@marcusquinn said in IndieWeb plugin(s) - interesting concept for WordPress -> MicroPub: What is the IndieWeb? The IndieWeb is a people-focused alternative to the "corporate web". Your content is yours Yeah, pretty much the idea behind adopting and deploying FOSS apps also. And all indie folks in soul should also be member of this very interesting forum, namely Indie Hackers. Just stumbled on this, thought people might find interesting. EDIT: Forgot to mention, that plugin is a great find @marcusquinn

@girish said in Set php.ini memory allocation to match Cloudron memory allocated: @micmc If it helps: setting memory limit for an app (at the Cloudron level) is like creating a virtual server with that much memory. So, if you allocate 2GB, it's like creating a 2GB server. Inside this 2GB server, there is apache running. Wow, that's amazing! And, with the rest of the explanation, it makes it more clear of how this works and how we can better know what we are doing while trying to cope with apps' memory.

I am using this one too - very happy with it

Allright, thanks !!

@girish From 150 to 256, from 256 to 512, now 1024 Mb... Now I deactivated Wordpress Redis Plugin and stopped service under App > Services.

Yeah, deep in the rabbit hold on research on this. There's nothing that distracts me more than something that has a score attached to it (not competitive all all ) Trying to get a clean sheet of green on this: https://inspectwp.com Given WordPress is perhaps the most popular self-hosted app of all, be great to have the Cloudron setup as perfect as possible, particularly for WordPress. So many more expensive options out there charging per site. Lots of wins possible from being able to proclaim the best WP setup possible

@girish Thank's Girish

On an unrelated note, there's an option in WP dash > Updates to have it auto-install new releases. I noticed some of my sites have that enabled and some don't. It's not a problem, but I mention it because maybe that should be disabled/hidden somehow since this should be handled by the packaging updates. [image: 1691756574714-7b6d84ab-4d00-427f-bc17-a79a1bc1f546-image.png] Edit: just noticed your latest reply, so I guess WP was auto-updating most of my sites and I thought the packaging was doing that.

Yet, it's very simple to install so I can't see why you went through all the hops. Just install the plugin, then put in the SMTP credentials found in credentials.txt in the app root in "Other SMTP", done. Host is Mail, port 2525 no SSL nor TLS.

@girish said in ECONNREFUSED: @MarchinBunny there was a malware in WordPress. Something like https://stackoverflow.com/questions/76268370/wordpress-error-because-mo-files-inside-wp-include . Exactly, what I expected right from the start of the thread. But there are lots of plugins in your site, it could be anything. And, yes some malware could be running in the background for years before one find out.

@RazielKanos said in Malware in my Wordpress: Once a system was infected it is best to set up everything new And above all, DO NOT install themes and/or plugins which provenance is doubtful. In WordPress this is 99% the source of 'malware' problems.

@therealwebmaster See https://docs.cloudron.io/apps/wordpress-developer/#php-settings

@RazielKanos or rename to say .htaccess-backup, then compare new to old.

@marcusquinn I use these commands, via Terminal MySQL Access: //display active users select user_login, user_nicename, display_name from wp_users; //change user_nicename UPDATE wp_users SET user_nicename = 'myusername' WHERE user_nicename = 'admin'; //change user_login UPDATE wp_users SET user_login = 'myusername' WHERE user_login = 'admin'; //change display_name UPDATE wp_users SET display_name = 'myusername' WHERE display_name = 'admin'; //change user email UPDATE `wp_users` SET `user_email` = "myemail@email.com" WHERE `wp_users`.`user_login` = "myusername"; //change admin password UPDATE WORDPRESSDATABASE.wp_users SET user_pass = MD5('NEWPASSWORD') WHERE user_login = 'myusername';

@girish Thanks, that makes some memory-saving sense, too. My specific issue was just at having the addon enabled, but the plugin disabled, as it makes sense to have it on a live site that isn't being developed, but not during development.

@BrutalBirdie You're right, directory browsing is blocked at the server level. I just spotted these missing files and thought a simple no-harm way to cover the same for all instances.

@luckow Thanks! Hidden in plain sight I did quickly try checking documentation first, just not enough, I guess! Wen CloudronGPT?

@girish

check out in the options table. I once had a hacked plugin that was writing executable code in the options table, and by that, it was able to reinstall itself again and again. Well securing the page should be a matter of less than an hour. Just export those pages, make a fresh install and import the pages back in