Last active
January 17, 2025 19:39
-
-
Save groundcat/69d4911948a8c295a7469693765089a2 to your computer and use it in GitHub Desktop.
WordPress optimization for wp-config.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WP ... | |
| # Hide .htaccess and wp-config.php | |
| <Files .htaccess wp-config.php> | |
| order allow,deny | |
| deny from all | |
| </Files> | |
| # Block wp-includes folder and files | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteRule ^wp-admin/includes/ - [F,L] | |
| RewriteRule !^wp-includes/ - [S=3] | |
| RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] | |
| RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] | |
| RewriteRule ^wp-includes/theme-compat/ - [F,L] | |
| </IfModule> | |
| # Prevent username enumeration | |
| RewriteCond %{QUERY_STRING} author=d | |
| RewriteRule ^ /? [L,R=301] | |
| # Prevent script injection | |
| Options +FollowSymLinks | |
| RewriteEngine On | |
| RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] | |
| RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR] | |
| RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2}) | |
| RewriteRule ^(.*)$ index.php [F,L] | |
| # Disable xml-rpc.php if not using mobile app for site management | |
| <files xmlrpc.php> | |
| order allow,deny | |
| deny from all | |
| </files> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Add to the `wp-config.php` file | |
| set_time_limit(300); | |
| ini_set('max_execution_time', 300); | |
| ini_set('memory_limit', '1024M'); | |
| ini_set('post_max_size', '128M'); | |
| ini_set('upload_max_filesize', '128M'); | |
| ini_set('max_input_time', 300); | |
| ini_set('max_input_vars', 16000); | |
| /* Auto update WP core */ | |
| define( 'WP_AUTO_UPDATE_CORE', true ); | |
| /* WP behavior optimization */ | |
| define( 'WP_POST_REVISIONS', 3 ); | |
| define( 'AUTOSAVE_INTERVAL', 160 ); | |
| define( 'IMAGE_EDIT_OVERWRITE', true ); | |
| define( 'FORCE_SSL_ADMIN', true ); | |
| /* Memory optimization */ | |
| define( 'WP_MEMORY_LIMIT', '1024M' ); | |
| define( 'WP_MAX_MEMORY_LIMIT', '1024M' ); | |
| /* Repair and optimize the WordPress database */ | |
| define( 'WP_ALLOW_REPAIR', true ); | |
| /* WP-Cron performance, remember to schedule a daily cron job */ | |
| define( 'DISABLE_WP_CRON', true); | |
| define( 'WP_CRON_LOCK_TIMEOUT', 120 ); | |
| /* Compression */ | |
| define( 'COMPRESS_CSS', true ); | |
| define( 'COMPRESS_SCRIPTS', true ); | |
| define( 'CONCATENATE_SCRIPTS', true ); | |
| define( 'ENFORCE_GZIP', true ); | |
| /* Disallow file edit */ | |
| define('DISALLOW_FILE_EDIT', true); | |
| /* That's all, stop editing! Happy publishing. */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment