General Wordpress Flashcards

1
Q

If you were to change the WP table prefix in wp-config.php, would this update the existing tables or create new ones?

A

Creates new ones - you effectively end up with a clean installation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the three main directories that appear in a default WP instalation?

A

wp-content
wp-admin
wp-includes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The core files are mainly where?

A

Most of the root directory, wp-admin and wp-includes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where do all the custom files (content) go?

A

wp-content

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is one of the major disadvantages of editing core files in WP?

A

Updating the software version will overwrite the changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What file contains all of the database configuration information?

A

wp-config.php

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is one easy security measure to implement with regards to wp-config.php?

A

Move it to higher than the root directory of the website. So…
myhost/public_html/wordpresssite/wp-config.php
myhost/public_html/wp-config.php

No config changes need to be done, as wordpress checks the root for the file first.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

If you need to add a new option / constant to WP - what file would you at that in?

A

wp-config.php

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What line in wp-config.php should you not edit past?

A

/* That’s all, stop editing! Happy blogging. */

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is another simple way to improve security in Wordpress?

A

Change the security keys (they are hashing salts) in wp-config.php

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Changing the security keys at any time will have what effect?

A

It will simply require users to have to log in-again (it effectively invalidates the existing cookies).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does changing the default wordpress table prefix ($table_prefix in wp-config.php) help with security.

A

If someone attempts an sql injection attack, it makes it a lot harder for them to guess the table names.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What setting would you enable to turn on debugging in WP?

A

WP_DEBUG in the wp-config.php file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the purpose of WP_SITEURL in wp-config.php?

A

It overrides the setting for SITE URL in the wp installation database. (NOTE - this is temporary and will stop working if it is removed from the file (reverting back to the database setting)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What define would you use to configure a new place for the site content?

A

define(‘WP_CONTENT_DIR’, $_SERVER[‘DOCUMENT_ROOT’] . ‘/wordpress/blog/wp-content’);

define(‘WP_CONTENT_URL’, ‘http://domain.com/wordpress/blog/wp-content’);

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What constant would you use to configure a new place for plugins?

A

define(‘WP_PLUGIN_DIR’, $_SERVER[‘DOCUMENT_ROOT’] . ‘/wordpress/blog/wp-content/plugins’);

define(‘WP_PLUGIN_URL’, ‘http://domain.com/wordpress/blog/wp-content/plugins’);

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

When developing plugins, why should you use the WP_PLUGIN_DIR and WP_CONTENT_DIR constants?

A

Because a user may configure their site differently, and if the folders are moved, it will break the plugin.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Adding post revisions (i.e. updating and revising posts) can add a huge overhead to the database, how do you prevent this from happening?

A

You can eitehr disable post revisions:

define(‘WP_POST_REVISIONS’, false);

or set a limit

define(‘WP_POST_REVISIONS’, 5);

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Wordpress uses AJAX to implement autosaves on posts - how can you configure this?

A

define(‘AUTOSAVE_INTERVAL’, 300);

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a good WP debug option for determine what is going wrong with a query?

A

define(‘SAVEQUERIES’, true);

saves all queries to an array for display.
to display them:

if (current_user_can(‘manage_options’)) {
global $wpdb;
print_r($wpdb->queries);
}

// NOTE This use of global means we are accessing a globally declared variable named $wpdb - that is outside the scope of this function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How do you enable logging in wordpress.

A

Create a php_error.log file and place it in the root WP directory. Then set the following options in wp-config.php

@ini_set(‘log_errors’, ‘on’);
@ini_set(‘display_errors’, ‘off’);
@ini_set(‘error_log’, ‘/public_html/wordpress/php_error.log’);

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

The error_log value (when specifying location) is relative to…

A

the web server document root, not the wordpress installation root.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How do you increase the allowable memory limit of a wordpress installation?

A

define(‘WP_MEMORY_LIMIT’, ‘32M’);

Only if the hosting site allows it though!!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How do you specify the default language for the site?

A

define(‘WPLANG’, ‘en-GB’);

Gives english, great britain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How do you set the language directory?

A

define(‘LANGDIR’, ‘/wp-content/bury/my/languages’);

26
Q

What file extensions are used for language translation?

A

.mo and .po

27
Q

If you wanted two or more WP installs to use the same user data - what option would you use?

A

define(‘CUSTOM_USER_TABLE’, ‘joined_users’);
define(‘CUSTOM_USER_META_TABLE’, ‘joined_usermeta’);

Make sure you do this before installing the site.

28
Q

What information is shared, if you use the CUSTOM_USER_TABLE, CUSTOM_USER_META_TABLE constants to share user data?

A

Login information, bio’s, passwords etc.

29
Q

If you want users to have the same login data - but not share the same roles on different sites - what would you do?

A

Change the CUSTOM_USER_TABLE value to share the other site info - but don’t change the CUSTOM_USER_META_TABLE constant.

30
Q

What constants should be checked if you run into issues with COOKIES?

