Join the community today
Register Now

Wordpress Differences between Wordpress regular install vs centmin.sh menu option 22 install

Discussion in 'Blogs & CMS usage' started by eva2000, Aug 18, 2018.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    38,023
    8,350
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,863
    Local Time:
    12:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    In context of Wordpress caching for centmin.sh menu option 22 wordpress auto installer for Centmin Mod 123.09beta01 and newer, you have choice of 1 of 3 caching options automatically installed and configured and the following:
    1. Redis Nginx Level Caching - centmin.sh menu option 22 will auto install redis if not detected if you choose this in centmin.sh menu option 22 setup. Otherwise, need to install redis yourself. Best combined with Autoptimize WP plugin
    2. KeyCDN Cache Enabler for full page static html caching (safest choice for balance of performance and reliability). Best combined with Autoptimize WP plugin which is now automatically configured and installed when you choose KeyCDN Cache Enabler in latest 123.09beta01 version of centmin.sh menu option 22. Also configures Cache Enabler advanced caching which uses Nginx rules/config settings to bypass PHP usage for Nginx level caching and also automatically configures corresponding system level cronjob to clear the cache as advanced caching mode can't effectively use inbuilt admin panel set cache TTL purging which relies on PHP which is bypassed.
    3. WP Super Cache for full page static html caching. Best combined with Autoptimize WP plugin
    4. Tightened security with automatic rate limiting of wp-login.php, xmlrpc.php, wp-admin/load-scripts.php and wp-admin/load-styles.php. The latter 2 scripts are to workaround Wordpress DOS Attack Flaw Security CVE-2018-6389 which Wordpress refuse to fix on their end as they say the problem should be resolved at web server level which Centmin Mod Nginx has done via centmin.sh menu option 22
    5. Tightened security with inclusion of wpsecure include file for finer grain control over which Wordpress plugins you whitelist to operate on your wordpress install - see Wordpress - Wordpress 403 Permission Denied Errors
    6. Automatic randomisation of wordpress database prefix and database name and and database username and password.
    7. Automatic optimisation of wordpress database with additional indexing for performance/scaling.
    8. Automatic randomisation of Wordpress Admin userid within wordpress database instead of userid = 1
    9. Automatic install and activation of the following Wordpress plugins, Sucuri Security, disable XML RPC, and CDN Enabler (which you disable/remove if you don't need).
    10. Automatic creation and setup of system level cronjob for automatic Wordpress plugin updating every 8 hrs. The higher frequency of update/checks reduces the window of time a Wordpress plugin could be left vulnerable in terms of security updates needing an update. The /root/tools/wp_updater_yourdomain.com.sh auto generated cronjob scripts for each centmin.sh menu option 22 created Wordpress sites also optionally allow auto update of Wordpress core if you uncomment 4 lines within the cronjob script:
      Code (Text):
      #/usr/bin/wp core check-update --allow-root
      #/usr/bin/wp core update --allow-root
      #/usr/bin/wp core update-db --allow-root
      #/usr/bin/wp core update --allow-root
      
    Centmin Mod 123.09beta01's centmin.sh menu option 22
    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 123.09beta01 centminmod.com    
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2...
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 22
    --------------------------------------------------------
    


    Centmin Mod 123.09beta01 Wordpress installs via centmin.sh menu option 22 also install and activate Sucuri Wordpress Plugin which has a file integrity checker to report if Wordpress files have been modified. You can consult that in Wordpress Admin > Sucuri Security area for Dashboard as well as look at Wordpress login and failed login history.

    Example here reports file modified in the way of 9 additional files which are Centmin Mod default installed files when creating a new Nginx vhost site, so I would mark as fixed and these 9 files as I know they are safe. If they are files reported which you are not familiar with, inspect them to see if there's any malware/malicious code.

    [​IMG]

    After marking those known 9 Centmin Mod files, Sucuri Wordpress plugin's integrity monitor would list all correct status

    [​IMG]
     
    • Like Like x 3
  2. eva2000

    eva2000 Administrator Staff Member

    38,023
    8,350
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,863
    Local Time:
    12:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    FYI, there's prep work for supporting PHP-FPM fastcgi_cache as Wordpress caching method too prep wordpress fastcgi_cache. So eventually, you will be able to select that as an option once I have done the testing for it.

    Code (Text):
    Default is to install KeyCDN WP Cache Enabler Plugin as it is more
    stable and reliable than WP Super Cache and Redis Cache.
    Redis cache may have issues with caching due to long 6hr cache TTL
    Fastcgi_cache (PHP-FPM) will have best performance
    You can select which caching method to use below:
    
    --------------------------------------------------------
           Wordpress Caching              
    --------------------------------------------------------
    1). KeyCDN Cache Enabler (default & recommended)
    2). Redis Nginx Level Caching (may have issues with some wp plugins)
    3). Wordpress Super Cache
    4). Fastcgi_cache (PHP-FPM)
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 4
    
     
    • Like Like x 1
..
Thread Status:
Not open for further replies.