How to install WordPress, Linux, Nginx, MariaDB 10.3, PHP 7.3 (LEMP stack) on CentOS 7

LEMP (also known as LNMP) is a group of open-source software which enable a server to host dynamic websites and web applications. It consists of the Linux operating system, the (E)Nginx web server (which replaces the Apache component of a LAMP stack), the MySQL relational database management system, and the PHP programming language.

Continue reading “How to install WordPress, Linux, Nginx, MariaDB 10.3, PHP 7.3 (LEMP stack) on CentOS 7”

How to Remove Query Strings From Static Resources in WordPress

When it comes to WordPress performance, this question comes up quite a bit, and that is how to remove query strings from static resources. Your CSS and JavaScript files usually have the file version on the end of their URLs, such as www.prado.lt/style.css?ver=4.9.5. Some servers and proxy servers are unable to cache query strings, even if a cache-control:public header is present. So by removing them, you can sometimes improve your caching. This will also fix that warning you see in GTmetrix and Pingdom called “Remove query strings from static resources.”

Continue reading “How to Remove Query Strings From Static Resources in WordPress”

Using Fail2Ban to block WordPress login attacks

Introduction

WordPress is a very robust content-management system (CMS) that is free and open source. Because anyone can comment, create an account, and post on WordPress, many malicious actors have created networks of bots and servers that compromise and spam WordPress sites through brute-force attacks.

Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks. Written in the Python programming language, it is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally.

Note: In this guide, we will be using version 0.9.6 of Fail2ban on an Debian 9.4 server, but most of it should apply to other distributions as well.

Continue reading “Using Fail2Ban to block WordPress login attacks”