A

COOKIE_DOMAIN
COOKIEPATH
SITECOOKIEPATH

31
Q

If you try to install a plugin or theme, but you keep getting asked for your FTP information - what is the likely issue?

A

Your host may not be setup to deal with the automatic install process. To fix this you can configure FTP in the wp-config.php file.

define(‘FTP_USER’, ‘username’);
define(‘FTP_PASS’, ‘password’);
define(‘FTP_HOST’, ‘ftp.example.com:21/’);

32
Q

What constant defines the FTP settings for the base plugin directory?

A

define(‘FTP_PLUGIN_DIR’, ‘public_html/wordpress/plugin’);

33
Q

How would you specify your public and private SSH key for ftp?

A

define(‘FTP_PUBKEY’, ‘absolute path to file’);

define(‘FTP_PRIVKEY’, ‘absolute path to file’);

34
Q

What defines could you use to override the default file permissions in WP?

A

define(‘FS_CHMOD_FILE’, ‘0644’);

define(‘FS_CHMOD_DIR’, ‘0755’);

35
Q

What is another reason - when hosting a WP installation, that auto updates / plugin installs don’t work?

A

The host company may have very strict file system rules - using the define (‘FS_CHMOD_FILE / DIR’) constants may fix this.

36
Q

What option is required for some caching plugins to work?

A

define(‘WP_CACHE’, true);

This will include the file wp-content/advanced-cache.php

37
Q

How would you print a list of defined constants in your wordpress installation?

A

print_r(@get_defined_constants());

38
Q

How would you force SSL login for a site (i.e. it would require users to login via https)?

A

define(‘FORCE_SSL_LOGIN’, true);

39
Q

How would you force all admin pages to use ssl?

A

define(‘FORCE_SSL_ADMIN’, true);

40
Q

Is using SSL simply a matter of turning on the option in WP?

A

No - you have to configure the site to use SSL.

41
Q

What is the default time before the ‘trash bin’ is emptied in WP?

A

30 days

42
Q

How do you configure the duration before the ‘trash bin’ empties?

A

define(‘EMPTY_TRASH_DAYS’, 7);

43
Q

What happens if you set EMPTY_TRASH_DAYS to 0?

A

The trash link is replaced with a delete permanently link - note: it will NOT ask for confirmation.

44
Q

What things does wordpress ‘cron’ do?

A

It checks for new themes, updates, scheduled posts etc.

45
Q

How do you disable wordpress cron?

A

define(‘DISABLE_WP_CRON’, true);

46
Q

What is one particular risk with rewrite rules when including an images directory that is mean to server images without starting the WP core?

A

The user may mistype the image file - the default rewrite rules say, if it can’t find the file, then pass it off to WP core to resolve. Of course - it can’t, so rather than getting a 404 (like you should) you get the default content of WP. To resolve: Either put wp in it’s own directory and have the images in another subdirectory outside of it’s folder (and hence rewrite rules) - or add a rewrite rule that passes image requests off to the web server:

RewriteRule ^images/(.*) images/$1 [L]

47
Q

What file can you setup redirects in if you were to say change the URL for your about page?

A

The .htaccess file. You would add a redirect rule:

redirect 301 /about http://example.com/about-me

Permanently redirects anything to the about page, to the about-me page.

48
Q

How would you secure the wp-admin directory?

A

You can add a .htaccess file in that directory that restricts access by IP address. Note: If you allow open registrations to your site - you can’t lock it off in this way.

49
Q

How do you set a site into maintenance mode?

A

Add a .maintenance file to the root directory. Add the following code:

50
Q

How would you create a custom maintenance page?

A

Create a new maintenance.php page and it to the wp-content directory.

51
Q

Which folder contains all of the user made content?

A

wp-content

52
Q

What is the purpose of the index.php file in the root of wp-content?

A

It is empty, but it is there to prevent users from trying to get access (get a directory listing) of wp-content. If the webserver allowed directory listings and this file didn’t exist, they could see what plugins are installed.

53
Q

Where are user created plugins placed?

A

wp-content/plugins

54
Q

If the plugin in wp-content/plugins is determined to be ‘valid’ - where will it appear?

A

Plugins => Installed Plugins panel

55
Q

What is in the wp-content/mu-plugins folder?

A

Must Use plugins

56
Q

Where are ‘themes’ located?

A

wp-content/themes

57
Q

Each theme must be located in…

A

its own subdirectory

58
Q

What is the minimum than can be in a theme directory?

A

an index.php and style.css file

59
Q

If you have successfully added a theme, where will it appear?

A

appearance => Themes

60
Q

What is the issue with wp-content and write permissions relating to uploading content?

A

When you upload the first image - you must set the folder to be world writable so that it can create the upload folder. Then reset it to 755 for security purposes.

61
Q

What is the wp-content/upgrade

A

The upgrade folder is automatically created by WP when it uses the automated update process.

62
Q

Can plugins create their own folder structures outside of the standard folders for use in the plugins?

A

Yes