Notes‎ > ‎

WordPress

Security


Download


Live Writer

Get Live Writer, the best free WYSIWIG WordPress editor (Windows only).

wp-config.php

// Uncomment to enable MultiSite, then Admin > Tools > Network
//define('WP_ALLOW_MULTISITE', true);

define('WP_HOME','http://your-website.com');
define('WP_SITEURL','http://your-website.com');

define('DB_NAME', 'wordpress');
define('DB_USER', 'root');
define('DB_PASSWORD', 'password');
define('DB_HOST', 'localhost');

WP-Cron


For single Wordpress, create this daily Cron job
wget http://yourdomain.com/wp-cron.php?doing_wp_cron

Add to wp-config.php
define('DISABLE_WP_CRON', true);


Enable remote editing

Admin > Settings > Writing
  • Enable "Atom Publishing Protocol"

  • Enable "XML-RPC"

  • Click "Save Changes"

Use clean urls

Admin > Settings > Permalinks
  • Choose "Custom Structure"
    /%postname%/

  • Click "Save Changes"

User permissions

Don't make everyone administrator.

Set appropriate permissions for every user
  • Administrator - Somebody who has access to all the administration features

  • Editor - Somebody who can publish and manage posts and pages as well as manage other users' posts, etc.

  • Author - Somebody who can publish and manage their own posts

  • Contributor - Somebody who can write and manage their posts but not publish them

  • Subscriber - Somebody who can only manage their profile

See

Scaling WordPress

Multiple slaves to load-balance database reads


Comments