Archive

Articles taggués ‘Wordpress’

How To Configure Redis Caching to Speed Up WordPress on Ubuntu 14.04

25/03/2019 Comments off

Introduction

redisRedis is an open-source key value store that can operate as both an in-memory store and as cache. Redis is a data structure server that can be used as a database server on its own, or paired with a relational database like MySQL to speed things up, as we’re doing in this tutorial.

For this tutorial, Redis will be configured as a cache for WordPress to alleviate the redundant and time-consuming database queries used to render a WordPress page. The result is a WordPress site which is much faster, uses less database resources, and provides a tunable persistent cache. This guide applies to Ubuntu 14.04.

While every site is different, below is an example benchmark of a default WordPress installation home page with and without Redis, as configured from this guide. Chrome developer tools were used to test with browser caching disabled.

Default WordPress home page without Redis:

804ms page load time

Default WordPress home page with Redis:

449ms page load time

Note: This implementation of Redis caching for WordPress relies on a well-commented but third-party script. The script is hosted on DigitalOcean’s asset server, but was developed externally. If you would like to make your own implementation of Redis caching for WordPress, you will need to do some more work based on the concepts presented here.

Redis vs. Memcached

Memcached is also a popular cache choice. However, at this point, Redis does everything Memcached can do, with a much larger feature set. This Stack Overflow page has some general information as an overview or introduction to persons new to Redis.

How does the caching work?

The first time a WordPress page is loaded, a database query is performed on the server. Redis remembers, or caches, this query. So, when another user loads the WordPress page, the results are provided from Redis and from memory without needing to query the database.

The Redis implementation used in this guide works as a persistent object cache for WordPress (no expiration). An object cache works by caching the SQL queries in memory which are needed to load a WordPress page.

When a page loads, the resulting SQL query results are provided from memory by Redis, so the query does not have to hit the database. The result is much faster page load times, and less server impact on database resources. If a query is not available in Redis, the database provides the result and Redis adds the result to its cache.

If a value is updated in the database (for example, a new post or page is created in WordPress) the Redis value for that query is invalidated to prevent bad cached data from being presented.

If you run into problems with caching, the Redis cache can be purged by using the flushall command from the Redis command line:

redis-cli

Once you see the prompt, type:

flushall

Additional Reference: WordPress Object Cache Documentation

Prerequisites

Before starting this guide, you’ll need to set up a sudo user and install WordPress.

  • Ubuntu 14.04 Droplet (1 GB or higher recommended)
  • Add a sudo user
  • Install WordPress. This guide has been tested with these instructions, although there are many ways to install WordPress

Lire la suite…

Categories: Logiciel Tags: ,

How To Turn Off Post Revision In WordPress 2.6

19/03/2019 Comments off

One of the irritating feature for me in WordPress 2.6 is the post revision. I am the only author of my blog and hence this feature is useless to me.

Just in case you are wondering how post revision works, whenever a post is edited, a new row will be created in wp_posts table. Hence if your posts or pages got edited 10 times, you will have 10 new rows in wp_posts table.

In no time your wp_posts table will be filled up and the post ID will be huge.

To turn off this feature, add this following code to wp-config.php:

define('WP_POST_REVISIONS', false);

You can also delete all post revisions by running this query in phpMyAdmin:

DELETE a,b,c  
FROM wp_posts a  
LEFT JOIN wp_term_relationships b ON (a.ID = b.object_id)  
LEFT JOIN wp_postmeta c ON (a.ID = c.post_id)  
WHERE a.post_type = 'revision'  

Be sure to backup your database first before performing any queries in phpMyAdmin.

*UPDATE* Auto Saves does not create a revision of the post.

*UPDATE 2* Updated SQL query from Andrei Neculau as the previous query does not delete from wp_postmeta and wp_term_relationships tables.

*UPDATE 3* There is a proper way of cleaning up Post Revisions as mentioned by kitchin in Deleting Post Revisions: do NOT use the a,b,c JOIN code you see everywhere. I like his method more than the SQL query above.

Source: Lester Chan’s WordPress Plugins

Categories: Logiciel Tags:

Des requêtes SQL pour vous sauver la vie avec WordPress

18/03/2019 Comments off

sql wordpressVous avez changé votre blog WordPress de serveur et de domaine et là plus rien ne marche?

Vous voulez faire le ménage dans votre base de données ?

Et bien voici quelques exemples de requêtes SQL qui vous aiderons à faire tout ça rapidement et sans prise de tête.

Sauvegarde:

Avant de commencer la chose la plus importante à faire c’est de sauvegarder votre base de donnée.

Pour cela, plusieurs solutions s’offre à vous.

