7 Useful WordPress Security Tips

WordPress is getting popular on every day.This is a good news for WordPress user and WordPress developers but also this is attracting more hacker to hack WordPress!

So how do you secure your WordPress website?

Here is some tips to make it more secure!

1.Remove Your WordPress Version Number From WordPress Theme

WordPress automatically displays the version you are using in the head of your WordPress Theme files.This may give hacker a opportunity to learn about your website.
To hide it open your theme function.php and paste the following code

remove_action('wp_head', 'wp_generator');

2.Change The Default Admin Username

Brute force is one of the easiest ways to break a password where hacker try as many different passwords as possible until the right one is found. If they know your username it will make there task more easier.

3. Add blank index.html on your directory

By default some hosting allow directory browsing which is a security hole for your website.To prevent this add a blank index.html to your all directory.
So if the hacker manage to browse a directory he will see a blank screen 🙂

4.Limit login Attempts

Lets say your website is under Brute force attack so what you can do?
here is very simple solution for you Limit Login Attempts
This plugin will lock the hacker for certain amount of time of he enter wrong password more then a predefined amount of time!!!
Try this plugin now on your website.

5. Force SSL Usage

SSL is a cryptographic protocol that secures communications over networks such as the Internet.Buy SSL and use it to login in WordPress back end.
To do this open your wp-config.php and paste this code

define('FORCE_SSL_ADMIN', true);

6. Change your wp-admin folder permission to 644

7. Backup your file and database regulatory

Whatever security measure you take it will just slow down a good hacking team
So make sure you are taking regular backup of your website

Some very useful wordpress hacks

Today i organize some very useful WordPress hacks.Hope this may help you in your future projects

Display number of Facebook fans in full text

If you want to display the number of your Facebook Fans then use this code.

Replace “YOUR PAGE-ID” with your own Page-ID.

Code:

$page_id = "YOUR PAGE-ID"; $xml = @simplexml_load_file("http://api.facebook.com/restserver.php?method=facebook.fql.query&query=SELECT%20fan_count%20FROM%20page%20WHERE%20page_id=".$page_id."") or die ("a lot"); $fans = $xml--->page->fan_count;
echo $fans;

Source: http://wp-snippets.com/742/display-number-facebook-fans/

Display search terms from Google users

If a visitor reached your site through Google’s search, this script will display the terms they searched for in order to find your site. Put this code where you want to display the message.

$refer = $_SERVER["HTTP_REFERER"];
if (strpos($refer, "google")) {
	$refer_string = parse_url($refer, PHP_URL_QUERY);
	parse_str($refer_string, $vars);
	$search_terms = $vars['q'];
	echo 'Welcome Google visitor! You searched for the following terms to get here: ';
	echo $search_terms;
};

Source: http://wp-snippets.com/820/display-search-terms-from-google-users/

How to automatically email contributors when their posts are published

If you’re running a multi-authored blog, it can be very cool to let your contributors know when their post are online. Today’s recipe will show you how to do this automatically each time a post is published.

function wpr_authorNotification($post_id) { $post = get_post($post_id); $author = get_userdata($post->post_author); $message = " Hi ".$author->display_name.", Your post, ".$post->post_title." has just been published. Well done! "; wp_mail($author->user_email, "Your article is online", $message); } add_action('publish_post', 'wpr_authorNotification');

Source: http://www.binarymoon.co.uk/2010/02/automated-take-screenshots-website-free/

How to define a minimum word count per post

If you want to be able to keep a minimum word count for your posts, then just read this recipe. Applying it to your blog can be useful to maintain a clean layout, or ensure your guest writers will not post too short articles on your blog.

function minWord($content){ global $post; $num = 100; //set this to the minimum number of words $content = $post->post_content; if (str_word_count($content) < $num) wp_die( __('Error: your post is below the minimum word count.') ); } add_action('publish_post', 'minWord');

Source: http://pippinspages.com/tutorials/minimum-word-count-for-wordpress-posts/

Automatically add a Google+ button to your posts

This simple piece of code to automatically add a Google+ button to your posts.

Open your functions.php file and paste the following code in it:

add_filter('the_content', 'wpr_google_plusone'); function wpr_google_plusone($content) { $content = $content.'<div><g:plusone size="tall" href="'.get_permalink().'"></g:plusone></div>'; return $content; } add_action ('wp_enqueue_scripts','wpr_google_plusone_script'); function wpr_google_plusone_script() { wp_enqueue_script('google-plusone', 'https://apis.google.com/js/plusone.js', array(), null); }

Source: http://spyrestudios.com/17-time-saving-code-snippets-for-wordpress-developers/

Add favicon icon dynamically in your wordpress theme

You can easily add favicon icon dynamically in your WordPress theme.
This may be very useful for child theme where you don’t want to edit the parent theme header.php.
Paste this code in your theme function.php to load the favicon dynamically and also don’t forget to change the favicon icon url.

function dynamic_favicon() {
echo '<link rel="Shortcut Icon" type="image/x-icon" href="http://yoururl.com/favicon.ico" />';
}
add_action('wp_head', 'dynamic_favicon');

Hope this piece of code may help you on your next project

How to add facebook likebox in wordpress post or page using shortcode

If you want to show your facebook fanpage likebox in wordpress post or page then copy and past the code below in your theme function.php

//ADD FACEBOOK LIKE BOX SHORTCODE
function fb_likebox($atts) {

    extract(shortcode_atts(array(
        "fb_link" => 'https://www.facebook.com/techsloution4u'
    ), $atts));

	return '<h2 class="join-fb">Like Them On Facebook</h2>
<fb:like-box href="'.$fb_link.'" width="595" height="100" show_faces="false" stream="false" header="false"></fb:like-box>';
}
add_shortcode('fb_box', 'fb_likebox');

You can change the attribute of the facebook like box

  • width – the width of the plugin in pixels. Default width: 300px.
  • height – the height of the plugin in pixels.
  • colorscheme – the color scheme for the plugin. Options: ‘light’, ‘dark’
  • show_faces – specifies whether or not to display profile photos in the plugin. Default value: true.
  • stream – specifies whether to display a stream of the latest posts from the Page’s wall
  • header – specifies whether to display the Facebook header at the top of the plugin.
  • border_color – the border color of the plugin.

