How to search and replace in nano
- Press
Ctrl+\ - Enter the search string and press
Return - Enter the replacement string and press
Return - Press
Ato replace all instances
Recources for CSS Grid
How to block xmlrpc.php globally in Apache 2.4 with exceptions for specific sites
This snippet for Apache 2.4 forbids access to xmlrpc.php by default and then adds exceptions for specific sites. The sites that get an exception are specified using the Directory directive.
# Forbid access to xmlrpc.php globally at server level
<Files "xmlrpc.php">
Require all denied
</Files>
# Add exception for a site that needs XML-RPC
<Directory "/web/site-1/public">
<Files "xmlrpc.php">
Require all granted
</Files>
</Directory>
# Add exception for a second site that needs XML-RPC
<Directory "/web/site-2/public">
<Files "xmlrpc.php">
Require all granted
</Files>
</Directory>
Documentation: httpd.apache.org/docs/2.4/mod/core
WordPress CLI commands
A selection of WP-CLI commands
| Command | Comment |
|---|---|
$ sudo -u USERNAME -- wp COMMAND |
Runs COMMAND as user USERNAME |
$ sudo wp cli update |
Updates WP-CLI itself |
$ wp core update --version=VERSION --force |
Downgrades WordPress to specified VERSION (e.g., 5.0.2) |
$ wp db cli |
Opens a MySQL console using credentials from wp-config.php |
$ wp db export --add-drop-table |
Exports database adding DROP TABLE before each CREATE |
$ wp media image-size |
Lists registered image sizes |
$ wp media import *.png |
Adds all PNG files in current directory to the media library |
$ wp media regenerate |
Regenerates thumbnails for one or more attachments |
$ wp plugin list --status=active |
Lists all active plugins |
$ wp plugin list --status=inactive |
Lists all inactive plugins |
$ wp post delete 99 |
Deletes (to bin) post with ID 99 |
$ wp post delete $(wp post list --cat=9 --format=ids) |
Deletes (to bin) all posts in category with ID 9 |
$ wp post delete $(wp post list --post_status=trash --format=ids) |
Deletes all posts from the trash |
$ wp post update $(wp post list --author=1 --format=ids) --post_author=2 |
Trasfers all entries by user with ID 1 to user with ID 2 |
$ wp post-type list |
Lists registered post types |
$ wp search-replace 'a' 'b' --skip-columns=guid |
Replaces a with b in database skipping the guid column |
$ wp term list category |
Lists categories |
$ wp user list --orderby=ID |
Lists users ordered by ID |
All available WP-CLI commands and subcommands: developer.wordpress.org/cli/commands
How to block HTTP/1.* requests to wp-login.php in Apache 2.4
<Files "wp-login.php">
<If "%{SERVER_PROTOCOL} == 'HTTP/1.1' || %{SERVER_PROTOCOL} == 'HTTP/1.0'">
Require all denied
</If>
</Files>
Blocking HTTP/1.0 and HTTP/1.1 requests to wp-login.php can be useful under two conditions:
- Pages are served via HTTP/2 (exclusively or preferentially)
- People are expected to log in via browsers that support HTTP/2: caniuse.com/#feat=http2
Custom error response
The rule above will of course block people with older browsers (for example, users of Internet Explorer on systems older than Windows 10). A custom error response can help in this case. Note that, in order to appear in Internet Explorer, the response must be at least 512 bytes.
How to add a custom response error to the rule:
<Files "wp-login.php">
<If "%{SERVER_PROTOCOL} == 'HTTP/1.1' || %{SERVER_PROTOCOL} == 'HTTP/1.0'">
Require all denied
ErrorDocument 403 "\
Forbidden: Logging in requires a newer browser.\
<!--\
PADDING FOR INTERNET EXPLORER\
The purpose of this comment is to\
increase the size of the response to at least 512 bytes.\
By default Internet Explorer shows its own friendly message\
if the response is smaller than 512 bytes.\
-->\
"
</If>
</Files>