The document provides tips and best practices for securing and optimizing a WordPress site beyond the basic installation. It discusses .htaccess configuration for redirects, file protection, and permalinks. It also covers hardening wp-config.php by changing passwords and salts, prefixing tables, and configuring database settings for different environments. Additional topics include plugins, revisions, debugging, and discussion settings. The presentation aims to advise beginners and developers on security, performance, and maintenance of WordPress sites.
Slide links:
- https://lumberjack.rareloop.com
- https://docs.lumberjack.rareloop.com
- https://github.com/Rareloop/lumberjack-bedrock-installer
- https://github.com/Rareloop/lumberjack
- https://github.com/Rareloop/lumberjack-validation
- https://github.com/Rareloop/hatchet
- https://lizkeogh.com/2017/08/31/reflecting-reality/amp
- https://www.upstatement.com/timber
- https://roots.io/bedrock
- https://scotch.io/bar-talk/s-o-l-i-d-the-first-five-principles-of-object-oriented-design
- https://github.com/zendframework/zend-diactoros
- https://www.php-fig.org
- http://php-di.org
---
Often WordPress themes are not easy to change, maintain or fun to work on. This can rule WordPress out as a viable option for bespoke, non-trivial websites.
In this talk we’ll dive into how this happens & look at how we can benefit from software engineering techniques to help make your code easier to change. I’ll also show how using Lumberjack, a powerful MVC framework built on Timber, can be used to power-up your themes.
Jenkins User Conference 2012
Only by the third plugin do you get the hang of writing a plugin. I thought as a developer coming to the build side of things it'd be easy to jump in and write some plugins. I was wrong. Don't be fooled by the extremely friendly Jenkins community, writing a plugin from scratch is harder than they let on. This talk will explain the hurdles that I had to cross to make writing plugins easy.
Optimising Your Front End Workflow With Symfony, Twig, Bower and GulpMatthew Davis
We take great care in our back end coding workflow, optimising, automating and abstracting as much as is possible. So why don't we do that with our front end code?
We'll take a look at some tools to help us take our front end workflow to the next level, and hopefully optimise our load times in the process!
We'll be looking at using Twig templates and optimising them for the different areas of your application, integrating Bower and Gulp for managing assets and processing our front-end code to avoid repetitive tasks - looking at how that impacts the typical Symfony workflow.
Slide links:
- https://lumberjack.rareloop.com
- https://docs.lumberjack.rareloop.com
- https://github.com/Rareloop/lumberjack-bedrock-installer
- https://github.com/Rareloop/lumberjack
- https://github.com/Rareloop/lumberjack-validation
- https://github.com/Rareloop/hatchet
- https://lizkeogh.com/2017/08/31/reflecting-reality/amp
- https://www.upstatement.com/timber
- https://roots.io/bedrock
- https://scotch.io/bar-talk/s-o-l-i-d-the-first-five-principles-of-object-oriented-design
- https://github.com/zendframework/zend-diactoros
- https://www.php-fig.org
- http://php-di.org
---
Often WordPress themes are not easy to change, maintain or fun to work on. This can rule WordPress out as a viable option for bespoke, non-trivial websites.
In this talk we’ll dive into how this happens & look at how we can benefit from software engineering techniques to help make your code easier to change. I’ll also show how using Lumberjack, a powerful MVC framework built on Timber, can be used to power-up your themes.
Jenkins User Conference 2012
Only by the third plugin do you get the hang of writing a plugin. I thought as a developer coming to the build side of things it'd be easy to jump in and write some plugins. I was wrong. Don't be fooled by the extremely friendly Jenkins community, writing a plugin from scratch is harder than they let on. This talk will explain the hurdles that I had to cross to make writing plugins easy.
Optimising Your Front End Workflow With Symfony, Twig, Bower and GulpMatthew Davis
We take great care in our back end coding workflow, optimising, automating and abstracting as much as is possible. So why don't we do that with our front end code?
We'll take a look at some tools to help us take our front end workflow to the next level, and hopefully optimise our load times in the process!
We'll be looking at using Twig templates and optimising them for the different areas of your application, integrating Bower and Gulp for managing assets and processing our front-end code to avoid repetitive tasks - looking at how that impacts the typical Symfony workflow.
Best Practices in Plugin Development (WordCamp Seattle)andrewnacin
My talk -- officially named "Y U NO CODE WELL" -- at WordCamp Seattle 2011 on best practices during plugin development. Find the video, as it provides some good context and conversation.
