WordPress guides
Failure-mode guides for WordPress sites, organized by topic.
Crashes & Errors
8 guidesFatal errors, white screens, memory exhaustion, and the silent failures that leave your site broken without warning.
PHP deprecation warnings after PHP 8.x upgrade — what to fix first
You upgraded WordPress to PHP 8.x. The site loads.…
Read guide →
WordPress 500 internal server error — how to find the cause in logs
You open your WordPress site and the browser shows nothing but a sterile message: > 500 Internal Server Error No stack trace. No plugin name…
Read guide →
WordPress fatal error — how to find what crashed your site
You hit your homepage and get a white screen, a generic "There has been a critical error on this website" message, or a hard HTTP 500. Admin…
Read guide →
WordPress memory_limit exhausted — how to detect it before it crashes the site
Your WordPress admin shows a half-rendered page.…
Read guide →
WordPress PHP fatal — the causal chain from warning, to update, to fatal
You're staring at a WordPress fatal you didn't cause. The site worked at 14:02; it's white-screened at 14:05.…
Read guide →
WordPress PHP warning spike — finding the plugin or file causing the flood
Yesterday your PHP error log was 4 MB. This morning it is 1.2 GB and still growing. You SSH in, run du -sh /var/log/php-fpm/, and watch the …
Read guide →
WordPress REST API broken after a plugin update — finding which endpoint regressed
Your WordPress block editor is a spinner. The Gutenberg sidebar shows "Updating failed. The response is not a valid JSON response." A user o…
Read guide →
WordPress white screen of death — how to debug without admin access
You load your site and there is nothing. No header, no logo, no error, no 500 page. Just a flat white rectangle in the browser. View source …
Read guide →
Cron & Scheduling
5 guidesMissed schedules, dead hooks, queue workers that stop, and how to know cron is actually running.
WordPress cron hook stuck for years — finding silently dead scheduled hooks
You went looking for one slow scheduled job and found something worse. A row in wpoptions under cron has a nextrun timestamp from 2021. The …
Read guide →
WordPress Cron Not Running: How to Detect and Fix It
WordPress cron is responsible for scheduled posts, plugin updates, email queues, and cache cleanup. When it stops, nothing warns you. Here&r…
Read guide →
WordPress cron reliability — using max vs average delay to find the blocking job
Your WordPress site looks healthy. Posts publish, logins work, the homepage is fast. But the average delay between a scheduled WP-Cron event…
Read guide →
WordPress scheduled posts not publishing — diagnosing missed cron jobs
You hit "Schedule" on a post for 9:00 AM. The editor confirms it. The post sits there with the status "Scheduled" — and 9:00 AM comes and go…
Read guide →
WordPress wp-cron disabled (DISABLE_WP_CRON=true) — how to verify your real cron actually works
You set DISABLEWPCRON=true in wp-config.php months ago and added a system crontab entry to call wp-cron.php directly. Everything looked fine…
Read guide →
Security
10 guidesBrute force, integrity changes, privilege escalation — attack patterns and audit signals.
