Most tutorials for protecting wp-login.php for WordPress block users who are actually trying to make login attempts which makes logical sense. The problem with this method is that these brute force protection methods are still expensive for your web server. When a user tries to log in, PHP processing occurs and MySQL queries are made … Learn more…
WPScan is a WordPress vulnerability scanner written in Ruby. It is sponsored by Sucuri and hosted on github. Using its security vulnerability database for WordPress core, plugins and themes it will provide a report on your site’s known security problems which can be exploited by hackers. If you ever wondered how a hacker knows your … Learn more…
We all know how important it is to keep your WordPress plugins updated to maintain security and avoid being hacked. A WordPress plugin vulnerability database is maintained by WPScan and can be found here. It is a tedious task to update multiple WordPress installations, some tools exist like ManageWP and InfiniteWP to ease the monotony. … Learn more…
WP-CLI is a powerful tool for managing WordPress. I use it to automate backups and migrations for the WordPress sites I manage. This does not work for multisite! I will make a new guide for migrating multisites. How to Migrate WordPress Site to New Server with WP-CLI Note that this tutorial does not walk you … Learn more…
I love caching with Varnish. Its vcl (Varnish Control Language) allows me to be precise about what and how I want to cache specific URLs in WordPress and WooCommerce. One area which can be a pain for performance enthusiasts is showing up-to-date recent posts in a sidebar widget or show off your popular posts in … Learn more…