Performance Lab

TheSmithy

By WordPress Performance Group

https://wordpress.org/plugins/performance-lab/

Description

The Performance Lab plugin is a collection of modules focused on enhancing performance of your site, most of which should eventually be merged into WordPress core. The plugin allows to individually enable and test the modules to get their benefits before they become available in WordPress core, and to provide feedback to further improve the solutions.

Currently the plugin includes the following performance modules:

  • WebP Uploads: Creates WebP versions for new JPEG image uploads if supported by the server.
  • Persistent Object Cache Health Check: Adds a persistent object cache check for sites with non-trivial amounts of data in Site Health status.
  • Audit Autoloaded Options: Adds a check for autoloaded options in Site Health status.
  • Audit Enqueued Assets: Adds a CSS and JS resource check in Site Health status.
  • WebP Support: Adds a WebP support check in Site Health status.

WP-CLI secure all – Single-command WordPress security!

TheSmithy
HomePage

https://hackthewp.com/

NEW feature in >wp-cli to secure any WordPress instance in just 60 seconds.

One command to rule them all 🤘

80% of the attacks to WordPress instances could be mitigated by simply applying common security best practices [1].

wp secure all exactly does that for you. Via wp secure all common best practices are applied proactively, and you are ready to go.

What’s covered by secure all?

The security vulnerabilities identified in 2012 [2] are still the security vulnerabilities of today [1].

wp secure all made it its mission to fix this grievance and make security the defacto standard.

By executing wp secure all security best practices such as:

Fix permissions

Set the correct permissions of all files & directories in your WordPress installation.

Set security headers

We add HSTS (Strict-Transport-Security), X-XSS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy.

Disable file editor

Prevents hackers from using file editor on your WordPress Dashboard.

Prevent PHP execution on sensitive locations

To extend security, you can block direct access to PHP files in plugins, themes, wp-includes and uploads.

Block access to sensitive stuff

Prevent hackers from accessing sensitive files and directories.

And many more …

See the README for an overview of all features.

Read More

Swiper – The Most Modern Mobile Touch Slider

TheSmithy

https://swiperjs.com/

https://swiperjs.com/demos

Swiper is the most modern free mobile touch slider with hardware accelerated transitions and amazing native behavior. It is intended to be used in mobile websites, mobile web apps, and mobile native/hybrid apps.

Swiper is not compatible with all platforms, it is a modern touch slider which is focused only on modern apps/platforms to bring the best experience and simplicity.

Swiper, along with other great components, is a part of Framework7 – a fully-featured framework for building iOS & Android apps. Swiper is also a default slider component in the Ionic Framework.

Read More

Too many watched files (vscode, linux)

TheSmithy

“Visual Studio Code is unable to watch for file changes in this large workspace” (error ENOSPC)#

When you see this notification, it indicates that the VS Code file watcher is running out of handles because the workspace is large and contains many files. Before adjusting platform limits, make sure that potentially large folders, such as Python .venv, are added to the files.watcherExclude setting (more details below). The current limit can be viewed by running:

cat /proc/sys/fs/inotify/max_user_watches

The limit can be increased to its maximum by editing /etc/sysctl.conf (except on Arch Linux, read below) and adding this line to the end of the file:

fs.inotify.max_user_watches=524288

The new value can then be loaded in by running 

sudo sysctl -p
Read More

Heuristics That Almost Always Work

TheSmithy

By Astral Codex Ten

https://astralcodexten.substack.com/p/heuristics-that-almost-always-work

The Security Guard

He works in a very boring building. It basically never gets robbed. He sits in his security guard booth doing the crossword. Every so often, there’s a noise, and he checks to see if it’s robbers, or just the wind.

It’s the wind. It is always the wind. It’s never robbers. Nobody wants to rob the Pillow Mart in Topeka, Ohio. If a building on average gets robbed once every decade or two, he might go his entire career without ever encountering a real robber.

At some point, he develops a useful heuristic: it he hears a noise, he might as well ignore it and keep on crossing words: it’s just the wind, bro.

This heuristic is right 99.9% of the time, which is pretty good as heuristics go. It saves him a lot of trouble.

The only problem is: he now provides literally no value. He’s excluded by fiat the possibility of ever being useful in any way. He could be losslessly replaced by a rock with the words “THERE ARE NO ROBBERS” on it.

Read More