Category Archives: WordPress

WordPress 3.0 Domain Mapping 0.5.2

I’ve just released WordPress Domain Mapping 0.5.2. This plugin allows you to map any domain on to your WordPress 3.0 or WordPress MU website.

New in this release:

  • WordPress 3.0 support.
  • Added “domains” page for superadmin to add domains to any blog. The user’s domains page can be disabled by the superadmin too.
  • Added support for “www.” prefix in front of domains.
  • Allow dashboard to redirect to mapped or original domain.
  • Better support for SSL
  • Translation file added for localization.

For security reasons remote login is now disabled if the dashboard is redirected to the mapped domain. There is a tiny chance of a man-in-the-middle attack during redirection, but it’s just as likely to happen when you’re logging in and sending your username/password to the login form. Call me paranoid.

I would like to thank Ron and Andrea who were a huge help developing and testing this release. Andrea has written a great post on creating a network in WordPress 3.0 plus instructions on upgrading from WordPress MU. Great stuff!

WP Super Cache 0.9.9.2

WP Super Cache 0.9.9.2 has just been released! This version works with WordPress 3.0 and adds a number of new features and bug fixes:

  • Cache Preloading will cache every post on your site.
  • A cache tester that will check if your homepage is cached.
  • Much better support for mobile plugins.
  • Mod rewrite rules can now be updated from within the admin page.
  • Lots and lots of bugs fixed. See the changelog for more details.

Preloading creates lots of files on your server so if you have many thousands of posts please be aware of this. Filesystem limitations may cause problems if you use a flat permalink structure. For example, ext2 or ext3 only allows 32,000 directories in a directory. If you have more than that number of posts you may run into problems.

The plugin does not preload category or tag pages but because your single posts will be cached you’ll find the load on your server will be reduced. Uncached pages will be served more quickly and your visitors will have a quicker and better experience on your site.
You may also see an increase in site traffic if your server was previously underpowered!

Update! I just released 0.9.9.3 to address the (mostly minor) bugs that were reported overnight. If you don’t notice anything wrong there’s no need to upgrade.

Preload the cache in WP Super Cache

See that nice dip in the graph for this week? I started to preload the cache used by WP Super Cache last Sunday and it’s made a noticeable difference in the load on my server here. The big spike is the preloading process.

I’ve always discouraged users from preloading the cache (Askapache Crazy Cache will do this for any cache plugin), mainly because of the possible problems so many files will cause for hosting companies. If you have thousands of cache files, it’s going to take so much longer to recover from a disk crash.
On the other hand, Google will now be using speed as a metric for judging how “good” a website is. In the past this plugin ignored the pages visited by bots because the bots only visited each page once so caching a page after the fact was pointless. The page, all pages, have to be cached first before Google ever visits.

That’s what it looks like. Once you start preloading it launches a wp-cron job to fetch 100 posts, then schedules another job 10 seconds in the future to fetch another 100 posts until it finishes. It also disables garbage collection of old pages, but making comments or posts will still clear out the appropriate cached files.
It only caches single posts right now. It may not be worth caching archive or tag pages because many sites already tell bots to ignore those pages as the server is doing less work it will serve those archive pages more quickly anyway.

The preloading only works if you’re using the plugin in Supercache or “ON” mode. It’s still a work in progress but has worked fine here. As well as the preloader the development version of the plugin has:

  1. Better support for mobile plugins.
  2. A cache tester.
  3. Can be configured to only delete the page a comment is left on, rather than the front page and associated pages.
  4. Works in WordPress 3.0.

It also has a number of bug fixes and other features added too.

I need testers though, so grab the development version from the download page. Install it and please leave feedback here or preferably on the support forum.

First Day at #WCIRL

So, day one of WordCamp Ireland draws to a close, there is a dinner tonight but the talks and sessions are over for the day.

I briefly helped John Handelaar during his talk on WordPress MU, but my main talk was on WP Super Cache. Thank you Hanni, Jane and Sheri for recording the talk. Hopefully it’ll be available online next week. In the meantime here’s the OpenOffice slides of my talk.

