Tiny WordPress Insights https://www.tinywp.in On WordPress core, plugins, themes, etc. Fri, 11 Aug 2023 12:31:17 +0000 en-US hourly 1 https://wordpress.org/?v=6.2.2 ssh-import-id-gh – Import your public SSH key from GitHub https://www.tinywp.in/ssh-import-id-gh/ https://www.tinywp.in/ssh-import-id-gh/#respond Fri, 11 Aug 2023 12:29:21 +0000 https://www.tinywp.in/?p=2682 Continue reading "ssh-import-id-gh – Import your public SSH key from GitHub"]]> The (WordPress) developers often use to troubleshoot sites hosted in remote servers. While I don’t recommend working with a production site directly, these days most hosted WP companies offer staging sites with SSH access, with wp-cli pre-installed. In order to log into those, most of us use password authentication that can lead to a number of security issues. For example...

Source

]]>
https://www.tinywp.in/ssh-import-id-gh/feed/ 0
Bootstrapping DigitalOcean Servers https://www.tinywp.in/digitalocean-bootstrap/ https://www.tinywp.in/digitalocean-bootstrap/#respond Thu, 26 Jan 2023 15:23:05 +0000 https://www.tinywp.in/?p=2675 Continue reading "Bootstrapping DigitalOcean Servers"]]> I manage multiple DigitalOcean servers. There are a number of configurations to be done in order to bring a secure DO droplet. For example, firewall, alerts, etc. I missed a step years ago that caused a low priority security alert lately. So, I automated most of the steps while configuring any DigitalOcean server (new or old). Like most other things, I open-sourced the project in Github.

Source

]]>
https://www.tinywp.in/digitalocean-bootstrap/feed/ 0
What did I do in 2022 and my WishList for 2023 https://www.tinywp.in/2022-review/ https://www.tinywp.in/2022-review/#respond Fri, 16 Dec 2022 03:28:10 +0000 https://www.tinywp.in/?p=2660 Continue reading "What did I do in 2022 and my WishList for 2023"]]> It’s the year of MikroTik and network engineering. So, there is hardly any WordPress stuff in this post. I bought MikroTik hAP AX2 this year, just after its launch. I’d been waiting for it for years. This is my fourth MikroTik product for my R&D. Earlier, I owned two numbers of hAP ac2 and SXT LTE Kit. One hAP AC2 runs on Router OS v6. The other one is on the latest version. Using them to test...

Source

]]>
https://www.tinywp.in/2022-review/feed/ 0
TinyWP.in Infrastructure https://www.tinywp.in/infrastructure/ https://www.tinywp.in/infrastructure/#respond Thu, 10 Nov 2022 15:02:22 +0000 https://www.tinywp.in/?p=2630 Back in 2011, I already wrote a colophon post. Nothing much changed in it in terms of underlying technologies used such as Nginx web server. However, a few things aren’t mentioned in it, but will have a mention here. Basically, I am running most of the services using Google services for this domain (tinywp.in). Even though, I’ve been trying to de-google myself for years, I still use Google...

Source

]]>
https://www.tinywp.in/infrastructure/feed/ 0
Rate limiting xmlrpc requests on WordPress using Nginx https://www.tinywp.in/xmlrpc-rate-limit-nginx/ https://www.tinywp.in/xmlrpc-rate-limit-nginx/#respond Thu, 02 Dec 2021 02:02:30 +0000 https://www.tinywp.in/?p=2609 WordPress based sites are target for most automated bots. Those bots look for various vulnerability in WordPress core, the themes, and the plugins. Then, there are some kids (and their kid bots) that target specific resources in a WP site. “xmlrpc.php” is one such resource. It uses XML-RPC protocol that does many things in WordPress. For example, it helps with remote sites to notify their mentions...

Source

]]>
https://www.tinywp.in/xmlrpc-rate-limit-nginx/feed/ 0
Disable PHP warnings when running wp-cli https://www.tinywp.in/disable-php-warnings-on-wp-cli/ https://www.tinywp.in/disable-php-warnings-on-wp-cli/#comments Tue, 18 May 2021 14:46:00 +0000 https://www.tinywp.in/?p=2577 Continue reading "Disable PHP warnings when running wp-cli"]]> It is not uncommon to test sites on a development environment (locally or in a staging environment where others can see the work-in-progress). On a development environment, usually we have configured to be . Here’s the sample of file in a development / test / staging environment… While the above code is perfectly okay, if the site creates PHP warnings, it is a nuisance to see them repeatedly when...

Source

]]>
https://www.tinywp.in/disable-php-warnings-on-wp-cli/feed/ 1
Nginx compatibility for “Cookies for Comments” plugin https://www.tinywp.in/nginx-config-cookies-for-comments/ https://www.tinywp.in/nginx-config-cookies-for-comments/#respond Thu, 29 Apr 2021 06:07:57 +0000 https://www.tinywp.in/?p=1438 Continue reading "Nginx compatibility for “Cookies for Comments” plugin"]]> Whether you are aware or not, spammers are more interested in your site than anyone else. You’ll understand this more vividly, when your blog starts to become famous and brings more and more visitors week after week, month after month, year after year. The most annoying thing about spam comments is the amount of time that you need to waste in dealing with it. There are some bright minds in...

Source

]]>
https://www.tinywp.in/nginx-config-cookies-for-comments/feed/ 0
Buypass CA – SSL with 180 Days Validity https://www.tinywp.in/buypass-ssl-certificate/ https://www.tinywp.in/buypass-ssl-certificate/#comments Tue, 21 Apr 2020 14:45:00 +0000 https://www.tinywp.in/?p=2494 Continue reading "Buypass CA – SSL with 180 Days Validity"]]> Buypass is a Certificate Authority (CA) based on Europe. It offers free SSL certificates with a validity of 180 days. Unlike LetsEncrypt, Buypass CA also offers paid SSL too. So, it is neither a competitor to LetsEncrypt, nor it is a nonprofit. It is a for-profit company that also offers free SSL certificates. There are other CAs that offer free SSL certificates too. However...

Source

]]>
https://www.tinywp.in/buypass-ssl-certificate/feed/ 3
Version Control https://www.tinywp.in/version-control/ https://www.tinywp.in/version-control/#respond Wed, 10 Jul 2019 12:31:37 +0000 https://www.tinywp.in/?p=2439 Continue reading "Version Control"]]> WordPress uses SVN internally such as for plugins repository. So, a plugin author must use SVN tools to upload a plugin and update the existing plugin/s in wp.org plugins repository. If you are new to SVN, WordPress docs team has a nice guide to get started with SVN and plugins repository. The best practices section is a gem. It is possible to update WP core using SVN. However...

Source

]]>
https://www.tinywp.in/version-control/feed/ 0
Handling WordPress Cron failures using wp-cli https://www.tinywp.in/fixing-wp-cron-failures-with-wp-cli/ https://www.tinywp.in/fixing-wp-cron-failures-with-wp-cli/#respond Tue, 18 Jun 2019 04:34:51 +0000 https://www.tinywp.in/?p=2425 Continue reading "Handling WordPress Cron failures using wp-cli"]]> To understand WP cron, let me quote the following text from Cavalcade documentation… As you can see, even if a site has moderate traffic, if the site uses aggressive caching techniques, it is possible for real traffic to never hit PHP or WordPress to process a request. When wp-cron fails, a number of things can fail… a scheduled may not get published on time, a newsletter may not be sent as...

Source

]]>
https://www.tinywp.in/fixing-wp-cron-failures-with-wp-cli/feed/ 0