Posts in WordPress

WordPress-specific incidents, plugins, wp-cron, xmlrpc, and tuning.

May 10, 20268 min read
Hardening every WordPress site on cPanel in one loop
A field-tested bash loop that walks every cPanel user, finds every WordPress install, and applies an idempotent hardening checklist with weekly drift detection.
#wordpress #cpanel #hardening #bash #security
May 9, 20266 min read
When you have to suspend a WooCommerce client: anatomy
A WooCommerce client burned 40-60% CPU on a shared cPanel box for 48 hours, unreachable. The decision tree, the suspension, and the conversation after.
#cpanel #woocommerce #shared-hosting #incident-response #runbook
May 8, 202614 min read
Patchman activation breaks PHP sites: memory_limit gotcha
Patchman daily scans on cPanel push large WordPress sites past the PHP memory_limit and trigger 500s. Diagnostic flow, two-part fix, pre-activation audit.
#patchman #cpanel #php #memory-limit #wordpress #multiphp
May 7, 20268 min read
The corrupted WordPress db.php dropin nobody warned you of
WordPress says the DB connection is down but MySQL is fine, and only one site is affected. The cause is almost always a broken db.php dropin in wp-content.
#wordpress #mysql #cpanel #incident-response #dropins
May 2, 202614 min read
xmlrpc.php abuse and the 27-site one-shot fix on cPanel
A postmortem on 5,400 xmlrpc.php requests an hour from one /24, why per-site plugin fixes fail, and the shell loop that hardened 27 WordPress sites at once.
#xmlrpc #wordpress #cpanel #php-fpm #csf #htaccess
Apr 30, 202616 min read
Three real WordPress compromises and how we found them
Three anonymised WordPress compromise postmortems on cPanel: a nulled Elementor Pro backdoor, a wp_options casino injection, and a six-week data exfiltration.
#wordpress #malware #cpanel #incident-response #wp-cli #forensics
Apr 25, 202615 min read
WooCommerce filter URLs are a crawler trap: the fix
A 2026 postmortem on WooCommerce filter URLs as a crawler trap: 41,000 unique URLs/hour from Facebook and MJ12bot, the diagnostic, and a three-layer fix.
#woocommerce #facebook-crawler #mj12bot #cpanel #mod-security #faceted-navigation
Apr 22, 202617 min read
WordPress WP-Cron stacking on cPanel: a complete fix
A 2026 postmortem on WordPress WP-Cron stacking on cPanel: 41 concurrent PHP-FPM children, the HTTP loopback that doubles load, and the three-layer fix.
#wp-cron #wordpress #php-fpm #cpanel #ea-php
Apr 17, 20262 min read
Disable WP-Cron across every WordPress site on cPanel
An idempotent bash script that disables WP-Cron across every WordPress install on a cPanel server and replaces it with staggered system cron entries.
#wordpress #wp-cron #cpanel #bash