Don’t Move wp-config.php Outside the Document Root

Most WordPress security guides recommend moving wp-config.php outside of the Apache document root in order to prevent the database password being exposed if the PHP engine fails to parse the file, or from being readable to infected scripts running in the domain. Despite the conventional wisdom, though, this technique doesn’t solve those problems, and can actually […]

Continue reading...

WordPress Bug Causes Error in XML-RPC Clients

I’ve been having a hard time figuring out an error that a client’s been getting in the Android and iOS apps for WordPress, but finally found the reason. The problem was that, when adding new posts with images, the post would be saved and the image would be uploaded and attached to the post, but […]

Continue reading...

FastCGI errors after PHP upgrade

I ran into a small problem upgrading PHP from 5.3.5 to 5.3.10 on a MediaTemple CentOS VPS today. The upgrade completed without any errors, but when I reloaded the site I got a “500 Internal Server Error” message. It was the stock installation, so I’m not sure which module it was using or what repository […]

Continue reading...

Scaling WordPress Installations

TJ Stein gave a really good presentation at WordCamp Chicago 2011 about scaling and performance issues with WordPress installations. He focuses a lot on using ngnix instead of Apache, but also covers PHP object caching, Varnish, CDNs, benchmarking, etc. It’s a good overview of current practices, but there’s also a lot of specific tips throughout.

Performance Improvements for Dedicated WordPress Servers

Mark Maunder benchmarked several performance tuning measures with a WordPress installation on a VPS server to show which are most effective. The biggest improvements were from installing PHP-APC, setting up Nginx to proxy concurrent connections for Apache, and using MySQL’s query cache.

Tweaking Apache Settings for VPSs

Apache’s default settings assume it’s running under a dedicated box with at least 2GB of RAM, so they don’t perform very well in a VPS that may only have 500MB. I recently made some tweaks to several VPS’s that reduced memory usage by 300-400MB without degrading performance. Apache Performance Tuning is a good article that […]

Continue reading...

Directory Permissions for WordPress under Plesk/Linux

Jason Diehl describes the right way to setup directory permissions on a Linux box running Plesk so that WordPress can automatically create the directories it uses to store uploads. Basically, you need to make sure that PHP’s safe mode is turned off and that wp-content is owned by apache, in the apache group, and chmod’d to 777.