Using WP-CLI to Scan for WordPress Security Vulnerabilities

Previously I have shown how to install WPScan on Ubuntu installation guide (for Ubuntu 16.04) and debian but what if you want to scan locally and not remotely? Especially if a site is protected from WPScan using protection methods  that prevent enumeration or access to files that expose the WordPress theme or plugins you are using. … Learn more…

Favorite rsync Commands for Copying WordPress Sites

Copying, moving, cloning WordPress is easiest and fastest by the command line using SSH – especially for large sites it is the best and often essential! You can use this method on any Linux system which contains rsync like CentOS (cPanel), Plesk, Ubuntu and debian systems on VPS, dedicated servers or even containers like docker … Learn more…

Install and Use WPScan on Ubuntu 18.04

WPScan is a WordPress vulnerability scanner created in the Ruby language. Sucuri sponsors this project and it is hosted open source on github.  WPScan uses Sucuri’s vulnerability database for WordPress core, plugins and themes it creates a report on your site’s known security vulnerabilities which could be exploited by a hacker or script kiddie. Install … Learn more…

Using Free Tideways XHProf + XHGUI PHP 7.x for WordPress Code Profiling

WordPress performance has become incredibly important these days. Google has devoted an engineering team for WordPress performance development! Knowing which code is slowing your site down can help boost visitor retention and improve conversion rates for WooCommerce. XHProf is an amazing tool that can help you identify bottlenecks in your WordPress code. This took me … Learn more…