Using WooCommerce with Varnish, exclude pages and cookies
To use WooCommerce with Varnish server-side caching you need to exclude some of the generic WooCommerce pages and cookies. Some web hosts will partially do this for you and others will give you an interface to add them yourself, make sure you ask the host what options are available Exclude from Varnish these WooCommerce pages…
Read MoreAdding Cloudflare to the mix of ServerPilot and fail2ban
This guide looks at adding Cloudflare to a set up of ServerPilot and fail2ban with a WordPress jail set up. Once you start using Cloudflare as a CDN solution for your hosting, you are adding another firewall into the equation, albeit a very good one, but you may want to pass your servers local firewall…
Read MoreTemporarily Turn off Modsec filtering
You can temporarily turn off Modsec filtering by adding a code snippet rule to your .htacces file, this can be helpful if you are triggering a number of rules which are false positives or you are unable to get the rules whitelisted whilst you do your development. Add into .htaccess <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST…
Read MoreGit WordPress workflow for Local Development to Staging Site
This guide shows a Git WordPress workflow and demonstrates version control using Git from a local development environment on macOS to a staging site web server. For the Database control and pushing to staging, we will use WP Migrate Pro. A second remote repo for a production server would also need to be added in a real-world scenario. This…
Read MoreSetting Up GeoIP Location on Piwik on ServerPilot
Using a combination of ServerPilot and a Vultr server instance is a great solution for a Piwik server for tracking analytics. After setting up the initial Piwik install here is how you can set up the GeoIP location module set up to enable you to view visitor results from City and Country Location. Piwik can…
Read MoreReplacing the default ServerPilot Firewall with your own using UFW
ServerPilot comes with a default firewall enabled when you connect to a droplet instance such as from Vultr or Digital Ocean, the only option you have from the ServerPilot control panel is to toggle if on or off. The actual firewall used is called UFW (uncomplicated firewall) which is a simplistic wrapper over the underlying IP…
Read MoreInstall fail2ban for SSH on ServerPilot / Vultr Instance
ServerPilot out of the box does not have a solution to deal with brute force attacks, it does have a sister company called Heatshield which rejects IP addresses that try and constantly connect to your site, you can also do the same with the opensource fail2ban. fail2ban is an app which bans access to your site…
Read MoreSet Up LMD Maldet and ClamAV on ServerPilot and VULTR
Set up a malware scanner with LMD Maldet and ClamAV on ServerPilot and an instance like Vultr or Digital Ocean. One of the key server malware scanners is Linux Malware Detect and works very nicely scanning any Linux distribution, it keeps an updated database of known malware exploits from an updated registry. The Linux Malware Detect tool can also integrate…
Read MoreChanging the SSH Port in ServerPilot
ServerPilot comes with a default firewall which is enabled and comes in the form of a toggle in the ServerPilot control panel. The panel is a front for the ufw (uncomplicated firewall) app which in turn is a front for ip tables but with a lower learning curve, by default the below rules are the…
Read MoreViewing and Changing WordPress Default Permissions
Many issues can go wrong if your WordPress default permissions have changed due to some unforeseen circumstance or a migration has gone bad due to some abnormal hosting environment. The default Linux permissions for most hosts WordPress sites are 644 for files and 755 for folders which is: file is rw-r–r– folder is drwxr-xr-x For a file…
Read More