PHP gets enough flack for being insecure and untamed. Moving toward stronger security and stricter coding is one of the benefits of PHP 7+ The short answer is you should pretty much always use strict_types whenever possible, these days. However, if you’re upgrading old code, you of course need to be sure that everything works […]
This page to be updated asap for PHP 7.2 and PHP 7.4 focus… below are historically known dangerous PHP functions: exec,shell_exec,curl_exec,curl_multi_exec,escapeshellarg,system,mail,passthru,proc_open,proc_close,proc_terminate,popen,curl_exec,parse_ini_file,show_source,dl
Because this emerging header was announced in 2018 and various browsers and entities are running with it in different ways, it means that depending on who you ask the supported options are totally different. In order to support all major browsers and environments, we have to be aware of every single common Feature Policy option: […]
What are the available timezones in SlickStack for the server itself? Well that depends on Ubuntu itself. The format of the timezone you want is very important, because Ubuntu does not like to use acronyms like GMT or UTC (except, confusingly, for the standard UTC timezone itself). Change the SS_TIMEZONE variable in ss-config using the […]
There are currently two variables in the ss-config file which are SITE_TLD and SITE_DOMAIN. The reason for this is that SlickStack aims to be as verbose as possible so that advanced developers can understand and control what is going on (to avoid unclear behind-the-scenes configuration). SITE_TLD = The top-level domain that you want to install […]
One of the most common questions we get is about servers (websites) that have completed the ss-install process but are seeing redirect loop error messages in the browser on the frontend. This is nearly always caused by the Cloudflare “SSL” tab settings being set to “flexible SSL” instead of “full SSL”. The issue is that […]
## MYSQL_MODE = e.g. ALLOW_INVALID_DATES (or) ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION https://dev.mysql.com/doc/refman/5.7/en/sql-mode.html
Exhaustive (evolving) list of common tables in MySQL in WordPress sites. wp_wi_logs (WebinarIgnition)
If you are using SlickStack and are using our default plugin blacklist.txt file then, assuming you are not going to be using the plugins we recommend not using, you can safely delete all of the following tables from your MySQL database: wp_404_to_301 wp_blc* (Broken Links Checker) wp_duplicator* (Duplicator) wp_links (WP Core) wp_ewwwio_images wp_layerslider* (Layerslider) wp_optimizepress* […]
By default SlickStack now bundles the open source Adminer script. This script is placed securely in the /var/www/meta/ directory which cannot be accessed by WordPress or any frontend users. The script can be updated or reinstalled anytime by reinstalling SlickStack. Using Nginx magic, the script is loaded on the frontend at: https://example.com/adminer You can also […]