It’s scary to see a WordPress site being probed for vulnerabilities Dashboard > Wordfence > Tools > Live Traffic Most are for invalid users blog and admin. As part of tuning Wordfence, block these immediately Dashboard > Wordfence > All Options > Brute Force Protection Activity detail reflects the change:
Category:WordPress
WordPress Plugin: A Marriage made in Heaven for UpdraftPlus and FreeNAS
The goal here is to use FreeNAS storage to store UpdraftPlus backups of WordPress sites. Local user authentication is assumed for FreeNAS. Outline of the basic steps: A. Set up the UpdraftPlus storage root. Set aside storage space on FreeNAS for UpdraftPlus. Create the UpdraftPlus user and group on FreeNAS. Configure and start the FTP …
Continue reading WordPress Plugin: A Marriage made in Heaven for UpdraftPlus and FreeNAS
Scripted WordPress Installation
If the statistics are to be believed, in 2020: WordPress powers 35% of the internet. Around 60% of CMS sites are WordPress. Around 28% of WordPress sites run e-commerce. Around 75% of hacked CMS sites were built on WordPress 😢 There are few current guides in the iXsystems Community Forum for setting up WordPress and none …
Continue reading Scripted WordPress Installation
WordPress Plugin: WP Super Cache
When installing and activating, you will see the following errors: Assuming your jail name is wordpress, enter the jail from a terminal iocage console wordpress. To resolve the first issue, enter the following commands in the terminal: cd /usr/local/www/wordpress/wp-content cp plugins/wp-super-cache/wp-cache-config-sample.php wp-cache-config.php chown www:www wp-cache-config.php Refreshing WP Super Cache on the dashboard: Edit wp-config.php ee …
Continue reading WordPress Plugin: WP Super Cache
WordPress: PHP Dependencies
Tabled below is a list of PHP dependencies for WordPress and some of its more popular plugins. Interestingly, the plugin PHP dependencies are not well documented anywhere. WordPress & Plugins PHP Dependencies References WordPress 5.5.1 and higher php, curl, dom, exif, fileinfo, json, mbstring, mysqli, pecl-libsodium, openssl, pecl-imagick, xml, zip, filter, gd, iconv, pecl-mcrypt, simplexml, …
Continue reading WordPress: PHP Dependencies
WordPress Script: Opportunities for Improvement
There are a number of opportunities to continue to improve the script. Much of is outside my current sphere of knowledge. These are listed below. If you’re able to assist with any of this, or can help refine the script in other ways, please consider submitting a pull request at https://github.com/basilhendroff/freenas-iocage-wordpress. 1. Reduce the number of …
Continue reading WordPress Script: Opportunities for Improvement
WordPress: To Multisite or not?
This image is from the WordPress article Installing Multiple WordPress Instances: I started with a Multisite configuration, but after a couple of days had increasing doubts about using it. I have since moved to Multiple Databases. Scripting the installation of WordPress in a FreeNAS jail made it easy to work with this configuration, but first, …
Continue reading WordPress: To Multisite or not?
WordPress Script: Post-Installation Tasks
Manual Post-Installation Tasks The following tasks are done within the WordPress jail: Securing MariaDB Authentication Unique Keys and Salts Configure WordPress for Reverse Proxy Setup the WordPress Filesystem Configure Redis Configure sSMTP Test sSMTP Configure phpMyAdmin There is the opportunity to incorporate some of the above within the WordPress script. For more information, refer to …
Continue reading WordPress Script: Post-Installation Tasks
WordPress Plugin: File Manager – Vulnerability
September 2020 was a bad month for WordPress websites running File Manager. You can read all about it in the article Hackers are exploiting a critical flaw affecting >350,000 WordPress sites. So, a couple of nights ago I was posting in the support forum for the WordPress Plugin: Wordfence Security – Firewall & Malware Scan …
Continue reading WordPress Plugin: File Manager – Vulnerability