Install and update translations in WordPress with Composer

Using Composer is a great way of organizing your WordPress project, with WordPress itself, plugins and themes declared as dependencies. However, an issue I’ve often seen is how you install translation files and keep them updated.

Continue reading “Install and update translations in WordPress with Composer”

Wildcard certificate from Let’s Encrypt with CloudFlare DNS

If you’re using CloudFlare to host your DNS, there is a plugin for the official Let’s Encrypt client Certbot you can use to easily acquire and renew wildcard certificates from Let’s Encrypt.

Continue reading “Wildcard certificate from Let’s Encrypt with CloudFlare DNS”

Debug and profile your WordPress sites with Xdebug in Local by Flywheel (using PhpStorm)

This article is not an introduction to neither Xdebug, Local by Flywheel nor PhpStorm, but shows you how you can get started with debugging and profiling your WordPress sites in PhpStorm when using Local by Flywheel as a local development environment. You should already know what Xdebug is before reading this article. This is how you get started with Xdebug in Local by Flywheel.

Continue reading “Debug and profile your WordPress sites with Xdebug in Local by Flywheel (using PhpStorm)”

Gravity Forms personal data exporter and eraser

When WordPress 4.9.6 launched on May 17, 2018 it came with new tools for exporting and erasing personal data that you may have collected (you know, GDPR and all). But Gravity Forms as of version 2.3.2 doesn’t integrate with these tools. Fortunately, it is really easy to write your own exporters and erasers.

Continue reading “Gravity Forms personal data exporter and eraser”

How to mitigate CVE-2018-6389 – the load-scripts.php DoS “attack” in WordPress

A little sensationalist written blog post by Barak Tawily claims that WordPress is vulnerable to a DoS attack because of the load-scripts.php file which concatenates JavaScript files on the fly.

Continue reading “How to mitigate CVE-2018-6389 – the load-scripts.php DoS “attack” in WordPress”

HTTP/2 Push WordPress Assets to First-Time Visitors

With HTTP/2 push you can effectively send a web page’s assets to the client before the client even knows about them. Here’s how you can HTTP/2 push WordPress assets to your first-time visitors.

Continue reading “HTTP/2 Push WordPress Assets to First-Time Visitors”

Cut 90% of your WordPress translations loading time

WordPress translations are compiled from human-readable PO-files into machine optimized MO-files, but still takes a lot of overhead to load. If you only could cache the translation load time, you would save a lot of page load time. We can easily cut 90% of our WordPress translations loading time.

Continue reading “Cut 90% of your WordPress translations loading time”