta description yet. You can run this on your MySQL prompt or in phpMyAdmin
WordPress
Read MoreQuery all WordPress posts in MySQL not having a Yoast SEO meta description
Disallow direct access to PHP files in wp-content/uploads/
Securing the WordPress uploads folder is important. In many hacked WordPress sites, a PHP backdoor is found within the WP_CONTENT_DIR/uploads directory. Often because this is the location where uploads are placed automatically. From the backdoor within wp-content/uploads other backdoors are uploaded to various locations, and scripts are injected with malware.
WordPress .htaccess security best practices in Apache 2.4.6+
Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. Apache Access Controle done right in WordPress .htaccess.
Increase WordPress’ memory limit WP_MEMORY_LIMIT properly in wp-config.php
How to increase the memory limit for your WordPress website, the right way. In this post I show you a correct way of setting WordPress WP_MEMORY_LIMIT and PHP memory_limit settings to improve Wordpress speed & performance.
Protect WordPress from brute-force XML-RPC attacks
How to protect your WordPress from brute-force XML-RPC attacks, because the WordPress XML-RPC API has been under attack for many years now.
Remove Jetpack email sharing service
Remove Jetpack email sharing service using WordPress plugin or theme functions.php file. It's often abused by spammers
Check WordPress Core files integrity
Check WordPress integrity and verify WordPress Core files' md5 checksums against WordPress' checksums API, using this standalone PHP file.
Clear PHP opcode caches before WordPress Updates: ease the updating process
WordPress core-, plugin- and theme updates sometimes fail because of enabled opcode caches in PHP. Popular PHP opcode caches are OPcache, WinCache and APC. This little WordPress Must Use Plugin tries to flush opcode caches. Making your live a bit easier when updating WordPress Core, Plugins and Themes.
Akal Premium WordPress theme XSS vulnerability
This post describes the Akal premium WordPress theme Cross Site Scripting (XSS) vulnerability. If you use this theme, delete it immediately!
Send authenticated SMTP email over TLS from WordPress
Learn how to override wp-mail() and send secure email using authenticated SMTP and StartTLS from WordPress.
Huge increase in WordPress xmlrpc.php POST requests
How to identify, block, mitigate and leverage xmlrpc.php scans, brute-force, and user enumeration attacks on WordPress sites... Secure WordPress xmlprc.php interface and reduce service disruption.