PHP OPcache Misconfiguration — Why Your WordPress Site Slows Down After Updates
· 11 min read
How to diagnose and fix PHP OPcache misconfigurations that cause WordPress slowdowns, stale code after updates, and random cache resets.
Blog
Technical deep-dives from real client work. How I diagnosed, fixed, and prevented WordPress issues.
How I Traced 100,000 Failed Logins to a Single xmlrpc.php Exploit — And Shut It Down in Minutes
· 12 min read
WordPress xmlrpc.php lets attackers try thousands of passwords in one request. Here's how to detect and block XML-RPC brute force attacks at the server level.
Why Your WordPress Admin Dashboard Is Slow — A Systematic Diagnosis Guide
· 12 min read
How I diagnose a slow WordPress admin using Query Monitor, WP-CLI, and slow query logs to find the actual bottleneck instead of guessing.
Why Your WordPress Server Ran Out of Disk Space — The Six Places I Always Check
· 11 min read
A systematic guide to diagnosing what's eating disk space on a WordPress server, from runaway logs to forgotten backups and bloated MySQL data.
How I Fix the WordPress HTTP Error When Uploading Images — The Five Causes I Keep Seeing
· 9 min read
The WordPress media upload 'HTTP error' has no useful detail. Here are the five server-side causes I find most often and the exact fixes for each.
Why Your WooCommerce Webhooks Stopped Working — And Nobody Told You
· 12 min read
WooCommerce silently disables webhooks after repeated delivery failures. Here's how to diagnose and prevent silent data loss.
How Attackers Find Your WordPress Admin Username — and How to Stop Them
· 10 min read
Four ways attackers discover WordPress usernames via author archives, REST API, oEmbed, and sitemaps — and exact fixes for each one.
How I Traced Duplicate WooCommerce Orders to a Race Condition Between Webhooks and Checkout
· 13 min read
A WooCommerce store was charging customers twice. Here's how I found three separate causes and the fixes that stopped every one of them.
How I Fix ERR_TOO_MANY_REDIRECTS on WordPress Sites — The Six Causes I See Over and Over
· 10 min read
A systematic guide to diagnosing and fixing WordPress redirect loops, from Cloudflare SSL modes to reverse proxy headers and plugin conflicts.
How I Diagnose WordPress cURL Error 28 — The Timeout That Breaks Everything
· 11 min read
Step-by-step guide to diagnosing and fixing WordPress cURL error 28 connection timeouts affecting Site Health, plugin updates, and WooCommerce.
What to Do When a WordPress Plugin Update Breaks Your Site
· 9 min read
How to diagnose and fix a WordPress site broken by a plugin update using Recovery Mode, WP-CLI rollback, SFTP, and safe update practices.
How I Traced a WordPress Redirect Hack Across .htaccess, the Database, and a Hidden Backdoor
· 9 min read
Step-by-step diagnosis and cleanup of a WordPress redirect hack using WP-CLI, grep, and SQL to find malware in .htaccess, wp_posts, and a mu-plugin.
How I Audited 70 WordPress Sites in Under an Hour After the EssentialPlugin Supply Chain Attack
· 13 min read
Step-by-step guide to checking if your WordPress site was compromised by the EssentialPlugin backdoor that hit 400,000+ installs in April 2026.
How I Blocked 50,000 WordPress Login Attacks Per Day with Fail2Ban and Nginx
· 9 min read
Step-by-step guide to stopping WordPress brute force attacks at the server level using Fail2Ban jails, Nginx rate limiting, and XML-RPC lockdown.
Why Your WordPress Emails End Up in Spam — And How to Fix It
· 11 min read
How I diagnosed and fixed a WooCommerce store's emails landing in spam using SMTP, SPF, DKIM, and DMARC. Step-by-step guide.
Diagnosing admin-ajax.php High Server Load on a WooCommerce Store
· 11 min read
How I traced a WooCommerce store's crippling server load back to admin-ajax.php — and the three fixes that cut AJAX requests by 90%.
Why admin-ajax.php Was Eating 40% of a Client's Server CPU
· 10 min read
How I traced a WordPress performance problem to excessive admin-ajax.php requests and fixed it with log analysis, Heartbeat tuning, and nginx rate limiting.
How a Slow Carrier API Quietly Turned a WooCommerce Checkout Into a 504 Factory
· 15 min read
A WooCommerce store hit 504 Gateway Timeouts at checkout. The cause was a blocking shipping rate API call. Here is how I found and fixed it.
Nginx FastCGI Cache for WooCommerce Without Breaking the Cart
· 13 min read
How I fixed a WooCommerce store where customers saw each other's carts — and the nginx fastcgi_cache config I now use on every client site.
How a SQL Find-Replace Broke 847 Pages on a WooCommerce Site — Fixing Serialized Data After Migration
· 12 min read
A hosting provider used sed on a SQL dump to change domains. It corrupted every serialized value in the database. Here's how I diagnosed and repaired it.
How 280 Sleeping Database Connections Took Down a WooCommerce Store Mid-Sale
· 9 min read
A WooCommerce store hit 'Error establishing a database connection' during a flash sale. The fix was 280 sleeping MariaDB connections and bad timeout defaults.
How I Upgraded 30 WordPress Sites from PHP 8.1 to 8.3 Without Breaking a Single One
· 9 min read
A step-by-step walkthrough of batch-testing and upgrading 30 WordPress sites from PHP 8.1 to 8.3, with the real breakages found and how I fixed them.