I must extend a big thank you to Sabrina Dent and Katherine Nolan for organising a great day and to the sponsors who made the weekend possible.

Looking forward to the dinner tonight, and the rest of the conference tomorrow.

Update! I’ve added a few photos from Day 2. I was shattered tired though as I was up until 1.30am chatting with Donnacha!

Update 2! Sabrina has written a thoughtful post about WordCamp Ireland. I for one had a great time there and so did everyone I spoke to. I totally agree with her about child minding facilities. My son Adam had a whale of a time, and is still talking about it. (and for an almost three year old, that’s a very good sign!)

Continue reading “First Day at #WCIRL”

WordPress MU 2.9.2

WordPress MU 2.9.2 has just been released and is mostly a security and bugfix release based on WordPress 2.9.2. Grab it from the download page.

As well as the security fix mentioned above, this version also fixes a few bugs, makes the blog signup process much faster and adds a new “Global Terms” Site Admin page.

The “Global Terms” page is one I should have added years ago. Currently it’s fairly bare, but hopefully in future versions of WordPress it will be expanded. It allows the Site Admin to “fix” the terms (tags and categories) used in MU blogs. These terms are normally synced with the “sitecategories” table but sometimes they go astray. This can happen if you “import” a blog using PHPMyAdmin without going through the WordPress importer, or if a plugin manipulates the terms table directly.
WordPress MU forces the “slug” used by terms to be a sanitized version of the “name”, which isn’t the case in WordPress. This page can optionally rename the terms so they match the slug. It doesn’t do the opposite because that would break public facing URLs on the site. (I must extend a big thank you to Deanna for helping debug that page)

Enjoy!

Remove unused utm_source from your urls

Sometime last year I noticed that links to my blog on Feedburner had attracted a few extra parameters. A simple link to a post became this huge monstrosity:

http://ocaoimh.ie/exploit-scanner-095/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HolyShmoly+(Holy+Shmoly!)&
utm_content=Google+Reader

It’s a marketing thing right? It’s all useful information but I don’t really care about it, have never used it and don’t like my URLs getting mangled. It annoys me for two reasons:

  • People will probably use that big long url in their own posts. Other people will use the shortened custom permalink that my blog provides. Won’t the pagerank earned by the post be split in two now?
  • It makes caching less efficient. Supercache won’t create a static cached file of the page. It will create a regular php powered cache file but when you’re running Supercache you want the very best performance don’t you?

So I added a new option to Supercache to redirect the url and get rid of the utm_source bloat.

If you want to give it a go, grab the development version of the plugin and upgrade.

Oh, and if someone has decent docs on utm_source and it’s friends I’d love to read it. Google didn’t return much when I went looking.

Exploit Scanner 0.95

I’ve just released version 0.95 of WordPress Exploit Scanner.

This release fixes a number of bugs and makes it easier to scan for exploits and read the results.

I’ve added an “Exploits” scan level which looks for obvious code that hackers use. It will return a few false positives but it’s a good first scan to try if you suspect your website has been hacked. You can then use the “Blocker” and “Severe” to scan for ever more suspect strings.

Scans are now done 50 files at a time, with the page reloading after each. The scan results are saved in the database (in your options table as not-autoloaded records to minimize load on your blog) and you can open another browser window or tab on the Exploit Scanner admin page to view the saved results even before the scan is completed.

MD5 hash records for WordPress 2.9.2 have been added, and the hash records for 2.9.1 were corrected.

In other news I’m looking for testers to try out the almost ready WordPress MU 2.9.2. More details are on the forum thread above.

WP Super Cache 0.9.9

Well, the new WP Super Cache is available now.

This release adds experimental object cache support. Don’t go looking for it unless you have an external object cache already. It won’t show up. I recommend using the Memcached object cache.

Some of the other major changes include more translations: Chinese (Pseric), Ukranian (Vitaly) and Japanese (Tai). The Italian and Japanese translations have since been updated but not included in 0.9.9. You can grab them from the languages directory if you don’t want to wait until the next release.