Cool like a Frontend Developer: Grunt, RequireJS, Bower and other ToolsRyan Weaver
Bower, Grunt, and RequireJS are just a few tools that have been re-shaping the frontend development world, replacing cluttered script tags and server-side build solutions with a sophisticated, but sometimes complex approach to dependency management and module loading. In this talk, we'll put on our trendy frontend developer hat and find out how these tools work and how they differ from what we might be used to. Most important, we'll see how using tools like this might look in Symfony2 and how our application can be a friendly place for a frontend guy/gal.
80% of the time it takes for a web page to load is on the client side.
Using all the tips in this presentation should cut 25% to 50% off the load time of optimized page requests.
Drupal (6 or 7) can be used to, fairly easily, implement a whole bunch of these “front-end performance” upgrades, and knock a ton of errors off of the Yahoo! and Google speed-checker tools validation checklists.Get firebug first.
Extending the WordPress REST API - Josh PollockCaldera Labs
Presentation on extending the WordPress REST API -- modifying default responses and creating custom endpoints
http://joshpress.net/extending-rest-api-talk
Alfresco’s highly customizable repository can often seem overwhelming. Learn approaches for adding common customizations requests (Extending Javascript API, Content Modeling, Permission Modeling, packaging, etc.) from current and former Alfresco consulting staff. Learn where we often see the most common errors and participate in open Q&A.
En esta sesión Jorge Díaz (MVP) y Gonzalo Balladares (MVP) te mostrarán cómo puedes automatizar tareas rutinarias de mantenimiento y administración de tus sistemas utilizando Powershell con ejemplos prácticos de Administración de Servicios Windows, Active Directory, Exchange Server, Lync Server, Hyper-V y más
The objective of this workshop was to discuss the key features of WordPress. The key feature includes themes, plugins, hooks, shortcodes, cache, translations, wp-configs, wpdb, template hierarchy, wp rest API. WordPress has it's own standards in many cases. It is always good to practice those standards to get the provided benefits.
Site:
https://upokary.com/
How to improve your workflows via SSH gateway. Experts at WP Engine help you learn about how WordPress developers can make their work more efficient using WP-CLI via SSH gateway to improve workflows.
On-demand webinar: https://hs.wpengine.com/webinar-improve-workflows-SSH-gateway
Best Practices in Plugin Development (WordCamp Seattle)andrewnacin
My talk -- officially named "Y U NO CODE WELL" -- at WordCamp Seattle 2011 on best practices during plugin development. Find the video, as it provides some good context and conversation.
Cool like a Frontend Developer: Grunt, RequireJS, Bower and other ToolsRyan Weaver
Bower, Grunt, and RequireJS are just a few tools that have been re-shaping the frontend development world, replacing cluttered script tags and server-side build solutions with a sophisticated, but sometimes complex approach to dependency management and module loading. In this talk, we'll put on our trendy frontend developer hat and find out how these tools work and how they differ from what we might be used to. Most important, we'll see how using tools like this might look in Symfony2 and how our application can be a friendly place for a frontend guy/gal.
80% of the time it takes for a web page to load is on the client side.
Using all the tips in this presentation should cut 25% to 50% off the load time of optimized page requests.
Drupal (6 or 7) can be used to, fairly easily, implement a whole bunch of these “front-end performance” upgrades, and knock a ton of errors off of the Yahoo! and Google speed-checker tools validation checklists.Get firebug first.
Extending the WordPress REST API - Josh PollockCaldera Labs
Presentation on extending the WordPress REST API -- modifying default responses and creating custom endpoints
http://joshpress.net/extending-rest-api-talk
Alfresco’s highly customizable repository can often seem overwhelming. Learn approaches for adding common customizations requests (Extending Javascript API, Content Modeling, Permission Modeling, packaging, etc.) from current and former Alfresco consulting staff. Learn where we often see the most common errors and participate in open Q&A.
En esta sesión Jorge Díaz (MVP) y Gonzalo Balladares (MVP) te mostrarán cómo puedes automatizar tareas rutinarias de mantenimiento y administración de tus sistemas utilizando Powershell con ejemplos prácticos de Administración de Servicios Windows, Active Directory, Exchange Server, Lync Server, Hyper-V y más
The objective of this workshop was to discuss the key features of WordPress. The key feature includes themes, plugins, hooks, shortcodes, cache, translations, wp-configs, wpdb, template hierarchy, wp rest API. WordPress has it's own standards in many cases. It is always good to practice those standards to get the provided benefits.
