Wordpress: Difference between revisions

Default Wordpress .htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Deny Access to WP login except for certain IP's

(add to the .htaccess for the site)

<Files "wp-login.php">
# set up rule order
order deny,allow
# default deny
deny from all
# Add IPs for access below:
allow from 10.20.4.0/22
allow from 192.168.5.20
# End of additional IPs
errordocument 401 default
errordocument 403 default
errordocument 404 default
</Files>

Update URLs

The site has changed servers, domain names, or whatever, and Wordpress still has a bunch of stuff that links to the old location, even after you've updated the URL's in the Dashboard. What do?

Install this plugin to update all the URL's:
Velvet Blues Update URL's plugin

Wordpress corn Jobs

Is Wordpress getting a lot of traffic and touching itself inappropriately? Follow the below to turn off Wordpress's built-in "cron" system, and use a real Linux cron job instead.

1. Disable WP Cron

In your wp-config.php file, add the following line:
define('DISABLE_WP_CRON', true);

2. Setup the linux crontab

- su to the site owner
- crontab -e
- Add:
/15 * * * wget -q -O - http://yourdomain.com/wp-cron.php?doing_wp_cron

Disable xmlrpc

Add the following to the Apache pre-virthost include:

# START XML RPC BLOCKING  
<Files xmlrpc.php>
Order Deny,Allow  
Deny from all  
allow from 127.0.0.1
#AUTOMATTIC jetpack etc
allow from 192.0.64.0/18
errordocument 401 default  
errordocument 403 default  
errordocument 404 default  
errordocument 411 default  
</Files>  
# FINISH XML RPC BLOCKING

References

1. tommcfarlin - Wordpress cron jobs
2. https://wordpress.org/download/release-archive