Category Archives: Wordpress

Fix: WordPress with password protected subdirectories

July 12, 2012 9:51 am /

If you use WordPress on your root web folder, subdirectories password protected with .htaccess do not work. Users will not get the ability to put in their username and password to access the page. The Apache rewrite rules included in WordPress will forward users to the 404 error page instead.

To get around this, you will need to create a 401 error page in the web root directory (e.g. ~/public_html/401.html) and add the following line to the .htaccess file located in your web root directory.

ErrorDocument 401 /401.html

This also works for other apps using Apache Rewrite Rules, such as Drupal.

Posted in: Apache, wordpress / Tagged: , ,

Installing nginx with PHP, MySQL, and WordPress in Fedora

April 1, 2011 12:31 pm /

Interested in installing nginx on a Fedora system? The configuration with nginx is more complicated than Apache since  it requires the setup of the nginx server and a separate daemon for running PHP. I prefer creating the daemon from scratch rather than going with the fpm route in Fedora 14 since there isn’t official support for it. I’d certainly install the fpm package once its available in Fedora.

Why switch to nginx?

If you have a site with heavy CPU and memory load in Apache, then nginx is a great choice. I recently made the switch to nginx and have noticed a reduction in CPU and memory usage. Nginx loads static content very fast and efficiently.

Here’s a graph of my nginx server load test. Courtesy of LoadImpact‘s free load testing service.

The user load time on my server is minimally impacted with 50 clients viewing the site simultaneously.

nginx disadvantages

The biggest drawback to nginx is that it does not have per-directory configuration files and does not support Apache .htaccess files (which is heavily used in many web apps such as WordPress).

Here’s a list of resources for installing nginx on Fedora Release 14

1) Linode.com has an excellent tutorial on setting up nginx on Fedora.
http://library.linode.com/web-servers/nginx/php-fastcgi/fedora-14

This should be sufficient to get nginx running. I had to tweak the php-fastcgi-init-rpm.sh to work on my system, specifically with the configtest section inside the init script. You should check the service to make sure it works correctly via the “service php-fastcgi stop”, “service php-fastcgi start”, “service php-fastcgi restart”

https://library.linode.com/web-servers/nginx/php-fastcgi/reference/php-fastcgi-init-rpm.sh

2) Setting up WordPress on Fedora

Once nginx is running, you will need to tweak the /etc/nginx/nginx.conf to work with WordPress. This is required to emulate the Apache Rewrites in nginx. This is essential on a multi-site install with WordPress 3.1, blogs located in subdirectories . If not, you will get errors in WordPress for wp-admin missing, broken templates, broken plugins, etc.

This is a really good tutorial on setting up WordPress with nginx.
http://wordpress.org/support/topic/nginx-php-fpm-php-apc-wordpress-multisite-subdirectory-wp-super-cache

The following configuration file is the one I used to get a multi-site install of WordPress running on nginx/Fedora. It has the zero-day exploit defense built-in along with support for super cache and w3 total cache plugins. Special thanks to bigsite.

# WordPress multisite subdirectory rules.
# Designed to be included in any server {} block.

# This order might seem weird - this is attempted to match last if rules below fail.
# http://wiki.nginx.org/HttpCoreModule
location / {
try_files $uri $uri/ /index.php?$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Directives to send expires headers and turn off 404 error logging.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 24h;
log_not_found off;
}

# Pass uploaded files to wp-includes/ms-files.php.
rewrite /files/$ /index.php last;

# For multisite: Use a caching plugin that creates symlinks to the correct subdirectory structure to get some performance gains.
set $cachetest "$document_root/wp-content/cache/ms-filemap/${host}${uri}";
if ($uri ~ /$) {
set $cachetest "";
}
if (-f $cachetest) {
# Rewrites the URI and stops rewrite processing so it doesn't start over and attempt to pass it to the next rule.
rewrite ^ /wp-content/cache/ms-filemap/${host}${uri} break;
}

if ($uri !~ wp-content/plugins) {
rewrite /files/(.+)$ /wp-includes/ms-files.php?file=$1 last;
}

# Uncomment one of the lines below for the appropriate caching plugin (if used).
# include global/wordpress-ms-subdir-wp-super-cache.conf;
# include global/wordpress-ms-subdir-w3-total-cache.conf;