Site:
https://upokary.com/
How to improve your workflows via SSH gateway. Experts at WP Engine help you learn about how WordPress developers can make their work more efficient using WP-CLI via SSH gateway to improve workflows.
On-demand webinar: https://hs.wpengine.com/webinar-improve-workflows-SSH-gateway
Making WordPress Your CMS and Automatically Updating a Self Hosted WordPress ...cehwitham
A presentation to the South Yorkshire WordPress group in October 2011. Chris Witham shares his experience of making the WordPress dashboard more client friendly through a single bespoke plugin. The talk finishes with a look at how to Automatically Update a WordPress plugin if you don't want to host it in the WordPress.org repository.
Manage WordPress with Awesome using wp cliGetSource
Manage WordPress with Awesome using wp-cli talk from WordCamp Vegas 2012.
Does updating all your plugins by running `wp plugin update –all` sound too good to be true? Enter wp-cli, an open source WordPress management tool. Learn how to install it locally or globally on your host, perform common WordPress administration tasks, and expand its functionality with plugins of your own.
Presented by Mike Schroder (@GetSource/DH-Shredder)
WordCamp Vancouver 2012 - Manage WordPress with Awesome using wp-cliGetSource
Manage WordPress with Awesome using wp-cli talk from WordCamp Vancouver 2012.
Does updating all your plugins by running `wp plugin update –all` sound too good to be true? Enter wp-cli, an open source WordPress management tool. Learn how to install it locally or globally on your host, perform common WordPress administration tasks, and expand its functionality with plugins of your own.
Presented by Mike Schroder (@GetSource/DH-Shredder)
Brad Williams, the co-author of Professional WordPress Plugin Development, gives his presentation on Intro to WordPress Plugin Development to the NYC WordPress Meetup group in March 2011.
Apache and PHP: Why httpd.conf is your new BFF!Jeff Jones
Apache's configuration files can be used to configure how Apache operates, but they can also be used to configure PHP and how Apache httpd interacts with PHP. In this talk, Jeff explains the different ways Apache can be configured, explains many of the useful config options available for Apache modules, including our own mod_php, and showcases example of how they can be used with, and instead of, your PHP code.
WordPress Security Updated - NYC Meetup 2009Brad Williams
My updated WordPress Security presentation. Updated with more tips and information! This is a must read to keep your WordPress website safe!
Presented at the NYC WordPress Meetup on September 15, 2009
Using Geeklog as a Web Application FrameworkDirk Haun
Slides for the workshop "Using Geeklog as a Web Application Framework", as held at
- LinuxTag 2006, Wiesbaden, Germany, 2006-05-06
- PHP user group meeting, Stuttgart, Germany, 2006-05-10
- FrOSCon, Bonn, Germany, 2006-06-24
Getting to The Loop - London Wordpress Meetup July 28thChris Adams
This is a slightly modified version of the talk I gave at the London Wordpress meetup.
I'm putting it up here a) for people who were taking notes last night and b) to shame me into putting a polished version up here for people who couldn't make it.
thanks for @folletto for providing the graphics that split up the endless code snippets.
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Bastian Grimm
My talk at #SAScon Manchester 2013 about WordPress security and how to make your WordPress (a bit) safer. Including two factor authentification, a lot of security specific settings and much more :)
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
3. A bit about me
● Custom theme developer
● No themes released
● A few plugins
This talk
● Advice for beginners
● Tips for developers
4. .htaccess
● “hypertext access”
●Controls requests to server before any PHP /
WordPress processing
● Apache only (IIS?)
● Root of website (sub-directories?)
● Sometimes simple, sometimes complex!
http://httpd.apache.org/docs/
http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/
5. www or not www?
● Personal choice / aesthetics
●Both should be accessible; one should redirect (301)
to the other
● Tell Google Webmaster Tools!
6. www or not www?
● Personal choice / aesthetics
●Both should be accessible; one should redirect (301)
to the other
● Tell Google Webmaster Tools!
# Force no “www”
RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]
7. www or not www?
● Personal choice / aesthetics
●Both should be accessible; one should redirect (301)
to the other
● Tell Google Webmaster Tools!
