Wordpress

From Psygen Wiki
Revision as of 18:32, 9 April 2024 by Admin (talk | contribs)
Jump to navigation Jump to search

Default Wordpress .htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress


Deny Access to WP login except for certain IP's

(add to the .htaccess for the site)

<Files "wp-login.php">
# set up rule order
order deny,allow
# default deny
deny from all
# Add IPs for access below:
allow from 10.20.4.0/22
allow from 192.168.5.20
# End of additional IPs
errordocument 401 default
errordocument 403 default
errordocument 404 default
</Files>


Update URLs

The site has changed servers, domain names, or whatever, and Wordpress still has a bunch of stuff that links to the old location, even after you've updated the URL's in the Dashboard. What do?

Install this plugin to update all the URL's:
Velvet Blues Update URL's plugin


Enable error log

1. At the end of wp-config.php, add:

define( 'WP_DEBUG', true ); define( 'WP_DEBUG_LOG', true ); define( 'WP_DEBUG_DISPLAY', false );

2. Logs will be in: ./wp-content/debug.log


Wordpress corn Jobs

Is Wordpress getting a lot of traffic and touching itself inappropriately? Follow the below to turn off Wordpress's built-in "cron" system, and use a real Linux cron job instead.

1. Disable WP Cron

In your wp-config.php file, add the following line:
define('DISABLE_WP_CRON', true);

2. Setup the linux crontab

- su to the site owner
- crontab -e
- Add:
/15 * * * wget -q -O - http://yourdomain.com/wp-cron.php?doing_wp_cron


Disable xmlrpc

Add the following to the Apache pre-virthost include:

# START XML RPC BLOCKING  
<Files xmlrpc.php>
Order Deny,Allow  
Deny from all  
allow from 127.0.0.1
#AUTOMATTIC jetpack etc
allow from 192.0.64.0/18
errordocument 401 default  
errordocument 403 default  
errordocument 404 default  
errordocument 411 default  
</Files>  
# FINISH XML RPC BLOCKING

Throttle Wordpress logins

(On Litespeed servers...)

Add the following to /etc/apache2/conf.d/includes/pre_main_global.conf

   <IfModule Litespeed>
   WordPressProtect throttle, 5
   </IfModule>

References

  1. tommcfarlin - Wordpress cron jobs
  2. https://wordpress.org/download/release-archive
  3. https://docs.litespeedtech.com/lsws/cp/cpanel/wp-protect/