Blog
Your LRob web host's blog: news, tips, tutorials and security monitoring for the web, WordPress and hosting.
Black Friday 2024 at LRob!
From November 29 to December 6, 2024 7 days to enjoy -50% for life on selected hosting! -50% for life on selected annual web hostings Power your site faster than ever, with the maximum security and expert support you've always dreamed of. All with exemplary eco-responsibility! If you're interested in these incredible offers, find out all the details on the dedicated page. -60% on web migrations Entrust your migration to a professional hosting sysadmin for an exact, seamless copy of your content. -45% on repairs and securing... Read more >
Symfony: 8 new security vulnerabilities discovered - Analysis and recommendations
On November 6, 2024, after a year without a flaw, Symfony released eight vulnerabilities on its blog. They affect different versions of the Symfony framework. Here's a summary of these critical vulnerabilities, their potential impact, and the solutions implemented by Symfony. Understand the implications of these vulnerabilities for securing your applications. Introduction Even the most renowned frameworks like Symfony are never immune to security flaws. Whatever your application solution, vigilance is essential. Security features such as a ModSecurity application firewall and automatic blocking of... Read more >
Plesk and NGINX Reverse Proxy: Impact on performance
By default, Plesk uses NGINX as a reverse proxy for Apache. But is this default configuration optimal? What is the impact on performance? To answer these questions as a web host using Plesk, I ran load tests on a Hetzner VPS (8 AMD Epyc cores) to measure the impact of enabling NGINX as a reverse proxy on overall performance. Context and configuration As part of this benchmark, I compared server performance by enabling and disabling NGINX. I also tested NGINX cache activation (and that changes everything!). The load tests were... Read more >
Automatic WordPress updates: What are the risks and benefits for your website?
WordPress updates, whether manual or automatic, always raise questions and even fears among webmasters. These updates are necessary for the security and scalability of your site, but they also entail risks. So should you activate WordPress automatic updates? Let's explore the issues. Manual updates No matter how you update your site (manually or automatically), there are risks. On the whole, no matter whether you update automatically or manually, you're bound to run into problems sooner or later. What are the risks of... Read more >
WPMasterToolKit: the all-in-one plugin for WordPress
Discover WPMasterToolKit: the essential plugin to simplify your life and lighten your WordPress sites. This made-in-France plugin, developed by Webdeclic's talented Ludwig YOU, brings together a host of essential WordPress features, each of which you can activate with a single click. All in a single extension: simplify your management while speeding up your site! 🚀 A truly different plugin WPMasterToolKit is simple and flexible. With over 83 free, activatable features already, this plugin lets you replace countless extensions with just one. What makes WPMasterToolKit unique, apart from being... Read more >
Comparison of the 8 popular free caching plugins for WordPress: which one performs best?
Finding the best cache plugin isn't easy. You have to test it, measure its performance, find out about its long-term support... So what's the fastest cache? What's the best cache plugin? Which ones are practical and complete, which ones perform well? Do we need to pay for a good cache plugin? Today, we're trying to answer these questions with independent measurements that are as objective as possible. The test is a little «meta» in that it concerns a test on lrob.fr, a showcase/blog created with FSE (full site editing). A standard site... Read more >
What's new in Nextcloud 30?