WordPress "Sorry, you are not allowed to do that" — diagnosing capability check failures
Your editor is on Slack, frustrated. They opened /wp-admin/post.php?post=4912&action=edit, hit Update, and got a grey page with one line: "S…
Read guide →
WordPress admin user added without your knowledge — how to detect privilege escalation
You log into /wp-admin/users.php and there it is: a WordPress admin user added without your knowledge. The username is something forgettable…
Read guide →
WordPress Brute Force Attack Detection from Logs
Security plugins block attacks. But do you know how many are happening, when they spike, and which endpoints are targeted? Your logs do.…
Read guide →
WordPress file integrity monitoring without a paid plugin
A core file under /wp-includes/, a plugin file under /wp-content/plugins/, or a theme functions.php is now different from the version that s…
Read guide →
WordPress hundreds of new users overnight — detecting bulk spam registration before they pollute your database
You opened wp-admin/users.php this morning and the user count went from 247 to 2,113 overnight.…
Read guide →
WordPress login attempt surge — distinguishing credential stuffing from scanner traffic
Your WordPress site is hammered with login attempts. The auth log is rolling. wpauthfailurestotal jumped from a flat baseline to thousands p…
Read guide →
WordPress logout you didn't perform — detecting session hijacking
You were editing a post, hit Update, and WordPress bounced you to /wp-login.php with the message "Your session has expired. Please log in ag…
Read guide →
WordPress REST API hammered with login attempts — how to detect credential stuffing
Your WordPress site is slow. The dashboard takes seven seconds to load. PHP-FPM workers are pinned. The Fail2Ban rule you set up two years a…
Read guide →
WordPress wp-config.php was modified — how to detect unauthorized changes
You opened your WordPress site this morning and something is off. Maybe redirects to a sketchy domain. Maybe a strange admin user you do not…
Read guide →
WordPress xmlrpc.php under attack — detecting amplification and credential stuffing
Your access log is suddenly full of POST /xmlrpc.php. Thousands of them. Same endpoint, hundreds of IPs, no obvious pattern in the user-agen…
Read guide →
Email Delivery
4 guideswp_mail failures, SMTP problems, contact-form leads that never arrive.
WordPress contact form submissions not arriving — full diagnosis
A customer messages you on LinkedIn: "I tried to contact you through your website three times last week and never heard back." You check the…
Read guide →
WordPress Emails Not Sending: How to Detect and Fix It
Your WordPress contact form says “Message sent.” But was it actually delivered? In most cases, you have no way to know - until s…
Read guide →
WordPress sending hundreds of emails per hour — detecting registration spam before the host suspends you
You wake up to a support thread: customers can't reset their passwords, the contact form throws a "we couldn't deliver your message" error, …
Read guide →
WordPress wp_mail Not Working: Causes, Detection, and Fixes
The wp_mail() function is how WordPress sends every email. When it breaks, there’s no error page, no warning, and no notification. Her…
Read guide →
Database
7 guidesConnection errors, slow queries, deadlocks — finding the cause from logs.
WordPress "Access denied for user" database errors — credential rotation, permission grants, and silent breakage
Your WordPress site is gone.…
Read guide →
WordPress "Error establishing a database connection" — detection and root cause
You open your WordPress site and the page is gone. Instead of your homepage, the browser shows a single white page with one line of text: > …
Read guide →
WordPress database deadlocks — causes and detection
You open your WordPress error log after a customer complaint and see this: WordPress database error Deadlock found when trying to get lock; …
Read guide →
WordPress database disk full — detecting the silent failure before queries start failing
Your WordPress site is half-broken. The homepage still loads, but WP Admin throws a white error box, comments fail to save, WooCommerce chec…
Read guide →
WordPress database timeout — when no single query is slow but the request times out
A WordPress request just timed out. nginx returned 504 Gateway Timeout, the user refreshed, the page eventually loaded, and you're staring a…
Read guide →
WordPress slow queries — finding the plugin or theme responsible
Your WordPress admin takes 8 seconds to render /wp-admin/edit.php. The frontend feels sluggish on category pages. Occasionally a request tim…
Read guide →
WordPress slow query surge — correlating the spike with the hook that triggered it
At 14:07 your monitoring pings you because MySQL CPU jumped from 12% to 78% in a minute. By 14:09 it is back at 12%. Five minutes later it d…
Read guide →
Performance
6 guidesTTFB, cache hit ratio, slow admin — performance problems that hide in plain sight.
