Category: WordPress

Apache goodies for WordPress security

The list of things to do to harden a WordPress site with Apache is long, but some things that could be done include:

FileETag None                                                                                                                       
                                                                                                                                    
<Files wp-config.php>                                                                                                               
    Require all denied                                                                                                              
</Files>                                                                                                                            
                                                                                                                                    
<Files xmlrpc.php>                                                                                                                  
    Require all denied                                                                                                              
</Files>                                                                                                                            
                                                                                                                                    
<LocationMatch "/wp-content/uploads/.*(?i)\.php$">                                                                                  
    Require all denied                                                                                                              
</LocationMatch>

PHP is_numeric () fails WordPress version string check

This is, perhaps, obvious to most PHP developers. But it came somewhat as a surprise to me.

Using is_numeric () for validating a WordPress version string, such as ‘4.7’, does not seem to work very well when WordPress introduces minor releases such as ‘4.7.1’.

Since I cannot be bothered to figure out why it behaves in this (erratic, IMHO) way, I have since replaced the call to is_numeric () with a small function using a simple regular expression (regexp):

    function wpVersionStringCheck ($vs)                                                                                                 
    {                                                                                                                                   
        return (preg_match ('/^(\d+\.)+\d+$/', $vs));                                                                                   
    }

I’m sure there is a hole in there somewhere, but on the following strings at least, it gives me the desired result:

1.0 is valid
1.0. is invalid
1.0.1 is valid
1.banana.0 is invalid

Limiting the number of revisions in WordPress

Tired of nine zillion revisions of your posts created on your WordPress site?

Open up wp-config.php with a nice editor like Emacs or Pico/Nano or VI and add:

define('WP_POST_REVISIONS', false );

to disable post revisions completely.

Or, if you just want to limit the number of revisions WordPress keeps:

define('WP_POST_REVISIONS', 3);

 

Of course, this is just a simple Google query away from you:
http://lmgtfy.com/?q=limit+number+of+revisions+in+wordpress

Or, as it happens:
http://bit.ly/Hi9T1Y

So long Serendipity (S9Y), JoHo is converting to WordPress

Well, I guess it had to happen at some point. I’ve been running Serendipity (S9Y) for as long as I can remember “blogging”. At one point I was coding something that looked a lot like some early version of WordPress and S9Y, but I gave up on it. Since there are so many talented developers out there, I didn’t have to wait long for some nice alternatives to show up.

When WordPress 3 arrived, I decided it was time to move away from S9Y. I do a lot of WordPress-related stuff at work, and the time when I thought tinkering with “odd” bits and pieces just because I had nothing better to do has long since passed. These days I do it because I have something better to do but can’t keep my hands away 🙂

During the next few weeks, I’ll get a lot of stuff back here again, but I’d like to extend a big “THANK YOU” to this post:

Serendipity to WordPress – Post import

WordPress-mall: Retro

retro-adBland alla de mallar som finns för WordPress hittar man ibland en del udda saker. Retro-mallen från Kerry Webster är en sådan udda sak. Det låter som en jättekul idé, och känns initialt lite roligt. Men handen på hjärtat, hade det inte varit bättre om man inte behövt stirra på en fosfor-grön sida.

För de som inte var med, eller kommer ihåg, så såg skärmarna ut så här för 20+ år sedan. Väldigt retro är det i alla fall.