I was originally very concerned about the new automatic updates, because updates on a WordPress site occasionally break things. When I update, I want to get a quick backup right before, and have a restore plan in place, in case anything goes awry. It’s a risky procedure, and the thought of WordPress updating itself whenever it wants to is enough to send chills down my spine.
The first thing I looked for was how to disable the updates, which can be done by adding this to your wp-config.
Read More »
It’s something that is often overlooked, but for security and speed, you should IP restrict your /wp-login.php file. I’ve had many sites go down because there’s someone trying to brute force the admin login, and even if it doesn’t take them down entirely, it tends to slow them down.
Why? With any finely tuned site, users are mostly hitting static files. CSS, JS, images, cached pages, and so on. When they hit /wp-login.
Read More »
If you use the built-in import/export to migrate a WordPress site, you’re doing it wrong. You don’t save any of the site’s settings or the plugin settings. Please figure out a better way to migrate a site.
What You’re Messing Up First of all, the WordPress export doesn’t move everything. Here’s what makes up your site: the core code, uploads, your theme, plugins (and their settings), posts, pages, users, and settings.
Read More »