WordPress

WordPress.org logo

WordPress Security, WordPress Help, and WP optimization and development. Run WordPress and your servers as efficiently and secure as possible. These articles provide a broad overview of WordPress security, optimization and developent with specific recommended approaches. This is of huge importance for every WordPress developer and website owner. Harden your WordPress website security with these valuable tips!

In the first place how to optimize WordPress performance on Windows Server IIS. Secondly how to use WordPress plugins for speed, optimization & security. Tips! And PHP and MySQL! After all this is everything we want.

Show the number of registered WordPress users in the At-a-Glance widget in the Dashboard

Count and display number of WordPress users in your Dashboard

Show the number of registered WordPress users in At-a-Glance widget Often when a WordPress site is compromised, the website owner doesn’t notice anything strange at first. First a lot of users are created, and it’s only later when posts filled with spam are created or existing pages/posts edited. In the time between compromise and creation …

Count and display number of WordPress users in your Dashboard Read More »

Set PHP handler accessPolicy (Request Restrictions) to Read in IIS

Disallow direct access to PHP files in wp-content/uploads/

Secure wp-content/uploads in Linux Apache and Windows Server IIS It’s recommended to disallow access to and execution of PHP files in wp-content/uploads folder. Preferably without the use of a security plugin. Blocking access to PHP files in WordPress wp-content/uploads folder is easily achieved with a .htaccess file on Linux Apache, or web.config accesssPolicy in Windows …

Disallow direct access to PHP files in wp-content/uploads/ Read More »

Reduce Wordfence CPU usage, disable Wordfence “Live Traffic View”

Whenever WordPress is using a lot of CPU and you have Wordfence Security plugin enabled, it is recommended to double check some settings. Unfortunately the Wordfence “Live Traffic Options” (“Traffic logging mode”) feature can cause high CPU usage and load issues for WordPress websites. Therefore, I recommend you disable this feature to improve the performance …

Reduce Wordfence CPU usage, disable Wordfence “Live Traffic View” Read More »

Automatically flush Redis cache after publishing a WordPress post

In a previous post I explained that clearing PHP opcode caches before WordPress Updates helps in streamlining the update process. WordPress updates no longer fail because of cached file locations. Did you know you can automatically flush opcode caches like Redis when you publishing a post or page in WordPress? Doing so ensures you and …

Automatically flush Redis cache after publishing a WordPress post Read More »

Security?

WordPress .htaccess security best practices in Apache 2.4.6+

Apache Access Control done right in WordPress .htaccess, ‘Allow/Deny from all’ versus ‘Require All Granted/Denied’ Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, …

WordPress .htaccess security best practices in Apache 2.4.6+ Read More »

Increase WordPress’ memory limit WP_MEMORY_LIMIT properly in wp-config.php

How to increase the memory limit for your WordPress website, the right way. The WordPress memory limit can be increased by the WP_MEMORY_LIMIT variable in wp-config.php. However, I see this done wrong over and over again in WordPress plugins and themes. In a worst case scenario this may even decrease the available amount of memory …

Increase WordPress’ memory limit WP_MEMORY_LIMIT properly in wp-config.php Read More »

How to: Protect WordPress from brute-force XML-RPC attacks

The WordPress XML-RPC API has been under attack for many years now. Back in August 2014, WordPress released version 3.9.2, fixing a possible denial of service issue in PHP’s XML processing. There are brute-force amplification attacks, reported by Sucuri, and so on. So, how do you protect WordPress from xmlrpc.php attacks, but still being able …

How to: Protect WordPress from brute-force XML-RPC attacks Read More »

The WinCache effect: Save with object caching

WinCache, or Windows Cache Extension for PHP, is a PHP accelerator that is used to significantly increase the speed of PHP applications running on Windows Server IIS. Besides increasing the speed of PHP applications, WinCache decreases CPU usage making it a win win situation extension.

Show Buttons
Hide Buttons