Like every 6 months, Nextcloud has just released its new major version. The official release notes are rather limited, and no one wants to read the complete changelog... With 2,363 changes cumulated on Nextcloud 30.0.0 and 30.0.1. Fixes, new features, enhancements, dependency updates and so on. It's all quite complex to analyze and summarize. Fortunately, ChatGPT can summarize it all for us (over 2,400 lines of text and 172,879 characters). So to save you hours of your life, here's the ChatGPT summary of what you need to know from the Nextcloud 30 changelogs... Read more >
WordPress vs WP Engine conflict: ACF becomes Secure Custom Fields
The conflict between WordPress founder Matt Mullenweg and WP Engine continues to rock the WordPress community. The latest development in this affair concerns a major ecosystem plugin: Advanced Custom Fields (ACF). Since October 12, 2024, ACF has been entirely replaced on the official WordPress.org directory by Secure Custom Fields (SCF), a fork put in place by the WordPress security team. The official announcement was made via a blog post on WordPress.org. Here's what you need to know. A change officially motivated by security In a post published on October 12, 2024, Matt Mullenweg... Read more >
For the first time, an LRob IP has been blacklisted
Seeing an IP blacklisted is part and parcel of life as a web host, a daily occurrence for the biggest and most permissive ones. Nevertheless, this is a first for LRob in its 10 years of existence! The more positive among you will say that this is the ransom of glory... Inevitably, as the volume increases, so does the risk of unauthorized activity on a site. The most critical will cause a scandal. Whatever the case, at LRob we're committed to transparency. So we're here to answer all your questions. What happened and what solutions are we implementing? Here are the answers. Find out... Read more >
LRob Documentation: Migrating from MediaWiki to WordPress
Replacing a wiki with WordPress: a simpler solution for documentation At LRob, documentation management is essential, but until recently it was handled by MediaWiki. While this tool is effective for collaborative projects, it becomes cumbersome and complicated to manage when you're alone writing and maintaining documentation. It was while working on a WordPress site with numerous pages used as categories that the idea came to me: why not use WordPress to manage documentation, without any additional plugins? Why switch to WordPress? WordPress, which runs www.lrob.fr, offers... Read more >
LRob now contributes to malicious IP reporting with AbuseIPDB
For a long time, I've been looking for a way to effectively exploit the hacking data blocked by my servers. And as a WordPress hosting specialist, believe it or not, I thwart hundreds if not thousands of hacking attempts every day (and regularly repair hacked WordPress sites from other hosts). Intrusion attempts are constant, but thanks to security systems such as Fail2ban, attacks are automatically stopped before they cause any damage. However, beyond simply protecting my systems and customers, I wanted to go further: share this information and make the Internet more secure... Read more >
Blacklists (RBL): SPFBL.net's outrageous practices
Not all blacklists are created equal. And SPFBL is an example not to be followed. Don't use this blacklist and don't give in to its pressures. Read more >
WordPress vs WP Engine conflict: analysis of the drama
The world of WordPress, which powers over 40 % of the world's websites, is in turmoil. At the center of the conflict are two major players in the ecosystem: Matt Mullenweg, founder of WordPress and CEO of Automattic, and WP Engine, one of the leading hosting companies for WordPress. This confrontation, which has taken on legal proportions, raises crucial questions about control of the WordPress brand, open source, and the governance of one of the web's most influential projects. Here's a detailed analysis of the case and what's at stake. Background: WordPress and WP... Read more >
Critical security flaw in CUPS on GNU/Linux September-October 2024: What you need to know
A quadruple critical security flaw has just been discovered in CUPS for all GNU/Linux systems. This article will be updated with the new information, to provide you with a simple and effective summary of what you need to know and do. UPDATE 09/29/2024: These vulnerabilities only concern CUPS, so very few servers are affected, unless you have printers in your datacenter...! This article has been rewritten accordingly. A critical flaw: what do we know? Security researcher Simone Margaritelli discovered this set of vulnerabilities at the beginning of September.... Read more >
Best practices for your WordPress contact forms
Contact forms are essential for acquiring customers. Yet a number of these forms are poorly configured and fail to forward prospect requests... Read more >
Back to school for adults 2024: New products and special offers from LRob
💥New offers & up to -30% in September 💥Boost your back-to-school! All the details 👇 In September, adults go back to school too! And it's been exactly 1 year since I left my CDI to focus totally on the LRob business. So it's time to mark the occasion. September's schedule is packed, so let's get down to business. ⭐ What's new ⭐ 🟢 Migration to LRob can now be ordered from the LRob portal! With 3 service levels available from €120 to €499 (the latter allows the migration of 50 overnight mailboxes!). 😎... Read more >