TIL: If you have a #GravityForms on a #WordPress page, and that form has an image upload field, you may need to disable server caching on the page where that form is in order for the image upload feature to work correctly and consistently when uploading images directly from a phone.
#selfhosting
boosted
If you are #selfHosting #WordPress and have access to the underlying filesystem, the best thing you can do to secure WP is change the permissions on your WP tree so it isn't writable by your web server user, except for the upload and temporary directories that WP needs to write into.
This prevents updates through the WP dashboard, so you need to regularly check for updates and loosen permissions while applying them.
I have a shell script for toggling permissions: https://gist.github.com/jikamens/9037496f01a4343578167a99a7ec78e6
#infosec
If you are #selfHosting #WordPress and have access to the underlying filesystem, the best thing you can do to secure WP is change the permissions on your WP tree so it isn't writable by your web server user, except for the upload and temporary directories that WP needs to write into.
This prevents updates through the WP dashboard, so you need to regularly check for updates and loosen permissions while applying them.
I have a shell script for toggling permissions: https://gist.github.com/jikamens/9037496f01a4343578167a99a7ec78e6
#infosec