Skip to content

WordPress site

General

Related Topics
  • configure ghost and wordpress combo

    Moved Solved WordPress
    9
    7 Votes
    9 Posts
    97 Views

    @Madchatthew I’d always post for the reasons I stated above. It’s useful information and could save someone else the headache.

  • 2 Votes
    11 Posts
    573 Views

    Thanks for your inputs ♥️

  • How to fix no img attribute from this code

    Solved WordPress
    7
    1 Votes
    7 Posts
    332 Views

    Yes, I am aware that if users are given the option to enter alt text, some may do so in an abusive manner. For the time being, we’ve adjusted the php script to generate the alt automatically, thus there are no longer any SEO problem with alt images.

  • Flarum - WordPress Journey

    WordPress
    59
    22 Votes
    59 Posts
    5k Views

    @Sala I will likely need admin access to your site for this.

  • move out from flarum to wordpress

    WordPress
    87
    52 Votes
    87 Posts
    9k Views

    @Hari Glad to see this went so well, and that you’ve finally departed the Flarum ecosystem 🙂

  • 1 Votes
    2 Posts
    320 Views

    @hari the cache level for woocommerce should always be bypass. Any caching of woocommerce will cause you serious issues and will result in the checkout process not functioning correctly.

    This does mean that the overall experience will be slower (depending on geographic location) although CF is known to cause significant issues hence the need to bypass.

    If you want to cache as much as possible, then set rules to bypass caching on the cart and account pages etc.

  • 1 Votes
    13 Posts
    1k Views

    @phenomlab said in Hardening WordPress - Reducing the attack vector:

    @jac Microsoft’s and Google’s Authenticator both support TOTP - essentially, a time based system that changes every 30 seconds. The main principle here is that the device itself carrying the One Time Passcode only needs to be in sync with the source server in terms of time, and can be completely offline with no internet access.

    Provided the time matches on both devices, the One Time Passcode will be accepted. Applications such as Microsoft Authenticator and Authy also support push notification meaning you just choose either yes or no on your device when prompted, and then that response is sent back to the origin which then determines if access is granted or not.

    One of the best looking password less authentication models was CLEF - sadly, this product died out due to a lack of funding (if I recall correctly) although some open source implementations of this have appeared quite recently.

    Essentially, both products will achieve the same goal. TOTP is an industry standard, and widely accepted across the board. Not all services offer push confirmation.

    Many thanks for the detailed reply mate.

    There’s some great advice in there that will help me secure my accounts.

  • WordPress installation

    WordPress
    6
    0 Votes
    6 Posts
    523 Views

    @phenomlab said in WordPress installation:

    @jac that plugin is for single sign on between WordPress and NodeBB. The plugin you really need is this

    Brilliant, that does look good! 😁