Block xmlrpc.php and wp-login.php via NGINX

Block Xmlrpc Wp Login Nginx

You can block xmlrpc.php and wp-login.php via NGINX with the configurations below, what’s good about this approach is that it prevents brute force attacks at the NGINX server level without any PHP/MySQL resources being used. xmlrpc.php for NGINX location = /xmlrpc.php { deny all; } To allow JetPacks IP addresses through adjust the config to…

Read More

Temporarily Turn off Modsec filtering

Turn Off Modsec

You can temporarily turn off Modsec filtering by adding a code snippet rule to your .htacces file, this can be helpful if you are triggering a number of rules which are false positives or you are unable to get the rules whitelisted whilst you do your development. Add into .htaccess <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST…

Read More

Git WordPress workflow for Local Development to Staging Site

This guide shows a Git WordPress workflow and demonstrates version control using Git from a local development environment on macOS to a staging site web server. For the Database control and pushing to staging, we will use WP Migrate Pro. A second remote repo for a production server would also need to be added in a real-world scenario. This…

Read More