WordPress with HyperDB on PHP 7.0

I was configuring WordPress with HyperDB plugin on PHP 7.0 but the only I get were constant 500 errors. As I found here PHP 7.0 is not supported by HyperDB for now – it rely on mysql php extension but in PHP 7.0 there is only mysqli. Helpfully few folks fixed it and it’s possible to use it.

curl -O https://raw.githubusercontent.com/soulseekah/hyperdb-mysqli/master/db.php
mv db.php /var/www/wordpress/wp-content/

And configure it ex. like this:

cat <<DBCONFIG > /var/www/wordpress/db-config.php
<?php
\$wpdb->save_queries = false;
\$wpdb->persistent = false;
\$wpdb->max_connections = 10;
\$wpdb->check_tcp_responsiveness = true;

\$wpdb->add_database(array(
'host'     => "master.db.host",
'user'     => "wordpress",
'password' => "random_password",
'name'     => "wordpress",
'write'    => 1,
'read'     => 1,
));
\$wpdb->add_database(array(
'host'     => "slave.db.host",
'user'     => "wordpress",
'password' => "random_password",
'name'     => "wordpress",
'write'    => 0,
'read'     => 1,
));
DBCONFIG

Now WordPress could handle crash of master database.

Source:
https://www.digitalocean.com/community/tutorials/how-to-optimize-wordpress-performance-with-mysql-replication-on-ubuntu-14-04

Install WordPress from command-line

I never tried it before but today I needed to install WordPress… From command line only. And there is a way to do this with wp-cli.

WP-CLI installation

First some requirements (as root):

apt-get install php5-cli php5-mysql mysql-client curl

And now installation of wp-cli (as root too):

curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x wp-cli.phar
mv wp-cli.phar /usr/local/bin/wp

Check if it’s working:

$ wp --version
WP-CLI 0.22.0

WordPress installation

Now you should switch to user of your web application, ex. like this:

su - www-data -s /bin/bash

And install WP:

wp core download --path=/var/www/wordpress

wp core config --path=/var/www/wordpress \
  --dbname=wordpress \
  --dbuser=wordpress \
  --dbpass=wordpresspass \
  --dbhost=localhost \
  --locale=pl_PL

wp core install --path=/var/www/wordpress \
  --url="http://example.com" \
  --title="Example blog" \
  --admin_user=never_use_admin_here \
  --admin_password=admin_pass \
  --admin_email=admin@example.com \
  --skip-email

Here you may find more about wp-cli configuration and commands.

Mass replace in WordPress posts via MySQL query

I was doing a lot of changes to my old posts, switched to HTTPS, etc. Sometimes it was useful to change some particular text in all my old posts at a time, but there is no such feature in WordPress. But WordPress runs on MySQL and I could use SQL query to update such posts.

Make backup – it's not required but strongly advised 🙂

Now use this query as template to replace in place whatever you need:

mysql> UPDATE wp_posts SET post_content = REPLACE(post_content, '<!--more-->', '');
Query OK, 157 rows affected (0.04 sec)
Rows matched: 455  Changed: 157  Warnings: 0

This will remove <!--more-->from all posts (it's used by WordPress to span article when showed on tag/category pages).

Another example to update all URLs to HTTPS:

UPDATE wp_posts SET post_content = REPLACE(post_content, 'http://gagor.pl', 'https://gagor.pl');

Be careful with that and make DB backup before you start.

fail2ban – block wp-login.php brute force attacks

Lately I had a lot of brute force attacks on my WordPress blog. I used basic auth to /wp-admin part in nginx configuration to block this and as a better solution I wan't to block source IPs at all on firewall.

To do this, place this filter code in /etc/fail2ban/filter.d/wp-login.conf:

# WordPress brute force wp-login.php filter:
#
# Block IPs trying to authenticate in WordPress blog
#
# Matches e.g.
# 178.218.54.109 - - [31/Dec/2015:10:39:34 +0100] "POST /wp-login.php HTTP/1.1" 401 188 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
#
[Definition]
failregex = ^<HOST> .* "POST /wp-login.php
ignoreregex =

Then edit your /etc/fail2ban/jail.local and add:

[wp-login]
enabled   = true
port      = http,https
filter    = wp-login
logpath   = /var/log/nginx/access.log
maxretry  = 3

Now restart fail2ban:

service fail2ban restart

All done 🙂

WordPress – add meta tags: author, description, keywords, etc

After reading some SEO stuff I wanted to add some meta tags to my WordPress blog. I found this site: codex.wordpress.org/Meta_Tags_in_WordPress.
So WordPress thinks that it’s not necessary to have this meta tags any more… But I want it! 🙂 Next funny thing is how they suggest to add meta tags: copy header.php – what about theme updates?

I prefer to use functions.php file – just create it in your courrent theme directory with such content:

<?php
// this will remove WordPress version from header
remove_action('wp_head', 'wp_generator');

// handler function for adding custom tags
function custom_header_meta() {
?>
<meta name="author" content="Tomasz Gągor" />
<meta name="contact" content="my@mail.com" />
<meta name="description" content="<?php wp_title( '|', true, 'right' ); ?>" />
<meta name="keywords" content="some keywords" />
<meta name="verify-v1" content="google webmaster identification" />
<meta name="msvalidate.01" content="bing webmaster identification" />
<meta property="fb:admins" content="facebook identificatio" />
<meta name="copyright" content="Copyright (c)1997-2014 Tomasz Gągor. All Rights Reserved." />
<?php
}

// running handler function
add_action('wp_head', 'custom_header_meta');