Wordpress: verschil tussen versies
| (4 tussenliggende revisies door dezelfde gebruiker niet weergegeven) | |||
| Regel 1: | Regel 1: | ||
| + | '''Plugins''' | ||
| + | |||
| + | [https://wordpress.org/plugins/imagemagick-engine/ Imagemagick bij problemen met kleuren in je thumbs] | ||
| + | |||
'''Caching:''' | '''Caching:''' | ||
| Regel 61: | Regel 65: | ||
http://codex.wordpress.org/Brute_Force_Attacks | http://codex.wordpress.org/Brute_Force_Attacks | ||
| + | |||
http://wordpress.org/plugins/bruteprotect/ | http://wordpress.org/plugins/bruteprotect/ | ||
| + | |||
http://hackguard.com/protecting-wordpress-against-brute-force-attacks | http://hackguard.com/protecting-wordpress-against-brute-force-attacks | ||
| + | |||
http://pressing-matters.io/any-easy-way-to-block-brute-force-attacks-from-botnets/ | http://pressing-matters.io/any-easy-way-to-block-brute-force-attacks-from-botnets/ | ||
| + | |||
https://getclef.com/ | https://getclef.com/ | ||
| + | |||
| + | '''Config en Login dichtzetten via .htaccess:''' | ||
| + | |||
| + | <FilesMatch "(wp-config.php|wp-login.php)"> | ||
| + | AuthName "HTAccess" | ||
| + | AuthType Basic | ||
| + | AuthUserFile /usr/share/wordpress/.htpasswd | ||
| + | require valid user | ||
| + | </FilesMatch> | ||
| + | |||
| + | [https://codex.wordpress.org/ De Codex] | ||
| + | |||
| + | [https://wpscan.org/ Wpscan.org, bekende security-holes testen op je pagina. Ook via github: https://github.com/wpscanteam/wpscan] | ||
Huidige versie van 5 nov 2017 om 00:28
Plugins
Imagemagick bij problemen met kleuren in je thumbs
Caching:
We use W3 Super Cache and don't forget a CDN. We use MaxCDN. Cloudflare
https://developers.google.com/speed/pagespeed/insights/&urlhash=Bg7N&_t=tracking_disc
if your web server is apache then consider adding the following to your .htaccess (even if you use a cache plugin). It should speed up your site remarkably
- Gzip
<ifModule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file .(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image/.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* </ifModule>
- BEGIN Expire headers
<IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 5 seconds" ExpiresByType image/x-icon "access plus 2500000 seconds" ExpiresByType image/jpeg "access plus 2500000 seconds" ExpiresByType image/png "access plus 2500000 seconds" ExpiresByType image/gif "access plus 2500000 seconds" ExpiresByType application/x-shockwave-flash "access plus 2500000 seconds" ExpiresByType text/css "access plus 600000 seconds" ExpiresByType text/javascript "access plus 200000 seconds" ExpiresByType application/javascript "access plus 200000 seconds" ExpiresByType application/x-javascript "access plus 200000 seconds" ExpiresByType text/html "access plus 600 seconds" ExpiresByType application/xhtml+xml "access plus 600 seconds" </IfModule>
- END Expire headers
- BEGIN Cache-Control Headers
<IfModule mod_headers.c> <filesMatch ".(ico|jpe?g|png|gif|swf)$"> Header set Cache-Control "public" </filesMatch> <filesMatch ".(css)$"> Header set Cache-Control "public" </filesMatch> <filesMatch ".(js)$"> Header set Cache-Control "private" </filesMatch> <filesMatch ".(x?html?|php)$"> Header set Cache-Control "private, must-revalidate" </filesMatch> </IfModule>
- END Cache-Control Headers
Beveiliging:
http://codex.wordpress.org/Brute_Force_Attacks
http://wordpress.org/plugins/bruteprotect/
http://hackguard.com/protecting-wordpress-against-brute-force-attacks
http://pressing-matters.io/any-easy-way-to-block-brute-force-attacks-from-botnets/
Config en Login dichtzetten via .htaccess:
<FilesMatch "(wp-config.php|wp-login.php)"> AuthName "HTAccess" AuthType Basic AuthUserFile /usr/share/wordpress/.htpasswd require valid user </FilesMatch>
