Category Archives: WordPress

Beta: Dathorn WordPress Scanner

WordPress is not only the most popular script that we host, it is also most frequently targeted by attackers. While critical vulnerabilities in the WordPress core are relatively rare, they are fairly common in plugins and themes. It is important that these items are always kept updated to help prevent a compromise.

This can be a confusing process because the WP admin interface may not accurately portray certain situations. For example, if you’ve installed a plugin or theme outside of the WordPress repository, it may always show no updates being available even though that is not the case. The WP admin interface also doesn’t warn when something hasn’t received an update in a while, indicating it may no longer be actively maintained. These are both scenarios that require special attention but are easily overlooked.

Further, if a WordPress is compromised due to a vulnerability it can be very difficult to get the site back online in a secure state. Typically, we recommend a complete fresh re-install because there is no easy way to tell what attackers may have modified or left behind. Last modified dates on files can’t even be trusted once an account has been compromised. Continue reading

LiteSpeed Cache & WordPress

LiteSpeed

Our servers have been running the LiteSpeed Web Server for almost six years now and one of the lesser known but most powerful features of it is its caching. LiteSpeed cache is available on our servers although it is disabled on all domains by default. Enabling it globally just isn’t practical or wise because there is a lot of content that doesn’t need to be cached or shouldn’t ever be cached.

LiteSpeed cache can be used to cache your PHP scripts and thus speed up their load time significantly. This can be very beneficial if your site receives consistent traffic although even low traffic sites can see some benefits. The cache can be enabled and configured by means of some mod_rewrite rules in your .htaccess file. Below is a common example that can be used to cache WordPress:


<IfModule LiteSpeed>
CacheEnable public /
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$
RewriteCond %{REQUEST_URI} !^(wp-admin|wp-login.php|wp-cron.php)
RewriteRule .* - [E=Cache-Control:max-age=120]
</IfModule>

Continue reading