# Rewrite multisite '.../wp-.*' and '.../*.php'.
if (!-e $request_filename) {
rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;
rewrite ^/[_0-9a-zA-Z-]+.*(/wp-admin/.*\.php)$ $1 last;
rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last;
}

# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
try_files $uri =404;

fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_intercept_errors on;
fastcgi_pass php;
}

Posted in: Fedora, Linux, nginx, PHP, wordpress / Tagged: , ,

Top 5 essential WordPress plugins

March 22, 2011 2:33 pm /

Looking for some good plugins for your WordPress blog? Here’s a list of the top 5 essential WordPress plugins that I’ve found. These 5 plugins will help with reducing spam on your blog, improving security, adding mobile device support, blog statistics, and improving search engine visibility with your site.

  1. Akismet. This is the first line of defense for spam on your blog. Its available in the base install of WordPress. All you need to do is to sign-up for the Akismet API key (free) and enter it into your WordPress configuration. It also helps the community when you tag a comment as spam.
  2. Login lockdown.  This prevents your blog from getting hit by sites trying to run dictionary or brute force attacks on your WordPress logins. You can configure the maximum login retries, retry time in minutes, and lockout length. Highly recommended.
  3. WPtouch. Make your blog accessible through touch screen mobile devices such as Apple iPhone, Google Android, Blackberry Storm/Torch, and Palm Pre. Great user interface and easy to install.
  4. WordPress.com Stats. This is an easy way to get stats on your blog. You can check out referring links, top posts, search engine terms, clickthrough links, and incoming links. Its available in the base install of WordPress.  Requires a WordPress.com API key (free).
  5. All in One SEO Pack. I like the number of options that this optimizer has for search engines. You can setup custom post types, canonical URLs, title optimizations, META tag generation, and much more. Its one of the most popular plugins with 7.5 million downloads. Note: there are some issues with this plugin on certain installs of WordPress 3.1. Another alternative SEO plugin is WordPress SEO by Yoast.
http://wordpress.org/extend/plugins/login-lockdown/
Posted in: PHP, wordpress / Tagged: ,

WordPress Fix: Importing large RSS files

March 15, 2011 7:56 pm /

Importing large RSS files in WordPress has its share of bugs and problems. A major cause is due to the latest configuration changes with PHP 5.2. Regular expressions are now capped at 100KB in PHP. WordPress uses the PHP function preg_match_all() to parse out the RSS entries.

If you import a post greater than 100KB, the import function to fail completely.

If you don’t have access to change the PHP server settings, simply edit the RSS file and remove the large RSS posts from the file.

If you have access to a server:
To import large RSS posts into WordPress, you will need to change the php.ini configuration on your server.

[Pcre]
;PCRE library backtracking limit.
pcre.backtrack_limit=5000000

I’ve set it to 5MB, up from 100KB. PHP added this limit to prevent the server from running out of memory. Change it temporarily to 5000000 for the import process. Restart Apache/nginx/etc. to set the values. 

Open the WordPress importer, select your RSS file from your computer, and run the import. Once you are able to import the RSS file posts, change the configuration back to:

pcre.backgrack_limit=1000000

Restart your web server to revert the changes.

Posted in: PHP, wordpress / Tagged: ,

WordPress Fix: Fatal error Cannot redeclare wp_load_image

December 21, 2010 9:27 pm /

Here’s a quick fix for WordPress 2.X to WordPress 3.X migration: 

Fatal error: Cannot redeclare wp_load_image() (… previously declared in /wp-includes/media.php) in /wp-admin/includes/image.php …)

What causes this? The primary cause is a plugin inside /wp-content/plugins folder that is incompatible with WordPress 3.0. Most likely the plugin developer defined a wordpress function inside their plugin folder, causing a function name redeclaration.

Fix? If you have the customize plugin inside /wp-content/plugins/, remove it.  This was the plugin causing the fatal error for me.  Login to the wp-admin control panel and re-install the plugin.

If this does not work, rename your plugins folder to plugins-backup. This should allow your WordPress to work again temporarily. Copy over the plugins folder from the fresh WordPress install /wp-content/plugins/ to your server. Move back in the plugins one-by-one from the plugins-backup folder to your new plugins folder. If you find the plugin the causes the fatal error, move it out. See if a new version of the plugin is available for download from your wp-admin panel.

Posted in: PHP, wordpress

Post Navigation

Older Posts