Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security

Category: WordPress (page 3 of 4)

WordPress 4.2 query improvements in ‘orderby’ and ‘meta_query’

WordPress 4.2 is coming soon, and Boone Gorges writes on Make WordPress Core about WP_Query improvements for ‘orderby’ and ‘meta_query’:

Continue reading

How to disable WordPress comments

The WordPress comment system can be a bless for your blog, because of the user interaction. However, when the WordPress comment option is abused by spammers, it becomes a real pain in the “@ss”. With tens- or hundreds of thousands spam reactions, disabling WordPress comments – and removing – is the only way to go. Here is how to disable WordPress comments in both the WordPress Dashboard interface and in your MySQL database.

Continue reading

Display commas in WordPress tags

How to display WordPress tags with commas in them? Normally, in a WordPress post all tags are comma seperated: php, wordpress, functions.php. But what if you want to use a tag with commas in it? For instance cafe, bar, restaurants. Easy, create a filter in your WordPress functions.php, here is how.

Continue reading

Change WordPress stylesheet_uri with add_filter()

How to change WordPress’ stylesheet URL with add_filter(). Just a quicky: To change the stylesheet URL in WordPress, to offload static content, put the following in your theme’s functions.php file:

Continue reading

WordPress Plugin Vulnerability Dump – Part 1

This post contains information on vulnerabilities for 7 (at least somewhat) popular WordPress plugins. All of these vulnerabilities were trivial to discover (and are trivial to fix). The state of WordPress plugin security is very sad indeed. None of the developers were contacted in advance of this post (except where otherwise noted). Additional vulnerabilities will be posted as time permits. WordPress Plugin Vulnerability Dump – Part 1

Send authenticated SMTP email over TLS from WordPress

How to configure TLS for SMTP email in WordPress. I was suprised WordPress is not able to send email using an SMTP server out-of-the-box. Not to mention using authenticated SMTP or TLS transport for security. A quick Google search showed me multiple plugins to handle this, but I wanted to create something myself. Here is how to override the wp-mail() function and send email using authenticated SMTP and StartTLS from WordPress.

Continue reading

Huge increase in WordPress xmlrpc.php POST requests

WordPress xmlprc.php DDoS and brute-force attacks. How to identify, block, mitigate and leverage these xmlrpc.php scans, brute-force, and user enumeration attacks on WordPress sites… Secure WordPress xmlprc.php interface and reduce service disruption.

Continue reading

Minify JavaScript, CSS and compress images

Optimize PNG images and minify JavaScript and CSS files, the easy and fast way? With YUI Compressor and OptiPNG on the Windows-, Linux- and macOS command line of course! Compacting HTML, CSS, and JavaScript can speeds up your website because of smaller and faster downloads, parsing, and execution time.

Continue reading

MySQL in WordPress 3.9

Gary Pendergast writes on Make WordPress Core:

Continue reading

WordPress wp_options table autoload micro-optimization

Learn how to optimize WordPress’ wp_options table for faster database results. This probably isn’t a big issue, but today I noticed a slow MySQL query coming from a WordPress database (WordPress wp_options table). This made me investigate and to optimize the WordPress wp_options table “autoload” feature. The autoload feature loads and caches all autoloaded options, if available, or all options. The default option is to autoload, and over time when the wp_options table grows, this degrades performance.

Continue reading

Install WordPress plugins without WP-admin access

Install WordPress plugins without admin access, and automate your WordPress customization and plugin installation. WordPress has a little drop-in plugin option available in the form of /wp-content/install.php. This install.php file is not present at default, but when created it can be used to install plugins without wp-admin access. This might come in handy for unattended WordPress installations, customization, and so on.

Continue reading

Optimize WP StatPress plugin database performance

The WordPress plugin StatPress (no longer available in the Plugin Directory) is still widely used and still is very slow. Here are some MySQL statements you can use to optimize its performance, as a WordPress optimization tip…

Continue reading

How to clean up Contact Form 7 temporary captcha files on IIS web servers

Contact Form 7 is a WordPress plugin that provides a simple but flexible contact form. On IIS, Contact Form 7 captcha has one HUGE disadvantage: temporary captcha files placed in wp-content/uploads/wpcf7_captcha, are not automatically removed. The files are made read only. Here is how to remove Contact Form 7 temporary captcha files on IIS

Continue reading

Clean-up WordPress spam comments and meta data

How to clean up WordPress spam comments and meta data with phpMyAdmin. A lot of WordPress spam comments and meta data will keep your WordPress database huge, and slows down your site. It’s best to delete spam comments regularly, but if you’re facing hundreds of thousands spam comments, here is how to delete them all in bulk

Continue reading

WordPress plugin “In Over Your Archives” Call-time pass-by-reference fix for PHP 5.4

How to fix PHP Call-time pass-by-reference has been removed in errors. The following PHP fix goes for nearly all PHP Call-time pass-by-reference errors: The WordPress plugin In Over Your Archives is a plugin to display your archive page in a nice way, just like on inoveryourhead.net. The plugin hasn’t been updated in quite some time and breaks with PHP version 5.4:

Continue reading

« Older posts Newer posts »
oIis xqmbZuPhp