Skip to content

Instantly share code, notes, and snippets.

View jessuppi's full-sized avatar
❤️
let the bodies hit the floor

Jesse Nickles jessuppi

❤️
let the bodies hit the floor
487 followers · 9.7k following
View GitHub Profile
@joepie91
joepie91 / wildcard-certificates.md
Last active July 2, 2024 11:59
Why you probably shouldn't use a wildcard certificate

Recently, Let's Encrypt launched free wildcard certificates. While this is good news in and of itself, as it removes one of the last remaining reasons for expensive commercial certificates, I've unfortunately seen a lot of people dangerously misunderstand what wildcard certificates are for.

Therefore, in this brief post I'll explain why you probably shouldn't use a wildcard certificate, as it will put your security at risk.

A brief explainer

It's generally pretty poorly understood (and documented!) how TLS ("SSL") works, so let's go through a brief explanation of the parts that are important here.

The general (simplified) idea behind how real-world TLS deployments work, is that you:

@Scumtron
Scumtron / 99-sysctl.conf
Last active July 8, 2023 16:03
/etc/sysctl.d/99-sysctl.conf
# Kernel sysctl configuration file for Linux
# Version 1.11 - 2015-07-07
# Aysad Kozanoglu Aysad K.
# This file should be saved as /etc/sysctl.conf and can be activated using the command:
# sysctl -e -p /etc/sysctl.conf
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and sysctl.conf(5) for more details.
#
# Tested with: Ubuntu 14.04 LTS kernel version 3.13
# Debian 7 kernel version 3.2
@jessuppi
jessuppi / emergency.php
Last active February 19, 2018 17:36
WordPress Password Recovery Script
<?php
/*
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
@holmberd
holmberd / php-pools.md
Last active April 19, 2025 05:22
Adjusting child processes for PHP-FPM (Nginx)

Adjusting child processes for PHP-FPM (Nginx)

When setting these options consider the following:

  • How long is your average request?
  • What is the maximum number of simultaneous visitors the site(s) get?
  • How much memory on average does each child process consume?

Determine if the max_children limit has been reached.

  • sudo grep max_children /var/log/php?.?-fpm.log.1 /var/log/php?.?-fpm.log
@leeoniya
leeoniya / letsencrypt_2017.md
Created December 31, 2017 02:54 — forked from cecilemuller/letsencrypt_2020.md
How to setup Let's Encrypt for Nginx on Ubuntu 16.04 (including IPv6, HTTP/2 and A+ SLL rating)

How to setup Let's Encrypt for Nginx on Ubuntu 16.04 (including IPv6, HTTP/2 and A+ SLL rating)

There are two main modes to run the Let's Encrypt client (called Certbot):

  • Standalone: replaces the webserver to respond to ACME challenges
  • Webroot: needs your webserver to serve challenges from a known folder.

Webroot is better because it doesn't need to replace Nginx (to bind to port 80).

In the following, we're setting up mydomain.com. HTML is served from /var/www/mydomain, and challenges are served from /var/www/letsencrypt.

@mlbd
mlbd / How to detect if a WordPress plugin is active.php
Created November 19, 2017 13:02 — forked from llgruff/How to detect if a WordPress plugin is active.php
A function you can use to check if plugin is active/loaded for your plugins/themes
<?php
/**
* Detect if a WordPress plugin is active
* A function you can use to check if plugin is active/loaded for your plugins/themes
* @link //gist.github.com/llgruff/c5666bfeded5de69b1aa424aa80cc14f
*/
// When coding plugins that rely on another one, like Private Content for bbPress or Visual Attributes for WooCommerce, you need to make if the WordPress Plugin is active to initialize your plugin routines or display a notice saying that the required plugin must be activated. In this tutorial we’ll see how to detect whether a certain plugin is active in a couple of ways.
## 1. Check whether a certain class or function or constant exists
@stefanogram
stefanogram / wpinstaller
Last active July 16, 2020 07:10
Script to install WordPress on Debian/Ubuntu VPS server.
#!/bin/bash
#Notes:
# When you make the file, you need to:$ chmod +x wpinstaller , that will make the script executable,
# Then execite the script with:$ ./wpinstaller
# Create the database (MySQL)
read -p "Enter your MySQL root password: " rootpass
read -p "Database name: " dbname
read -p "Database username: " dbuser
read -p "Enter a password for user $dbuser: " userpass
echo "CREATE DATABASE $dbname;" | mysql -u root -p$rootpass
@jessuppi
jessuppi / admin-notices.php
Last active June 4, 2018 20:54
Recommended Plugins Notice (Dismissable + Recurring)
<?php
// Subpackage namespace
namespace LittleBizzy\HeaderCleanup;
/**
* Admin Notices class
*
* @package WordPress
* @subpackage Admin Notices
@voluntas
voluntas / sysctl.conf
Created October 14, 2017 13:07 — forked from techgaun/sysctl.conf
Sysctl configuration for high performance
### KERNEL TUNING ###
# Increase size of file handles and inode cache
fs.file-max = 2097152
# Do less swapping
vm.swappiness = 10
vm.dirty_ratio = 60
vm.dirty_background_ratio = 2
@MikeNGarrett
MikeNGarrett / wp-config.php
Created October 14, 2017 01:56
Disable admin-ajax on the front-end of WordPress sites and cache the resulting 404.
<?php
if(
strpos( $_SERVER['HTTP_REFERER'], 'wp-admin' ) === false &&
strpos( $_SERVER['REQUEST_URI'], 'admin-ajax.php' ) !== false
) {
header( 'Cache-Control: max-age=30000, must-revalidate' );
header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', strtotime( '+5000 minutes' ) ) . ' GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s', strtotime( '-5000 minutes' ) ) . ' GMT' );
header( $_SERVER["SERVER_PROTOCOL"]." 404 Not Found" );
die;