The endpoints: load-scripts.php and load-styles.php are used by WP to concatenate and compress assets at runtime.
Since we are using nginx, these assets can be served via nginx instead.
This PR makes the following changes:
Disable the env vars: CONCATENATE_SCRIPTS, COMPRESS_CSS & COMPRESS_SCRIPTS
Block the endpoints: load-scripts.php and load-styles.php - this change means they are not used but are DoS vectors.
This code is difficult to test locally because Config::define('SCRIPT_DEBUG', true); in config/environments/development.php means that scripts are not concatenated. Temporarily disable this and access an admin page locally to see CONCATENATE_SCRIPTS in action.
This should have the effect of fixing the intermittent CPU spikes. If not, it is still good practice :)
The endpoints: load-scripts.php and load-styles.php are used by WP to concatenate and compress assets at runtime. Since we are using nginx, these assets can be served via nginx instead.
This PR makes the following changes:
This code is difficult to test locally because
Config::define('SCRIPT_DEBUG', true);inconfig/environments/development.phpmeans that scripts are not concatenated. Temporarily disable this and access an admin page locally to seeCONCATENATE_SCRIPTSin action.This should have the effect of fixing the intermittent CPU spikes. If not, it is still good practice :)
Further reading: