Currently no built in way to deliver email from the server as Postfix (etc) not installed for security reasons and to keep your server IP address from ever getting blacklisted by Spamhaus etc. The best way to send email from WordPress is signing up for an account at SendGrid, Mailgun etc then using an API […]
Much of the goal of SlickStack is to reduce bloat in the WordPress stack. Backup plugins tend to be one of the worst contributors to bloat because they not only use lots of CPU and RAM but also save many unsafe archives of data on your local server folders, meaning a security issue too. Our […]
Not at this time. We felt that adding a secondary “http auth” login via Nginx to the WP Admin / WP login is a bit pointless. SlickStack already has built in anti-brute force features for that URI pattern, as does Cloudflare. You can even use Cloudflare to setup a DNS-level auth page or security rules […]
The vast majority of “errors” or issues with SlickStack can be solved by simply running the following scripts, sometimes repeatedly, until all files and configuration are force updated: ss-check ss-worker ss-update ss-install If you have run ss-update or ss-install for example, but encounter either errors in the shell (CLI) or frontend (e.g. 500 error, etc) […]
Yes subdomains and sub-subdomains are supported with SlickStack for both single sites and multisite networks in WordPress. Single site examples: sub.example.com sub.sub.example.com blog.example.com Multisite network examples: shops.example.com blogs.students.example.com However if you are using the “www” subdomain for vanity or usability reasons, this will also work fine — but most developers will not refer to this […]
Complete breakdown of the variations used in SlickStack config when generating SSL certificates for both OpenSSL and Let’s Encrypt (Certbot): https://github.com/littlebizzy/slickstack/blob/master/ss-encrypt.txt Single Site + Not Subdomain + Contains www + Email Alerts Single Site + Subdomain + Contains www + Email Alerts Single Site + Not Subdomain + Not www + Email Alerts Single […]
Yes you can. As of December 2019 we now support Let’s Encrypt (Certbot), as a backup SSL option instead of self-signed OpenSSL (which must be paired with Cloudflare to load properly). However the idea here is that Let’s Encrypt is a “backup” SSL option, to ensure that SlickStack does not fully rely on a third […]
The Plugin Blacklist plugin is included by default in SlickStack, but is not a required “core” MU plugin. However, there are certain categories of WP plugins that will still be force-deleted by the ss-clean Bash script in SlickStack for reasons of security and stability. We try to keep this list relatively slim, to avoid overly […]
No we will never add any UI or GUI type interface. The reason is because we want SlickStack to be as lightweight and secure as possible. Plus, this approach allows other services to build on top of SlickStack, for example if an agency wants to offer server deployment premium interface they can use SlickStack as […]
By default the following are skipped: /cart* /checkout* /my-* /contact* /dashboard* /login* /register* /order* /profile* /settings* /view* /wc-api* /wp-admin* /wp-*.php https://github.com/littlebizzy/slickstack/blob/master/nginx/default-single-site.txt