My own topics
WordPress could get very slow if used without limitations or protection. I wrote about Nginx HttpLimitReqModule and HttpLimitZoneModule a while ago which could be customised as following to protect WordPress blog.
http{
....
geo $limited {
default 1;
127.0.0.1 0;
}
map $limited $limit {
1 $binary_remote_addr;
0 "";
}
#http://wiki.nginx.org/HttpLimitConnModule
#concurrent connections limited to 200
limit_conn_zone $limit zone=concurrent:10m;
limit_conn_log_level warn;
limit_conn concurrent 200;
#http://wiki.nginx.org/HttpLimitReqModule
#PHP serve zone to limit requests to 50 per second
limit_req_zone $limit zone=php:10m rate=50r/s;
#limit searches to 100 request per minute
limit_req_zone $limit zone=search:10m rate=100r/m;
#login zone to limit login request to 1 request per second
limit_req_zone $limit zone=login:10m rate=1r/s;
limit_req_log_level warn;
server {
.....
error_page 449 = @search;
#limit search requests
if ( $arg_s ){
return 449;
}
location @search {
limit_req zone=search nodelay;
rewrite / /index.php?$args last;
include /etc/nginx/fastcgi_params;
}
location = /wp-login.php {
limit_req zone=login nodelay;
include /etc/nginx/fastcgi_params;
}
location ~ \.php$ {
limit_req zone=php burst=50;
include /etc/nginx/fastcgi_params;
}
If you are minifying scripts and css files using a caching plugin or using FastCGI cache then you might need to warmup your blog after purging your cache. This is a simple warm up cli script for WordPress to initiate cache or HHVM HHBC and making sure all pages/posts do not have errors. Additionally the script creates a urllist.txt file that you can use with siege to test load your server.
//in api/models/User.js
function validationError(invalidAttributes, status, message) {
var WLValidationError = require('../../node_modules/sails/node_modules/waterline/lib/waterline/error/WLValidationError.js');
return new WLValidationError({
invalidAttributes: invalidAttributes,
status: status,
message: message
}
);
}
var User = {
attributes: {
//...
},
ownValidate:: function (values, update, cb) {
//example of not allowed param on update
//if it is an update then do not allow email param
if (update && values.email) {
return cb(validationError({
email: [
{
message: 'Email is not allowed for updates.'
}
]
}, 400 /*status*/));
}
sails.models['user'].findOne(values.email).exec(function (err, user) {
if (err) return cb(err);
if (user) {
return cb(validationError({
email: [
{
value: values.email,
rule: 'E_UNIQUE'
/* unique validation message is left for the default one here */
}
]
}, 409));
}
});
},
beforeCreate: function (values, cb) {
return sails.models['user'].ownValidate(values, false, cb);
},
beforeUpdate: function (values, cb) {
return sails.models['user'].ownValidate(values, true, cb);
}
}
For blueprint custom messages validation
Sitemap Creator is a PHP class which creates XML sitemaps files compatible with the standard sitemaps.org protocol supported by Google and Bing.
Features
- Uses PHPCrawl class to crawl/spider the website and creates URLs set while all PHPCrawl methods and options are accessible through class.
- Ability to calculate Priority, Frequency and Last-Modified date with variety of options.
- Creates sitemaps in gzip format or uncompressed XML.
- Pings search engines with sitemaps locations.
- Reads from CSV files and exports entries in CSV format.
Nginx Error Log Reader is a php reader/parser/analyzer for Nginx error log file. the script is able to read error logs recursively then display them in a user friendly table. Script configuration includes the number of bytes to read per page and allow pagination through the error log . Additionally, table columns are sortable and full description of every error is displayed using MonnaTip.
For banning Ips, please refer to this post Using iptables to block ips that spam or attack your server
