WordPress website was broken and inside the error_log file the following error was repeatedly printed: Fatal error: Uncaught Error: Call to undefined function wp_check_php_mysql_versions() This fatal error indicates that WordPress was unable to check server configuration: PHP and MySQL versions. In 99% of the time, the error is caused by missing or modified WP core … Read full article →
File inclusion vulnerabilities allow an attacker to read (and sometimes execute) files on the WordPress website, gain unauthorized access to sensitive information and inject malicious files through the “include” functionality. This can be very dangerous because if the webserver is misconfigured the attacker may gain access to sensitive user information and even execute arbitrary commands. There … Read full article →
To enable HSTS Preload on a WordPress website (https://hstspreload.org/?domain=wpxss.com) you need to add the following code snippet in the .htaccess file: If you have access to the server settings *(You are using a VPS or DEDICATED server) then you can enable it server-wide for all domains by adding the snippet to the /etc/apache2/conf.d/includes/pre_main_global.conf file TIP: … Read full article →
WordPress is an awesome content management system. You can install it in one click, you can find professional-looking themes for as little as a few dollars, and you can use a wide range of plugins for added functions and features. Nonetheless, WordPress websites can become sluggish sometimes, chasing impatient visitors away. This article is going … Read full article →
Here is a handy snippet that displays a random post, so each time a user refreshes the page a different post will appear. The snippet should be saved as a PHP template for pages and a page has to use it. Step 1. Create a new file random.php inside your active theme folder and put … Read full article →
The most regularly seen attack type is script injection (XSS attack), rogue scripts are injected into the webpage for malicious purposes. This includes redirects to third-party websites, collecting user data, downloading malware to visitors, etc. WordPress has a bunch of useful developer functions that are used to sanitize data (Validating Sanitizing and Escaping User Data) … Read full article →
By default .css and .js files used in WordPress themes and plugins will add a version number using ?ver= To disable this add the following inside your theme functions.php file or as a new plugin:
Add the following to your theme functions.php file: Source: WordPress搜索功能结果只有一个时直接跳转到结果文章页面
This small script uses a for loop to delete one post ID at a time, it will go through the database and list all media files uploaded in the provided data range that are not used inside posts. Change the date range according to your needs.
WordPress uses transients to temporarily store data for its plugins and themes. By managing transients you can optimize your website for speed and make sure your website is always functioning properly. Here are a few methods how to safely delete expired WordPress transients: Delete Expired WordPress Transients using WPCLI To delete only expired transients use: … Read full article →