Soit vous utilisez directement une extensions WordPress tel que WP-DB-Backup ou WP-DBManager, ou alors vous pouvez le faire manuellement depuis l’interface de phpMyAdmin en suivant la procédure suivante:

  1. Connectez vous sur phpMyAdmin.
  2. Sélectionnez votre base WordPress.
  3. Cliquez sur « exporter » dans le menu en haut de la page.
  4. Sélectionnez les tables à sauvegarder.
  5. Sélectionnez SQL pour avoir un fichier de sortie en .sql.
  6. Cochez la case « Transmettre«
  7. Vous pouvez choisir un type de compression afin de réduire la taille de votre fichier.
  8. Cliquez sur « Exécuter » et le fichier devrait se télécharger.

phpmyadmin-export

Lire la suite…

Detect and Block WordPress Brute Force Login Attacks

06/03/2019 Comments off

detect and block wordpress brute forceIf you run a wordpress blog these days, you are likely to experience brute force attacks where nefarious individuals attempt to break in to your website by quickly a list of userids and passwords against your wp-login.php.  Here’s how I automated detection and blocking of WordPress brute force login attacks.

Detecting a WordPress Brute Force Attack

One can typically detect a wordpress brute force attack by parsing through your webserver’s access_log file.  The access_log file records all of the access requests that a web server handles.  A brute force attack typically will have frequent and numerous attempts to the wp-login.php file as shown below:

Example:  In the access_log file below, we detect a brute force login attack on our WordPress blog.  We detected it by noticing frequent and constant requests to the wp-login.php file.

31.192.210.159 - - [11/Sep/2014:02:01:43 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:44 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:45 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:47 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:49 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:50 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:51 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:52 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:54 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
31.192.210.159 - - [11/Sep/2014:02:01:55 +0000] "POST http://www.uptimemadeeasy.com/wp-login.php HTTP/1.1" 200 3389 "http://www.uptimemadeeasy.com/wp-login.php" "Mozilla/5.0 (Linux; U; Android 2.2) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"

Typically in an event like this, I lookup the IP address in the ARIN database as I showed in a previous article:  What Personal Information Can You Get From Your Web Server?  Frequently, I find that the address is from APAC or RIPE addresses.

Lire la suite…

WordPress Performance Tuning

25/02/2019 Comments off

wordpress performance tuning
WordPress is one of the most popular content publishing platform used by some of the very high traffic website. Beauty of the wordpress is in its simplicity. If you will setup your WordPress correctly then your website performance will be fantastic. In this article we will explore various aspect of the WordPress Performance Tuning. Before going further let me clear that why you need to optimize your WordPress website performance.

Why you should spend time on WordPress Performance Tuning ?

Performance tuning or Optimization is required due to following reason:

  1. If you will correctly optimize or tune your WordPress performance then your visitor experience will be better.
  2. Search engines are giving high preference to high speed website.  So your SEO will be improved.
  3. Sometime while doing your WordPress performance tuning you will analyzed and remove unwanted thing from your WordPress which reduce your server work. So your server will have less load.

Tool / Plugin / Stuff you need while WordPress Performance tuning

WordPress performance tuning does not mean to only changing some configuration of your WordPress. There are several area where you need to fine tune like apache(your webserver), Mysql etc. So before going further you need following tool/plugin

  1. Installation of plugin w3 total plugin.
  2. Firefox web browser with firebug tool.
  3. Google Page Speed Test  or GT Metrix.
  4. SSH connection to your server (only required if you want to tune Apache and MySQL performance).
  5. A good Internet speed.

Before going further for your WordPress Performance Tuning please arrange above written tool.

Analyze your WordPress Performance

Before going to optimize your WordPress Performance you need to analyze that whether your website performance is good or bad. Or in other word we can say that you need to check whether your website is served quickly or not. Following are the factor which mainly affect your website performance and you need to check.

  1. Time taken to load your web page
  2. Number of CSS, js and Images are getting downloaded on every request
  3. CSS and JS are placed correctly or not.

You can check your website performance in either Google Page Speed or Gtmetrix. I prefer to use Gtmetrix. Both tool will gives rating to your website Speed and suggestion to improve your website performance further. Gtmetrix will also provide you the timeline waterfall(what is repose time of your website and how many images, css , js or other resources are getting downloaded) of your website. I prefer Gtmetrix because of TimeLine waterfall feature.
You will get following type snapshot for your website in Gtmetrix
WordPress Performance Tuning

In above snapshot you can see the following 4 tab

  1. Page Speed : In this tab you can find your website performance analysis with GooglePageSpeed.
  2. YSlow : In this tab you can find your website performance analysis with YSlow.
  3. TimeLine : In this tab you can find your website page load water fall.
  4. History: In this tab you can find previous history of your website page speed test if you did the test in in future.

Lire la suite…

Categories: Logiciel Tags: ,