How to deploy HyperDB

Ever since I’ve started experimenting with HyperDB I thought that once I’ve got enough servers at my disposal, and if I ever figure out how to setup MySQL replication I’d bring the two together. I believe that day has finally come: HyperDB is now deployed across over 60 sites I’m taking care of.

I want to share with you my configuration and some of the pitfalls I’ve come across – if it helps, great. But mainly these notes are for me to remember how I did it when the next cluster needs to be built.

Read more

Calling all Forum Beta Testers

Great News: I’ve been meaning to add a general WordPress forum to this site for a while, but none of the options seemed to work well for what I wanted to do.

All I needed was a simple discussion forum, integrated into WordPress – I really didn’t want to mess around with phpBB or the likes. bbPress is in a constant state of beta and gives me a headache every time I want to make it work, SimplePress is ugly and basically all of the above are overcomplicated.

Enter Tal.ki – an embeddable forum solution that promises to give me a forum with only one line of code, or alternatively as a WordPress Plugin! It’s not live on this site – let’s test it out!

Read more

How to prevent direct file access in your wp-content directory

I was working on a secure site with sensitive video material that we needed strict members access to. Even though many plugins can make sure your direct permalinks can only be seen by logged in members, direct links to files in your wp-content directory are still accessible to others. They can even be hotlinked from other sites.

One way around this is to move the wp-content directory outside the web visible portion of your directory on the server, but even so WordPress can always link to such files. A better way is to tell your server not to give access to certain files (say ending with mp4 or mp3) and only allow access from your own domain.

We can use Apache Mod Rewrite for this – it’s a complex language that you can utilise in your .htaccess file within the wp-content folder.

Let me show you how to keep prying eyes out of your content.

Read more