Différences

Ci-dessous, les différences entre deux révisions de la page.

--- informatique:wordpress [06/02/2023 14:42] – [Sécuriser Wordpress] cyrille
+++ informatique:wordpress [23/04/2024 18:11] (Version actuelle) – Wordpress WAF : All-In-One Security (AIOS) cyrille
@@ Ligne 31: / Ligne 31: @@
   * [[http://smashfreakz.com/2012/11/wordpress-theme-option-frameworks/|Top 8 WordPress Theme Option Frameworks]]
   * [[https://roots.io/sage/|Sage]] The best WordPress starter theme with a modern front-end development workflow.
-==== Frameworks ====
 [[http://wordpress.org/extend/plugins/options-framework/]] - The Options Framework Plugin makes it easy to include an options panel in any WordPress theme. It was built so developers can concentrate on making the actual theme rather than spending time creating an options panel from scratch.
@@ Ligne 43: / Ligne 41: @@
 [[https://roots.io/bedrock/|Bedrock]] WordPress boilerplate with modern development tools, easier configuration, and an improved folder structure. Gestion complète avec git & composer, arborescence fichiers différente de la native WP.
+**De bons développeurs de plugins et thèmes pour inspiration**:
+  * https://perfops.one/
 ===== RGPD / GDPR ====
@@ Ligne 49: / Ligne 51: @@
   * [[https://fr.wordpress.org/plugins/gdpr-cache-scripts-styles/|GDPR Cache Scripts & Styles]]
+Quelques plugins:
+  * [[https://fr.wordpress.org/plugins/oembed-manager/|oEmbed Manager]]
+  * [[https://wordpress.org/plugins/gdpr-cookie-compliance/|gdpr-cookie-compliance]]
+  * [[https://wordpress.org/plugins/cookie-law-info/|CookieYes - GDPR Cookie Consent & Compliance Notice (CCPA Ready)]]
 ===== Sécuriser Wordpress ====
@@ Ligne 63: / Ligne 69: @@
 define( 'DISALLOW_FILE_EDIT', true );
 </code>
+==== Monitoring & Observability ====
+  * https://perfops.one/
+    * https://perfops.one/decalog/
 ==== Wordfence ====
+Pare-feu d'applications Web ([[/glossaire/WAF]])
 [[https://wordpress.org/plugins/wordfence/|Wordfence]]
+==== All-In-One Security (AIOS) ====
+All-In-One Security (AIOS) – Security and Firewall ([[/glossaire/WAF]])
+https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
 ==== Two-factor (2FA) ====
-  * [[https://wordpress.org/plugins/two-factor/|Two-factor]] plugin: 2FA with TOTP or Email
+  * [[https://wordpress.org/plugins/two-factor/|Two-factor]] plugin: [[/glossaire/2fa|2FA]] with Email, [[/glossaire/u2f|FIDO Universal 2nd Factor (U2F)]], [[/glossaire/totp|Time Based One-Time Passwords (TOTP)]]
     * enable 2FA for all: https://github.com/WordPress/two-factor/issues/307#issuecomment-624843209
@@ Ligne 243: / Ligne 262: @@
   * NGinx plugins: https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/ (en bas de page)
+W3 Total Cache API
+<code php>
+flush_pgcache()  //page cache
+flush_dbcache()  // database cache
+flush_minify()  // minify cache
+flush_all() //all caches
+// Clear all W3 Total Cache
+if( class_exists('W3_Plugin_TotalCacheAdmin') )
+{
+    $plugin_totalcacheadmin = & w3_instance('W3_Plugin_TotalCacheAdmin');
+    $plugin_totalcacheadmin->flush_all();
+    echo __('<div class="updated"><p>All <strong>W3 Total Cache</strong> caches successfully emptied.</p></div>');
+}
+</code>
 === Varnish ===
@@ Ligne 344: / Ligne 380: @@
   * Gestion de contenu
     * [[https://fr.wordpress.org/plugins/enhanced-media-library/|Enhanced Media Library]] par wpUXsolutions
+  * Formulaires
+    * ContactForm7 https://contactform7.com
+      * [[/informatique/wordpress/contactform7|contactform7]]
+    * WPForms https://wpforms.com (ex PirateForm)
+    * GravityForms https://www.gravityforms.com
   * Représentation et gestion du temps
     * [[http://wordpress.org/plugins/wpit-gantt/|WPIT Gantt]] qui utilise [[http://bastianallgeier.com/gantti/|Gantti]]
@@ Ligne 376: / Ligne 417: @@
   * [[http://docs.themeisle.com/search?query=Zerif|Search results for Zerif]] on docs.themeisle.com
+==== oembed ====
+WordPress oEmbed reconnait les URLs de quelques services et formate automatiquement le contenu à partir de l'URL (//version >= 2.9//).
+  * [[https://wordpress.org/documentation/article/embeds/|La liste des services reconnus]].
+  * [[https://www.wpexplorer.com/wordpress-oembed/|WordPress oEmbed: Embed (Almost) Everything]] (2020)
+WP filters:
+  * [[https://developer.wordpress.org/reference/hooks/embed_oembed_html/|embed_oembed_html]]
+    * Filters the cached oEmbed HTML
+    * ''apply_filters( 'embed_oembed_html', string|false $cache, string $url, array $attr, int $post_ID )''
+  * [[https://developer.wordpress.org/reference/hooks/oembed_dataparse/|oembed_dataparse]]
+    * Filters the returned oEmbed HTML
+    * ''apply_filters( 'oembed_dataparse', string $return, object $data, string $url )''
+WP functions:
+  * [[https://developer.wordpress.org/reference/classes/WP_Embed/shortcode/|WP_Embed::shortcode]]
+    * Attempts to convert a URL into embed HTML
+    * ''WP_Embed::shortcode( array $attr, string $url = '' ): string|false''
+  * [[https://developer.wordpress.org/reference/functions/wp_oembed_add_provider/|wp_oembed_add_provider()]]
+    * https://generatewp.com/oembed/
+  * [[https://developer.wordpress.org/reference/functions/wp_embed_register_handler/|wp_embed_register_handler]]
+    * https://wpmudev.com/blog/embedding-wordpress-oembed/