Testing the security of your WordPress users

Disclaimer The tools and techniques discussed in this post should only be used against sites that you own or that you have permission to test. This post is intended for site owners and administrators to test the security of their own assets and should not be used to gain unauthorised access to someone else’s property. … Read more

Running a PHP application in Docker

I recently went through the process of converting one of my personal PHP projects to run in Docker. The project itself was originally intended to be as simple as possible, it’s a Blog CMS that I started as a “Vulnerable Web App” similar to DVWA to highlight vulnerable coding practices that may leave an application … Read more

Rebuilt AWS Infrastructure

I was hired as a contractor in early 2017 for some web development work. At the time, the company I was contracted to were experiencing extreme performance issues with their AWS environment. They were having to reboot their primary RDS every Monday morning to prevent it collapsing under load. Websites were very slow, often into … Read more

Using ElasticSearch with WordPress

I’m a big fan of stuff that’s cool. And ElasticSearch is really cool… I’m not going to explain ElasticSearch in any detail, that’s not my job, other better people have already done that. But I am going to discuss my experience working with ElasticSearch and WordPress on a couple of recent projects. Earlier this year … Read more