If you have WordPress Mobile Edition installed the plugin will grab the list of mobile user agents from that and warn if your .htaccess is outdated.

And, a small but significant change is that the PHP cache loader will use the static “super” cache if necessary. This might happen if your rewrite rules aren’t working properly and not serving cache files. At least your anonymous visitors will see some sort of cached file. Use the debugging system built into the plugin to determine where the cache comes from.

See the changelog for the complete list of changes.

WP Super Cache with Object Cache support

Here’s a quick post to encourage brave testers. I’m adding object cache support to WP Super Cache so you’ll be able to store your cached files in a memcached backend instead of disk.

It’s not complete but it’s running on this blog and well, you’re reading this which means it’s doing something and not breaking! If you want to give it a go grab the development version from the download page.

There are few caveats, but three spring to mind:

  • It won’t cache anything for “known” users. That is users who are logged in or leave comments. Usually a tiny minority of the visitors to any site.
  • Refreshing of the cache is very incomplete. If you leave a comment, the cache for that page may not update immediately. The cache lifetime is set to 30 seconds, and after you leave a comment you become a “known user” and see the uncached version of the page anyway.
  • When posts are updated the whole cache is invalidated.

If you don’t know what memcached is, or how to set it up then you probably don’t want to test this. If you do, use Google and find out about them. Unfortunately I don’t have time to explain how to install it.

Inspiration and some code taken from batcache, the excellent caching plugin we use on WordPress.com.

Update! I updated the Changelog in the readme.txt and I’m looking for testers. Here’s what’s new in the development version:

* Added experimental object cache support.
* Added Chinese(Traditional) translation by Pseric.
* Added FAQ on WP-Cache vs Supercache files.
* Use Supercache file if WP-Cache file not found. Useful if mod_rewrite rules are broken or not working.
* Get mobile browser list from WP Mobile Edition if found. Warn user if .htaccess out of date.
* Make sure writer lock is unlocked after writing cache files.
* Added link to developer docs in readme.
* Added Ukranian translation by Vitaly Mylo.
* Added Upgrade Notice section to readme.
* Warn if zlib compression in PHP is enabled.
* Added compression troubleshooting answer. Props Vladimir (http://blog.sjinks.pro/)
* Added Japanese translation by Tai (http://tekapo.com/)
* Updated Italian translation.

The biggest changes are the addition of the object cache and a small change to the php code that serves cached wp-cache files. If the mod_rewrite rules on your site don’t work for whatever reason the plugin will look for the Supercache file and serve that instead. An extra header is added to the served page when this happens. It’s all in the readme.txt!

WordPress MU 2.9.1.1

one dot one dot one dot one dot dot dot…. Yes, last week’s release of WordPress MU wasn’t to be the last one. This is. Really.

WordPress MU 2.9.1.1 fixes #1193 and #1195, two annoying but one liner bugs that crept into the last release.

This is also a security release fixing a bug in the installer that has existed for quite some time. If you can’t update yet, delete the file index-install.php immediately. That file is only used when you install WordPress MU for the first time so it’s not needed afterwards. Don’t ask, “I’m using version x.x.x, do I need to delete this file?” Just do it. Thanks Mad Sprat for reporting the problem.
The index-install.php in 2.9.1.1 is safe, but I’ve added a note at the end of the install recommending the file be removed. The file is not used after installation and it’s always a good idea to clean up unused scripts.

Get WordPress MU 2.9.1.1 on the download page or wait until your Dashboard upgrader finds the new release.
If you’re adventurous, download and replace the following files on your site to upgrade:

  1. index-install.php
  2. wp-admin/includes/mu.php
  3. xmlrpc.php
  4. wp-includes/version.php

Sorry Jeffro! 🙂

Close

Ad-blocker not detected

Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Here are a few options.

  • uBlock Origin is a free, open source, ad blocker for your browser.
  • Use pi-hole if you have a spare Raspberry Pi on your network.
  • Set the private DNS settings on your phone to dns.adguard.com to block adverts and trackers.