WordPress Admin Slow: How to Find What’s Slowing Down wp-admin
The frontend loads in 400ms. The admin takes 4 seconds. Nobody measures this gap - but editors and content teams feel it every day.…
Read guide →
WordPress cache hit ratio degraded — why your site got slower without a code change
Yesterday the site felt fine. Today every page takes an extra second, the admin dashboard stutters, and PHP-FPM workers are visibly busier i…
Read guide →
WordPress memory pressure on specific routes — finding the page or hook that eats memory
Last week your WordPress site was dying with Fatal error: Allowed memory size of 268435456 bytes exhausted. You doubled memorylimit to 512M …
Read guide →
WordPress request latency — three causes, three drilldowns, one root cause
Your WordPress site is slow. Not down — slow. The homepage takes 4.…
Read guide →
WordPress slow after plugin update — finding the hook that regressed
Tuesday at 3:14 PM the auto-updater ran. Wednesday morning support tickets start: "the editor is laggy", "Save Draft takes forever", "checko…
Read guide →
WordPress slow page load — diagnosing high TTFB when queries look fine
Chrome DevTools shows "Waiting for server response" at 5.8 seconds on a normal post page. You SSH in, run SHOW PROCESSLIST, and MySQL is idl…
Read guide →
Abuse & Scraping
5 guidesBot traffic, scraping, enumeration — separating real users from resource-eaters.
WordPress 404 errors — separating real broken links from probe traffic and scrapers
You opened your access logs, or your SEO tool, or your hosting dashboard, and the 404 count looks wrong. Hundreds of them per hour. Maybe te…
Read guide →
WordPress admin-ajax.php under heavy load — finding the action and the caller
Your WordPress site is sluggish. Load average is climbing, PHP-FPM workers are saturated, and every other line in the access log is a POST /…
Read guide →
WordPress bot traffic — identifying and blocking scrapers using request fingerprints
Your WordPress site is not under attack. Nobody is trying to log in. There is no error in the dashboard.…
Read guide →
WordPress RSS / Atom feeds hammered by scrapers — detection and rate-limiting
You open New Relic, htop, or your hosting panel and CPU is pinned at 90%+. PHP-FPM workers are saturated. The site itself loads, barely. You…
Read guide →
WordPress site search overloading the database — detecting ?s= abuse and unbounded queries
Your WordPress site is crawling. TTFB is up to 4–8 seconds. The dashboard feels sluggish, but PHP isn't crashing and Uptime Robot is green. …
Read guide →
Operations
9 guidesPlugin auto-updates, config drift, multisite isolation — operational signals you should be watching.
Logystera WordPress plugin dropping events under load — what buffer drops mean and how to fix
You opened the Logystera dashboard for one of your WordPress entities and noticed something off. The request count is suspiciously round.…
Read guide →
WordPress Log Monitoring: See What Your Site Actually Does
WordPress debug.log is not monitoring. It’s a file nobody reads. Real WordPress log monitoring means structured events, derived metric…
Read guide →
WordPress PHP / core version changed unexpectedly — detecting environment drift
You log into your WordPress admin, click into Tools > Site Health, and the row that used to say PHP 8.1 now says PHP 8.2. Or you ran wp core…
Read guide →
WordPress plugin auto-updates that broke your site — how to detect them in time
You open your laptop at 8:47 AM and the support inbox is full. "Site is showing a white page." "Checkout is broken." "I get a 500 error on e…
Read guide →
WordPress plugin silently activated or deactivated — who did it and when
You open the WordPress admin and notice something is off. A plugin you do not remember installing is active. Or a security plugin you rely o…
Read guide →
WordPress Silent PHP Errors: How to Find Errors Nobody Sees
Production WordPress sites suppress error display. That’s correct. But suppressing display is not the same as handling errors. Here&rs…
Read guide →
WordPress site slow for logged-in users only — detecting session floods and cache bypass
Your WordPress site is fast. Pingdom is green. The homepage TTFB is under 200ms. Then a customer support ticket comes in: "Site is unbearabl…
Read guide →
WordPress upload blocked — legitimate user or attack? How to tell
A user clicks Add Media, drags a file in, and WordPress throws: > Sorry, this file type is not permitted for security reasons.…
Read guide →
WordPress Uptime vs Health: Why 99.9% Uptime Means Nothing
Your uptime monitor says 99.99%. Your contact form hasn’t delivered an email in 3 weeks. Both statements are true at the same time. He…
Read guide →