How I Fixed WooCommerce Cart Contamination Caused by Nginx FastCGI Cache
· 11 min read
A client's customers were seeing other people's cart items. The cause: Nginx FastCGI cache serving cached session cookies to the wrong visitors.
How a MariaDB Upgrade Took Down Every WordPress Site on the Server
· 8 min read
A MariaDB version upgrade broke database connections for all WordPress sites. Here's how I diagnosed socket, authentication, and collation issues and fixed them.
When Redis Object Cache Silently Drops Keys — Diagnosing Memory Eviction on a WooCommerce Store
· 10 min read
How I diagnosed a WooCommerce store where Redis was 'working' but silently evicting keys, causing random slowdowns and stale data.
How I Traced a Data Leak Between Two WordPress Sites to a Redis Cache Key Collision
· 9 min read
Multiple WordPress sites sharing one Redis instance can silently leak data between each other. Here's how I diagnosed and fixed it.
How Replacing WP-Cron Fixed a WooCommerce Store's Missing Emails, Failed Renewals, and 4,200 Stuck Scheduled Actions
· 9 min read
A WooCommerce store had delayed order emails, failed subscription renewals, and thousands of stuck Action Scheduler jobs. The fix: replacing WP-Cron with a system cron.
Why WooCommerce Emails Stopped Sending — Diagnosing Silent WP-Cron Failures
· 8 min read
How I traced missing WooCommerce order emails and failed subscription renewals to a silently broken WP-Cron, and replaced it with a reliable system cron.
How I Reclaimed 14GB of Database Space from a Bloated Action Scheduler
· 10 min read
A WooCommerce store's database had grown to 18GB thanks to 26 million rows in the Action Scheduler tables. Here's how I cleaned it up and prevented it from happening again.
How 12MB of Autoloaded Options Were Adding 3 Seconds to Every Page Load
· 8 min read
A WordPress site was loading 12MB of abandoned plugin data on every request. Here's how I found the bloat in wp_options and cut page load times in half.
How a 12-Million-Row Action Scheduler Table Brought a WooCommerce Store to Its Knees
· 9 min read
Diagnosing and fixing WooCommerce Action Scheduler table bloat that grew to 12 million rows, causing 30-second page loads and checkout timeouts.
How a WooCommerce HPOS Migration Silently Broke Order Tracking and Customer Data
· 14 min read
Diagnosing silent data loss after migrating a WooCommerce store to HPOS — broken tracking plugins, corrupted customer lookup table, and the fixes that restored it all.
How I Migrated a 40,000-Order WooCommerce Store to HPOS Without Losing a Single Order
· 10 min read
Step-by-step HPOS migration for a large WooCommerce store — finding incompatible plugins, fixing custom code, and verifying data integrity with WP-CLI.
WordPress security updates broke thousands of sites — here's what happened and how to protect yours
· 6 min read
WordPress 6.9.2 security patch caused white screens across thousands of sites. Why it happened and how maintenance plans prevent the damage.
The WordPress white screen of death — what it is, how to fix it, and how to stop it happening
· 8 min read
A practical guide to diagnosing and fixing the WordPress white screen of death, from a developer who deals with it regularly.
Why 83 PayPal Subscriptions Silently Failed — A WooCommerce PPCP Vaulting Investigation
· 5 min read
Investigating why 83 PayPal subscription renewals were failing in WooCommerce. The root cause: the PPCP plugin never successfully stored vault tokens for any subscription.
WooCommerce Database Meltdown — From 376-Second Queries to Under 1 Second
· 6 min read
How I diagnosed and fixed a WooCommerce database crisis where MariaDB was consuming 1479% CPU with queries running for 376 seconds. The root cause was a transient race condition.
How I Cleaned a Cryptominer with 14 Persistence Mechanisms
· 5 min read
Discovering and removing a sophisticated cryptominer from a Linux server that used 14 different persistence mechanisms including systemd services, cron jobs, and immutable file attributes.
PHP-FPM Worker Exhaustion — When a DDoS Kills Your Database
· 6 min read
How too many PHP-FPM workers caused MariaDB to be killed by the OOM killer. The math behind pm.max_children and a formula for getting it right.
Bulk Updating Alt Text for 2,846 Images with WP-CLI
· 9 min read
How I used WP-CLI to automatically generate and apply meaningful alt text to 2,846 images on a WooCommerce site, handling edge cases like size suffixes and generic filenames.
CloudPanel Server Hack — How an Attacker Created an Admin Account
· 7 min read
Investigating a CloudPanel server compromise where an attacker created an admin user via clpctl. Tracing the attack through auth.log, checking for backdoors, and hardening the server.
WordPress Shipping Rate Calculation in Background Jobs — The Missing Session Problem
· 12 min read
Solving the challenge of calculating WooCommerce shipping rates programmatically in Action Scheduler background jobs where WC()->session doesn't exist.
LiteSpeed Guest Optimization vs Splash Screens — Fixing FOUC
· 6 min read
How LiteSpeed's Guest Optimization CSS handling caused a flash of unstyled content on sites with splash screens, and the settings adjustments that fixed it.
Stop Firefighting. Start Maintaining.
I manage 70+ WordPress sites for UK agencies and businesses. Whether you need ongoing maintenance, emergency support, or a one-off performance fix — I can help.
View Maintenance Plans Get in TouchGet in Touch to Discuss Your Needs
Your message has been sent successfully. We'll get back to you shortly.
