Tag Archives: Wordpress

Installing nginx with PHP, MySQL, and WordPress in Fedora

April 1, 2011 12:31 pm /

Interested in installing nginx on a Fedora system? The configuration with nginx is more complicated than Apache since  it requires the setup of the nginx server and a separate daemon for running PHP. I prefer creating the daemon from scratch rather than going with the fpm route in Fedora 14 since there isn’t official support for it. I’d certainly install the fpm package once its available in Fedora.

Why switch to nginx?

If you have a site with heavy CPU and memory load in Apache, then nginx is a great choice. I recently made the switch to nginx and have noticed a reduction in CPU and memory usage. Nginx loads static content very fast and efficiently.

Here’s a graph of my nginx server load test. Courtesy of LoadImpact‘s free load testing service.

The user load time on my server is minimally impacted with 50 clients viewing the site simultaneously.

nginx disadvantages

The biggest drawback to nginx is that it does not have per-directory configuration files and does not support Apache .htaccess files (which is heavily used in many web apps such as WordPress).

Here’s a list of resources for installing nginx on Fedora Release 14

1) Linode.com has an excellent tutorial on setting up nginx on Fedora.
http://library.linode.com/web-servers/nginx/php-fastcgi/fedora-14

This should be sufficient to get nginx running. I had to tweak the php-fastcgi-init-rpm.sh to work on my system, specifically with the configtest section inside the init script. You should check the service to make sure it works correctly via the “service php-fastcgi stop”, “service php-fastcgi start”, “service php-fastcgi restart”

https://library.linode.com/web-servers/nginx/php-fastcgi/reference/php-fastcgi-init-rpm.sh

2) Setting up WordPress on Fedora

Once nginx is running, you will need to tweak the /etc/nginx/nginx.conf to work with WordPress. This is required to emulate the Apache Rewrites in nginx. This is essential on a multi-site install with WordPress 3.1, blogs located in subdirectories . If not, you will get errors in WordPress for wp-admin missing, broken templates, broken plugins, etc.

This is a really good tutorial on setting up WordPress with nginx.
http://wordpress.org/support/topic/nginx-php-fpm-php-apc-wordpress-multisite-subdirectory-wp-super-cache

The following configuration file is the one I used to get a multi-site install of WordPress running on nginx/Fedora. It has the zero-day exploit defense built-in along with support for super cache and w3 total cache plugins. Special thanks to bigsite.

# WordPress multisite subdirectory rules.
# Designed to be included in any server {} block.

# This order might seem weird - this is attempted to match last if rules below fail.
# http://wiki.nginx.org/HttpCoreModule
location / {
try_files $uri $uri/ /index.php?$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Directives to send expires headers and turn off 404 error logging.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 24h;
log_not_found off;
}

# Pass uploaded files to wp-includes/ms-files.php.
rewrite /files/$ /index.php last;

# For multisite: Use a caching plugin that creates symlinks to the correct subdirectory structure to get some performance gains.
set $cachetest "$document_root/wp-content/cache/ms-filemap/${host}${uri}";
if ($uri ~ /$) {
set $cachetest "";
}
if (-f $cachetest) {
# Rewrites the URI and stops rewrite processing so it doesn't start over and attempt to pass it to the next rule.
rewrite ^ /wp-content/cache/ms-filemap/${host}${uri} break;
}

if ($uri !~ wp-content/plugins) {
rewrite /files/(.+)$ /wp-includes/ms-files.php?file=$1 last;
}

# Uncomment one of the lines below for the appropriate caching plugin (if used).
# include global/wordpress-ms-subdir-wp-super-cache.conf;
# include global/wordpress-ms-subdir-w3-total-cache.conf;

# Rewrite multisite '.../wp-.*' and '.../*.php'.
if (!-e $request_filename) {
rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;
rewrite ^/[_0-9a-zA-Z-]+.*(/wp-admin/.*\.php)$ $1 last;
rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last;
}

# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
try_files $uri =404;

fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_intercept_errors on;
fastcgi_pass php;
}

Posted in: Fedora, Linux, nginx, PHP, wordpress / Tagged: , ,

Top 5 essential WordPress plugins

March 22, 2011 2:33 pm /

Looking for some good plugins for your WordPress blog? Here’s a list of the top 5 essential WordPress plugins that I’ve found. These 5 plugins will help with reducing spam on your blog, improving security, adding mobile device support, blog statistics, and improving search engine visibility with your site.

