Skip to content

Tag: how-to

Showing page 2 of 19

Purge programmatically

Select behaviors of the VIP page cache can be controlled using VIP's Cache API. Some of the Cache API controls are provided by VIP MU plugins and must be implemented by a WordPress application.

Retrieve HTTP response headers

cURL commands can be used in a terminal on a user's local machine to retrieve all HTTP response headers for a request, or to retrieve a specific HTTP response header for a request.

Partial Database Exports

Partial Database Exports with VIP-CLI allow a custom set of data to be exported from the current state of a VIP Platform environment's database.

Custom Deployment with VIP-CLI

Code that was developed in a repository other than an application’s wpcomvip GitHub repository can be deployed with VIP-CLI to a VIP Platform environment that has Custom Deployment enabled.

Custom Deployment tokens

To perform a Custom Deployment with VIP-CLI or a continuous integration process, a unique token must be generated and the token’s value must be assigned to the WPVIP_DEPLOY_TOKEN environment variable on the target environment.

wp-login

A WordPress site’s login endpoint (/wp-login.php) is a common target for brute force attempts and bad actors. On WordPress VIP, brute force attempts on a site’s /wp-login.php are detected and mitigated at the edge (i.e., firewall, NGINX). Dynamic security protocols are in place that can be triggered by unusual behavioral patterns to protect against unauthorized access and abuse of the login endpoint. An automated attack will trigger VIP’s dynamic security measures, and login attempts will be completely blocked.

WordPress Session Time

By default, a user that logs in to a WordPress site only stays logged in for 48 hours. The duration of logged-in session time increases to 14 days if the user toggles the option labeled “Remember Me” when entering their login credentials to the login portal.

Inactive Users

Users with login access can play an important role in maintaining the security of a WordPress site by following security best practices. Following security best practices is increasingly important for users that have roles with greater capabilities.

User-Defined Thresholds for anomalies

Users can define custom metric thresholds for performance anomalies based on their own criteria.

Custom error pages

When a request is unable to be processed by an application’s origin server, a server error response is returned by the nearest edge cache server (e.g., 502 Bad Gateway, 503 Service Unavailable). The user is typically served an error page styled by a default template that is supplied by the WordPress VIP Platform.