Alternative functions for file_get_contents()

Like many others I’ve used the native PHP function file_get_contents() to receive the content from a remote file because the functions is very easy to use. But is it the best way to do that? I see many scripts using that function and even WordPress plugins are using this function while WordPress has a native function to receive remote content.

While debugging some website, I’ve noticed that I get trouble using file_get_contents() if I use the 5G firewall rules for the remote site I tried to access. This native PHP function doesn’t send any USER AGENT information and that’s why a 5G rules has blocked the access. There are also other reasons to use other functions: Missing response codes, no option to add additional headers and limitations from your hosting provider are just a view of them.  Continue reading Alternative functions for file_get_contents()

Reduce RAM usage for your WordPress websites

I’m using for most of my servers ServerPilot as the server management tool. With ServerPilot your server will be installed an optimized with Nginx and PHP-FPM. This configuration makes your server very fast.

If you host multiple WordPress websites on your VPS you need to check the RAM memory usage frequently. Even if your WP sites doesn’t have a lot of traffic, they might consume a lot of memory. One of the reason might be the dynamic PHP-FPM configuration, which is very good because each site will respond fast even after some time of inactivity. This happens because there is always at least one active task running inside the applications PHP-FPM pool. If your website becomes more active, it’s possible that a websites pool will activate (and keep) more than one tasks. At this moment your low-traffic website might consume more than 250MB of RAM memory! Continue reading Reduce RAM usage for your WordPress websites

Disable Emoji for WordPress

Today I’ve read some article at PostStatus about the Trojan Horse Emoji and I’m still wondering why the Emoji feature becomes a part of the WordPress core. There are so many important features which could improve WordPress, but we got something no one likes :( … Wait, I disabled Emoji for this website and I’m still seeing this new Frownie image???

Video: Anatomy of a Critical Security Bug

Watch this Youtube video where Andrew Nacin talks about the critical security vulnerability and how it was discovered and patched in WordPress 4.2.

After the update to WP 4.2, the first thing I have noticed was a long JS/CSS snippet inside the HEAD of my website. Something I don’t like for a feature I didn’t asked for. The old smiley replacement function has got some new images and that is enough for me. So I decided to disable Emoji for this and many other websites I manage. Continue reading Disable Emoji for WordPress

Store your Twitter API results with Memcache

Recently I needed a dynamic cache function for some PHP based, custom website. Most pages are a kind of mash-up with different results and one of them was dynamic Twitter feed that shows the latest tweets for some static “search” value.

Using the PHP library Twitter OAuth by Abraham is it very easy to create a Twitter search or any other Twitter API request. The only preparation you need to do is, create an app in the Twitter developer section. Continue reading Store your Twitter API results with Memcache

Limit brute force attacks for WordPress websites

On of the biggest issues for WordPress attacks are brute force attacks. Even a smaller website might slow down your server if a bot is trying to hack your website or is sniffing for vulnerable files or locations.

By default each page request to a WordPress website will produce several database queries. Also page requests for non-existing pages and files! Continue reading Limit brute force attacks for WordPress websites

Keep your SSH sessions alive

Most Internet service provider will try shutdown active Internet connections after a view minutes to prevent their network from streaming videos or other bandwidth killers. This happens often because of some router setting you can’t change. As a web developer your SSH session (and other active connections) will freeze, if you stop working in the terminal window for just 5 minutes or by getting a fresh cop of coffee.

To get rid of this problem you need to change your SSH config file, enter the following inside to the terminalwindow

sudo nano /etc/ssh/ssh_config

and add this setting to the end of the file

ServerAliveInterval 60

Safe your file and start a new SSH session which will stay active because the client sends every 60 seconds a bit of data to the server.
Check also this article for more information.