Dreb Bits

Category: Web Engineering

Hardening drebbits.com

Apache to Nginx

An Attempt HTTP2
Since I am in upgrading :allthethings: mood, I decided to also use the latest technology in the http world. I stumbled into this guide by deliciousbrain plus other guides for hosting WordPress yourself.

White screen of Death
To enable http2, I needed to upgrade nginx. After upgrading from 1.6.x to 1.10.x, I was greeted with a white screen of death in my WordPress install. Here’s what fixed it:

location ~ \.php$ {
    include /path/to/fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;

The last piece I needed was the fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;

Let’s Encrypt!

After several attempts to install let’s encrypt, I finally made it after migrating over Nginx + PHP-FPM stack.

Jetpack Issues

If you ever read this post and you happen to have a suggestion in mind, please drop a comment down below 👇🏻

Purge Varnish Cache on Save

In case, someone out there trying to figure out how to purge varnish (3.x) cache in your WordPress site when updating a post/page — I’ve dealt with it this week and it’s pretty easy to accomplish it.

Now that we’re talking about purging the cache, I presumed you have varnish configured and all your setup works. To start off, if there’s no definition of purging in your vcl file, you might want to add them — https://www.varnish-cache.org/docs/3.0/tutorial/purging.html. Remember to sudo service varnish restart after modifying the file so the changes will take effect.

Now in your ever lovely WordPress:

/** * Purge Varnish cache on save * * @param int $post_id Post ID. */ function awesome_save_post( $post_id ) { wp_remote_request( esc_url( get_permalink( $post_id ) ), array( 'method' => 'PURGE' ) ); // Or store the response if you'd like to verify it further. } add_action( 'save_post', 'awesome_save_post' );

You can pop that in in your code if you only need to invalidate cache for content. For a verbose invalidation such as commenting or deleting an item and when changing themes, checkout Varnish HTTP Purge that is readily available in WordPress plugin repo.

Golden `–no-ff` rule

There’s a huge difference between merging master into feature and merging feature into master. So please for those who’s starting learning git – don’t ever make the mistake I made. Don’t disregard the use of --no-ff. In my case, I didn’t disregard it completely, though. I missed adding the flag as I perform git in terminal.

One easy way so you’ll never have to type it again and run the risk of missing it is update your global git config:

git config --global merge.ff false

When merge.ff is set to false, this always creates an extra merge commit, thus it is equivalent to adding --no-ff flag.

One golden use case:

When you revert to your merged IN master, this commit reference is the one you revert to to pull out the changes from your feature.


Following the guide How To Downgrade Droplets, I have successfully downgraded my server in Digital Ocean. As every other guide, the scenario is almost always not exactly the same so I did my part of researching to resolve issues that have arised along the way.

I’d like to note important things tailored to my needs that the guide never mentioned.

  • Export the database manually. The guide only covers copying of the files, not the database. When you have the exported file, use it to bring back the database into the new/smaller droplet.
  • Re-install openssh-server if you encounter close connection.
  • Purged and re-install mysql when couldn’t connect to local MySQL server.
  • Indeed, pay attention to warnings when reading!!
  • Overused command ssh-keygen -R [hostname]:port

My expertise isn’t lie on system or server administration but I certainly enjoy doing this stuff every once in awhile. But man, it’s hot. Don’t play with it unless you’re ready to get burned!

Activating Photon of Jetpack

Maximizing the full capacity of Jetpack, I decided to enable Photon to boost serving of images in my blog from WordPress.com end. It’s worth noting that WordPress.com rank very well in terms of DNS performance.

Along the way of discovering how to effectively use this module to match with the design specification of my blog, I have discovered few things to be mindful of.


Images are cached like forever. If you decided to update the image, renaming would be the solution.


If you experience shrinking or if it’s not serving the dimension you set, consider checking your theme functions.php for something like this code:

if ( ! isset( $content_width ) )
    $content_width = 640; /* pixels */

Add the code if there’s nothing similar to that in the file yet. Change the $content_width to the maximum width of an image you’re serving up. Photon can perfectly handle resizing of image to lower resolution but it will not upscale an image in most circumstances.


You will love this module even more for it’s capability to support retina devices out of the box!