Wordpress: Difference between revisions
Created page with "== Default Wordpress .htaccess == <pre> # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FI..." |
|||
(9 intermediate revisions by the same user not shown) | |||
Line 15: | Line 15: | ||
== Deny Access to WP login except for certain IP's == | == Deny Access to WP login except for certain IP's == | ||
(add to the .htaccess for the site) | |||
<pre> | <pre> | ||
Line 31: | Line 33: | ||
</Files> | </Files> | ||
</pre> | </pre> | ||
== Update URLs == | |||
The site has changed servers, domain names, or whatever, and Wordpress still has a bunch of stuff that links to the old location, even after you've updated the URL's in the Dashboard. What do? | |||
Install this plugin to update all the URL's:<br /> | |||
[https://wordpress.org/plugins/velvet-blues-update-urls/ Velvet Blues Update URL's plugin] | |||
== Enable error log == | |||
1. At the end of wp-config.php, add:<br /> | |||
<code>define( 'WP_DEBUG', true );<br /> | |||
define( 'WP_DEBUG_LOG', true );<br /> | |||
define( 'WP_DEBUG_DISPLAY', false );</code> | |||
2. Logs will be in: ./wp-content/debug.log | |||
== Wordpress corn Jobs == | |||
Is Wordpress getting a lot of traffic and touching itself inappropriately? Follow the below to turn off Wordpress's built-in "cron" system, and use a real Linux cron job instead. | |||
1. Disable WP Cron | |||
In your wp-config.php file, add the following line:<br /> | |||
<code>define('DISABLE_WP_CRON', true);</code> | |||
2. Setup the linux crontab | |||
- su to the site owner<br /> | |||
- crontab -e<br /> | |||
- Add: <br /> | |||
<code>/15 * * * wget -q -O - http://yourdomain.com/wp-cron.php?doing_wp_cron</code> | |||
== Disable xmlrpc == | |||
Add the following to the Apache pre-virthost include: | |||
<pre> | |||
# START XML RPC BLOCKING | |||
<Files xmlrpc.php> | |||
Order Deny,Allow | |||
Deny from all | |||
allow from 127.0.0.1 | |||
#AUTOMATTIC jetpack etc | |||
allow from 192.0.64.0/18 | |||
errordocument 401 default | |||
errordocument 403 default | |||
errordocument 404 default | |||
errordocument 411 default | |||
</Files> | |||
# FINISH XML RPC BLOCKING | |||
</pre> | |||
== Throttle Wordpress logins == | |||
(On Litespeed servers...) | |||
Add the following to /etc/apache2/conf.d/includes/pre_main_global.conf | |||
<code> | |||
<IfModule Litespeed> | |||
WordPressProtect throttle, 5 | |||
</IfModule> | |||
</code> | |||
== References == | |||
<ol> | |||
<li>[https://tommcfarlin.com/wordpress-cron-jobs/ tommcfarlin - Wordpress cron jobs]</li> | |||
<li>[https://wordpress.org/download/release-archive/ https://wordpress.org/download/release-archive]</li> | |||
<li>[https://docs.litespeedtech.com/lsws/cp/cpanel/wp-protect/ https://docs.litespeedtech.com/lsws/cp/cpanel/wp-protect/]</li> | |||
</ol> |
Latest revision as of 18:33, 9 April 2024
Default Wordpress .htaccess
# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
Deny Access to WP login except for certain IP's
(add to the .htaccess for the site)
<Files "wp-login.php"> # set up rule order order deny,allow # default deny deny from all # Add IPs for access below: allow from 10.20.4.0/22 allow from 192.168.5.20 # End of additional IPs errordocument 401 default errordocument 403 default errordocument 404 default </Files>
Update URLs
The site has changed servers, domain names, or whatever, and Wordpress still has a bunch of stuff that links to the old location, even after you've updated the URL's in the Dashboard. What do?
Install this plugin to update all the URL's:
Velvet Blues Update URL's plugin
Enable error log
1. At the end of wp-config.php, add:
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', false );
2. Logs will be in: ./wp-content/debug.log
Wordpress corn Jobs
Is Wordpress getting a lot of traffic and touching itself inappropriately? Follow the below to turn off Wordpress's built-in "cron" system, and use a real Linux cron job instead.
1. Disable WP Cron
In your wp-config.php file, add the following line:
define('DISABLE_WP_CRON', true);
2. Setup the linux crontab
- su to the site owner
- crontab -e
- Add:
/15 * * * wget -q -O - http://yourdomain.com/wp-cron.php?doing_wp_cron
Disable xmlrpc
Add the following to the Apache pre-virthost include:
# START XML RPC BLOCKING <Files xmlrpc.php> Order Deny,Allow Deny from all allow from 127.0.0.1 #AUTOMATTIC jetpack etc allow from 192.0.64.0/18 errordocument 401 default errordocument 403 default errordocument 404 default errordocument 411 default </Files> # FINISH XML RPC BLOCKING
Throttle Wordpress logins
(On Litespeed servers...)
Add the following to /etc/apache2/conf.d/includes/pre_main_global.conf
<IfModule Litespeed>
WordPressProtect throttle, 5
</IfModule>