  1. Akismet. This is the first line of defense for spam on your blog. Its available in the base install of WordPress. All you need to do is to sign-up for the Akismet API key (free) and enter it into your WordPress configuration. It also helps the community when you tag a comment as spam.
  2. Login lockdown.  This prevents your blog from getting hit by sites trying to run dictionary or brute force attacks on your WordPress logins. You can configure the maximum login retries, retry time in minutes, and lockout length. Highly recommended.
  3. WPtouch. Make your blog accessible through touch screen mobile devices such as Apple iPhone, Google Android, Blackberry Storm/Torch, and Palm Pre. Great user interface and easy to install.
  4. WordPress.com Stats. This is an easy way to get stats on your blog. You can check out referring links, top posts, search engine terms, clickthrough links, and incoming links. Its available in the base install of WordPress.  Requires a WordPress.com API key (free).
  5. All in One SEO Pack. I like the number of options that this optimizer has for search engines. You can setup custom post types, canonical URLs, title optimizations, META tag generation, and much more. Its one of the most popular plugins with 7.5 million downloads. Note: there are some issues with this plugin on certain installs of WordPress 3.1. Another alternative SEO plugin is WordPress SEO by Yoast.
http://wordpress.org/extend/plugins/login-lockdown/
Posted in: PHP, wordpress / Tagged: ,

WordPress Fix: Importing large RSS files

March 15, 2011 7:56 pm /

Importing large RSS files in WordPress has its share of bugs and problems. A major cause is due to the latest configuration changes with PHP 5.2. Regular expressions are now capped at 100KB in PHP. WordPress uses the PHP function preg_match_all() to parse out the RSS entries.

If you import a post greater than 100KB, the import function to fail completely.

If you don’t have access to change the PHP server settings, simply edit the RSS file and remove the large RSS posts from the file.

If you have access to a server:
To import large RSS posts into WordPress, you will need to change the php.ini configuration on your server.

[Pcre]
;PCRE library backtracking limit.
pcre.backtrack_limit=5000000

I’ve set it to 5MB, up from 100KB. PHP added this limit to prevent the server from running out of memory. Change it temporarily to 5000000 for the import process. Restart Apache/nginx/etc. to set the values. 

Open the WordPress importer, select your RSS file from your computer, and run the import. Once you are able to import the RSS file posts, change the configuration back to:

pcre.backgrack_limit=1000000

Restart your web server to revert the changes.

Posted in: PHP, wordpress / Tagged: ,

WordPress RSS Cache issue

May 12, 2010 4:24 pm /

As an administrator for a WordPress MU install, I’ve been getting comments about the RSS feed in WordPress not fetching the latest feeds. The RSS feed information that appears on the page ranges from a fetch that is a few hours to a day old. I’ve confirmed this is an issue with 2.9. This is an issue for blogs that need to pull alerts from an RSS feed within a timely basis, e.g. every 10 minutes.

The workaround to this is to use the KB Advanced RSS feed plugin instead of the one that’s in WordPress. Replace the RSS Widget in Appearance ->Widgets with the “KB Advanced RSS” widget.

If you are using WordPress 2.8+ and want to set the cache to refresh more frequently, go to /wp-content/plugins/kb-advanced-rss-widget/versions/wp-2.8.php

Find this code:
// Regardless, we’ll flush the cache every hour. (WP should flush hourly on its own, though.)
$cachetime = get_option( $this->md5_option_ts );
 if ( $cachetime < ( time() – 3600 ) ){

Change the 3600 to the number of seconds you want the cache to refresh. For instance, 600 for 10 minutes. The plugin uses its own RSS caching system.

I give this plugin 5  out of 5 stars.  It works fine with WordPress 2.9.2 and WordPress 2.9.2 MU (even through the documentation states compatibility  up to 2.8) Formatting options, conversion to UTF-8, reverse listing option, and well commented code.

References:
 http://wordpress.org/extend/plugins/kb-advanced-rss-widget/

Posted in: PHP, wordpress / Tagged: , , ,

WordPress 2.8.2 Released

July 22, 2009 12:11 pm /

WordPress 2.8.2 has been released. This affects both WordPress and WordPress MU. I recommend upgrading your current version since it contains a security fix.

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.

For more details, visit:
http://wordpress.org/development/2009/07/wordpress-2-8-2/

You can automatically upgrade WordPress within your control panel, or manually upgrade via:
http://wordpress.org/download/

WordPress MU download:
http://mu.wordpress.org/download/

Posted in: PHP / Tagged: ,