# Force no “www”
RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]
# Force “www”
RewriteCond %{HTTP_HOST} ^example.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
8. Protect important files
●# Protect .htaccess files
<Files .htaccess>
order allow,deny
deny from all
</Files>
●# Protect wp-config.php
<Files wp-config.php>
order allow,deny
deny from all
</FilesMatch>
10. WordPress pretty permalinks
Include at end of .htaccess:
●# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
12. WordPress pretty permalinks
Really bad idea for big sites:
Better:
http://ottopress.com/2010/category-in-permalinks-considered-harmful/
http://codex.wordpress.org/Using_Permalinks
13. wp-config.php
● Create your own wp-config-sample.php
●Check the file for new stuff in new versions of
WordPress
● Edit and initialize BEFORE installing WordPress!
http://codex.wordpress.org/Editing_wp-config.php
http://digwp.com/2010/08/pimp-your-wp-config-php/
14. Server-dependent settings
●// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');
●/** MySQL database username */
define('DB_USER', 'username_here');
●/** MySQL database password */
define('DB_PASSWORD', 'password_here');
●/** MySQL hostname */
define('DB_HOST', 'localhost');
16. Authentication Keys and Salts
Change them for every installation!
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
https://api.wordpress.org/secret-key/1.1/salt/
20. Database table prefix
When coding database queries, don’t use hard-coded
table names!
A standard WP table:
global $wpdb;
$custom_query = $wpdb->get_results( “SELECT ID, post_title FROM
$wpdb->posts” );
21. Database table prefix
When coding database queries, don’t use hard-coded
table names!
A standard WP table:
global $wpdb;
$custom_query = $wpdb->get_results( “SELECT ID, post_title FROM
$wpdb->posts” );
A custom table:
global $wpdb;
$custom_query = $wpdb->get_results( “SELECT field FROM ” .
$wpdb->prefix . “table” );
http://codex.wordpress.org/Class_Reference/wpdb
22. Server needs FTP for upgrades?
define( "FTP_HOST", "ftp.example.com" );
define( "FTP_USER", "myftpuser" );
define( "FTP_PASS", "hQfsSITtKteo1Ln2FEhHlPkXZ" );
24. Debugging
define( 'WP_DEBUG', true );
http://dev.example.com/?debug=1
●switch ( $_SERVER['HTTP_HOST'] ) {
case 'dev.example.com': {
// Dev server
define( 'WP_DEBUG', isset( $_GET['debug'] ) );
break;
}
default: {
// Live server
define( 'WP_DEBUG', false );
break;
}
}
25. Control revisions and autosave
// Only keep 3 revisions of each post
define( 'WP_POST_REVISIONS', 3 );
26. Control revisions and autosave
// Only keep 3 revisions of each post
define( 'WP_POST_REVISIONS', 3 );
// Don’t keep revisions of posts
define( 'WP_POST_REVISIONS', false );
27. Control revisions and autosave
// Only keep 3 revisions of each post
define( 'WP_POST_REVISIONS', 3 );
// Don’t keep revisions of posts
define( 'WP_POST_REVISIONS', false );
// Autosave posts interval in seconds
define( 'AUTOSAVE_INTERVAL', 60 );
30. Custom theme functions.php /
“functionality” plugin
● Snippets not worth making into a plugin
● Plugin is more portable
● Check out /mu-plugins/
http://justintadlock.com/archives/2011/02/02/creating-a-custom-functions-plugin-for-end-users
http://wpcandy.com/teaches/how-to-create-a-functionality-plugin
http://codex.wordpress.org/Must_Use_Plugins
31. Disable upgrade notifications for
people who can't do upgrades
if ( ! current_user_can( 'update_core' ) ) {
add_action( 'init', create_function( '$a', "remove_action( 'init',
'wp_version_check' );" ), 2 );
add_filter( 'pre_option_update_core', create_function( '$a', "return
null;" ) );
}
34. Plugins
Force Strong Passwords. Copies WordPress's JavaScript
password strength meter into PHP and forces “executive” users
to have a strong password when updating their profile.
http://wordpress.org/extend/plugins/force-strong-passwords/
Google XML Sitemaps (or equivalent).
http://wordpress.org/extend/plugins/google-sitemap-generator/
Use Google Libraries.
http://wordpress.org/extend/plugins/use-google-libraries/
WordPress Database Backup.
http://wordpress.org/extend/plugins/wp-db-backup/
35. Other issues
● File permissions
http://codex.wordpress.org/Hardening_WordPress#File_permissions
● .htpasswd for /wp-admin/
● Settings > Discussion