WordPress VIP Archives - Ryan Kienstra

Fast WordPress Searches

Fast WordPress Searches

By: Ryan Kienstra on: January 8, 2015  in: WordPress VIP

If you have a lot of content on WordPress, you’ll need a fast way to search it. Maybe you have a directory with an advanced search. WordPress VIP agency 10up recently released their Engineering Best Practices. These have many techniques for fast WordPress searches. Prefer WP_Query To get_posts 10up explains that the get_posts function actually […] Read more

WordPress VIP Unique Standards

WordPress VIP: Unique Standards

By: Ryan Kienstra on: January 6, 2015  in: WordPress VIP

Many of the VIP coding standards are different from self-hosted WP standards. The size and structure of VIP multi-sites often require different coding. Users There’s a single database for all users in WordPress.com. So you can’t do any CRUD operations on it: create, read, update, or delete. To parse the users, call get_users() and operate […] Read more

WordPress VIP caching

WordPress VIP Caching

By: Ryan Kienstra on: January 5, 2015  in: WordPress VIP

Many of the WordPress VIP coding standards are meant to ensure that caching works. So these standards can help most sites that use caching. Batcache is the full-page caching system that WordPress VIP sites use. After a set number of requests for the same page, it saves a copy and serves it to new visitors. It […] Read more

WordPress VIP Similarities

By: Ryan Kienstra on: January 4, 2015  in: Security, WordPress VIP

Some of the coding standards for the WordPress VIP platform are similar to the normal WP standards. Developers with plugins and themes on wordpress.org will know them. But these become more important in the high-volume VIP multi-sites. These practices can improve security and performance of any WordPress site. Remote Requests Use the WordPress APIs, like […] Read more

escaping WordPress output icon

Escaping WordPress Output

By: Ryan Kienstra on: January 3, 2015  in: Security, WordPress VIP

Never assume anything. That’s a core principle of the WordPress VIP Standards. Don’t assume that data is secure. Even if it was validated on input. Even if an administrator entered it. Almost all PHP values should be escaped when they’re echoed. This will guard against malicious scripts. And ensure that the display isn’t broken by the […] Read more

securing input shield

Securing WordPress Input

By: Ryan Kienstra on: December 31, 2014  in: Security, WordPress VIP

Lessons From The VIP Standards All data entered on a site should be checked, no mattter who entered it. Even the administrator could click a malicious link. There are two methods of securing WordPress input: validation and sanitization. As with any security issue, use the most restrictive measure you can. Therefore, Prefer Validation to Sanitization Validation […] Read more