I had a client with 3 WordPress sites hacked, having injected a dirty ad redirect in every possible javascript file of these sites. Around 1500 files were infected with one and the same script, so the best solution for curing them would be to remove that specific line that was causing all the trouble. Following set of […]
Author Archives: Vladimir Vassilev
Scanning and cleaning a Linux machine (server or desktop) with ClamAV antivirus
A client of mine got some infected emails in their mail server, leading to infected Thunderbird on Windows, crashing the whole operating system. In order to clean up the mess, I had to scan the mail server and remove the emails that were spreading the virus. ClamAV turns out to be a pretty good option for […]
UpiCRM – Leads are everything!
About Leads Everything revolves around leads. Which is not necessarily a bad thing. As WordPress developers, though, we avoid this one, as it doesn’t use custom post types but rather defines its own tables and has an interface for additional fields within it’s settings. Again, none of these are bad things, but we want to […]
Zero BS CRM or how to go fishing for customers
Nah, this CRM doesn’t help much with fishing for customers – it’s way too simple. Actually, most of the features are easily achievable with any custom fields & custom post types plugin out there. Toolset Types could do the trick. Don’t get me wrong – this one doesn’t do anything bad, and it has some […]
Redirecting all pages from the old domain to the new one
When you switch domains for a WordPress installation, you should think of not only the how to move the site, but how to keep your content reachable by search engine hits or referrals. 301 Redirect is what is expected of you, and the easy way to do it, even if both domains are still hitting […]
jCatalog plugin review
I don’t usually do this kind of reviews, but this one deserves it. Here we go: Upon download, you are getting 30 Megabytes (!!!) of 6323 (!!!) files just in the plugins/jcatalog folder. WordPress alone is 18.3 Megabytes and 1216 files. The plugin checks if you are using WordPress or Joomla. So it could work […]
How to replace your WordPress site with your newly developed one using Duplicator plugin
Staging site is the one that you’ve been developing as a redesign of the live site, that has been active till now. Install Duplicator plugin on your staging site and run a full backup generation with it. Ignore warnings on the scan step, in most cases they are related to big files, big overall size of the […]
Bad session handling can lead to performance issues
The reason is shortly explained in the PHP documentation for session_start() function here: http://php.net/manual/en/function.session-start.php#110649 Furthermore, you can read about it in the session_write_close() function reference page. How we found this? We had slow loading of some admin pages (Plugins, All Pages) in WordPress and every time P3 Profiler was pointing to a different plugin, but […]
Limiting access to (some) files in uploads dir
All you need to do is add a .htaccess file with the following content in your uploads dir:
|
1 2 3 4 |
<FilesMatch ".(xlsx|xls|docx|doc|rtf|odf|pdf)$"> Order Allow,Deny Deny from All </FilesMatch> |
If you want to limit just any file from being accessed from anyone, just use “./*” instead of the regular expression.
Monitoring slow queries in MySQL
If you are in doubt that some really slow queries are taking place on your server and they put you on too much load, then use this change in the configuration file to enable logging of slow queries: The config files usually is /etc/mysql/my.cnf. Uncomment these: slow-query-log = 1 slow-query-log-file = /var/log/mysql/mysql-slow.log long_query_time = 1 […]