Proper RFC 4122 UUIDs as GUIDs in WordPress

UUIDs (Universally Unique IDentifier), also known as GUIDs (Globally Unique IDentifier), is a string that identifies a piece of information in computer systems. WordPress use GUIDs to identify each individual post, but use URLs (kind of) for GUIDs, and thus does not follow the standard definition (RFC 4122) of a UUID (or GUID).

Continue reading “Proper RFC 4122 UUIDs as GUIDs in WordPress”

Block access to PHP files on your WordPress site with Nginx

In your WordPress site, there are directories that include PHP files that visitors should never be able to access directly. They are only there for WordPress to function as an application that runs on your server. But because of WordPress’ directory and file structure, they are kind of accessible to the public. All of them are meant to be part of a larger application – WordPress, that is – and should not cause any harm if called directly – that we know. Some of the files execute some code even when ran standalone. An attacker might know of a clever way to make that code run in an unexpected manner, causing harm. To be on the safe side, we should deny access to all these PHP files from the outside world. Since we block access to them in our Nginx configuration, PHP will still run them as usual and WordPress will work just fine.

Continue reading “Block access to PHP files on your WordPress site with Nginx”

Running HHVM with fallback to PHP-FPM

HHVM can really speed up your PHP-based web site. Most reports are somewhere in the range of 2–4x faster. Unfortunately, HHVM isn’t very stable and will suddenly die, just of the blue, from time to another. Fortunately, if you’re running Nginx it’s really easy to set up PHP-FPM as a fallback.Continue reading “Running HHVM with fallback to PHP-FPM”

«Slap-on» speed optimization of your WordPress site

OK, so you might have been at a WordCamp listening to talks or reading a few blog posts and you get that you should really get your WordPress site speed optimized. Starting all over isn’t either tempting nor something you have the time for. Don’t despair, you’ll get a long way by installing 5 plugins.
Continue reading “«Slap-on» speed optimization of your WordPress site”

Install latest version of Nginx on Ubuntu

NginxI always run the latest LTS version of Ubuntu on all my servers. Unfortunately, the Nginx versions tend to be quite the bit behind the current release. So how do you get an updated, current version of without resorting to having to maintain the packages yourself? Luckily, the Nginx team have their own Ubuntu apt repository so it’s easy to keep current with the latest version of Nginx.Continue reading “Install latest version of Nginx on Ubuntu”

Install latest version of PHP on Ubuntu

PHPI always run the latest LTS version of Ubuntu on all my servers. Currently the latest LTS is 14.04 which comes with PHP version 5.5, but as of November 2014, the latest stable version is 5.6. So how do you get an updated, current version of PHP without resorting to having to maintain the packages yourself? The answer is in PPA.Continue reading “Install latest version of PHP on Ubuntu”

Publishing WordPress site from development to production server – or moving your WordPress installation from one host to another

WordPressYou have finished that WordPress site, and want to deploy it – move it from your test server to the production server where it goes live. But how? WordPress have a famous 5-minute-install, but there is no 5-minute-go-live-script*. I’ll show you how in these 5 easy-to-follow steps.Continue reading “Publishing WordPress site from development to production server – or moving your WordPress installation from one host to another”