And also past this code after the tag in your header.php theme file

<div id="fb-root"></div>
<script>(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = "//connect.facebook.net/en_US/all.js#xfbml=1&appId=101067140010972";
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>

Then use this shortcode to show facebook fanpage on page or post

[fb_box fb_link="https://www.facebook.com/techsloution4u"][/fb_box]

Some useful wordpress functions

Here is a list of some useful WordPress functions.This may reduce your development time.

wp_mail()

Some time we need to send email to the user.We can use this wordpress function wp_mail() to send email.It works just like the php email function but have better functionality.

wp_loginout()

Displays a login link, or if a user is logged in, displays a logout link.You can even give the redirect url here.SO user will redirect to that url.

esc_url()

This function ejects URLs that do not have one of the provided whitelisted protocols (defaulting to http, https, ftp, ftps, mailto, news, irc, gopher, nntp, feed, and telnet), eliminates invalid characters, and removes dangerous characters.

is_page()

With this function you can check if that particular page is being load.Very handy if you want to load a script only a specific page

Disable Commenting on Posts Older Than 1 Month:

<?php

		function close_comments( $posts ) {

			if ( !is_single() ) { return $posts; }

			if ( time() - strtotime( $posts[0]->post_date_gmt ) > ( 30 * 24 * 60 * 60 ) ) {
			$posts[0]->comment_status = 'closed';
			$posts[0]->ping_status    = 'closed';
			}

		return $posts;
		}
		add_filter( 'the_posts', 'close_comments' );

		?>

Custom Excerpt Length:

function new_excerpt_length($length) {
return 100;
}
add_filter('excerpt_length', 'new_excerpt_length');

Enable excerpts in wordpress page

WordPress in default does not have the excerpt feature on Page.But you can enable this by entering a few lines of code in Theme functions.php of your template.If your theme doesn’t have function.php then please create one.
[highlight]NOTE: Please take a backup of your theme before doing this theme hack.[/highlight]

Here is the code :

// Enable excerpt for wordpress pages
function enable_wp_page_excerpt()
{
    add_post_type_support('page', 'excerpt');
}
add_action('init', 'enable_wp_page_excerpt');

WordPress Blank HTML5 theme

HTML5 comes with a lots of feature! Soon we need to use them in WordPress projects.So i think its better to make a blank HTML5 theme to make my development time shorter.

Here is the screenshot of my Blank HTML5 theme

Wordpress Blank HTML5 theme

Download : [wpdm_file id=8]

Add floating social icons to Thesis WordPress

In this tutorial i will show you how to add floating social icons to Thesis WordPress .Copy and paste this code for the floating social icons into your Custom Functions.

Note: Always take a backup before any type of modification.


// Make the URL to share
if( is_singular() ) {
$url = get_permalink();
$text = the_title('', '', false);
} else if ( is_category() || is_tag() ) {
if(is_category() ) {
$cat = get_query_var('cat');
$url = get_category_link($cat);
} else {
$tag = get_query_var('tag_id');
$url = get_tag_link($tag);
}
$text = single_cat_title('', false) . ' on ' . get_bloginfo('name');
} else {
$url = get_bloginfo('url');
$text = get_bloginfo('name') . ' - ' . get_bloginfo('description');
}

// Add social buttons to the theme using thesis hook

add_action('thesis_hook_after_content', 'show_social_buttons', 99);

// Add google plus js to the head section of the theme

function google_plus_one_integration() {
?>
<script type="text/javascript" src="http://apis.google.com/js/plusone.js"></script>
<?php
}
add_action('wp_head', 'google_plus_one_integration');

// this creates your social icons

function show_social_buttons() {

// I want to show social icons in post and not in homepage

if ( is_singular() ){
?>

<div id="social-float-wrapper" >

<div class="smf-twitter">
<!-- Twitter Code Goes Here -->
<a href="http://twitter.com/share" data-count="vertical" data-via="problogdesign" data-url="<?php echo $url; ?>" data-text="<?php echo $text; ?>">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
</div>

<div class="smf-facebook">
<!-- Facebook Code Goes Here -->
<iframe src="http://www.facebook.com/plugins/like.php?app_id=186708408052490&amp;href=<?php echo urlencode($url); ?>&amp;send=false&amp;layout=box_count&amp;width=50&amp;show_faces=false&amp;action=like&amp;colorscheme=light&amp;font&amp;height=62" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:50px; height:62px;" allowTransparency="true"></iframe>
</div>

<div class="smf-plusone">
<!-- Google +1 Code Goes Here -->
<!-- Place this tag where you want the +1 button to render -->
<g:plusone size="medium" href="<?php echo $url; ?>"></g:plusone>
</div>

<div class="smf-stumbleupon">
<!-- stumbleupon Code Goes Here -->
<script src="http://www.stumbleupon.com/hostedbadge.php?s=5"></script>
</div>

<div class="smf-linkedin">
<!-- linkedin Code Goes Here -->
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script><script type="in/share" data-url="<?php the_permalink(); ?>" data-counter="top"></script>
</div>

</div><!-- /social-float -->

<?php } }

Now its time to do some css to float this social icons left of the website.Add this css to your custom.css

/**

* Floating Social Buttons

*/

#social-float-wrapper {
background-color: #FFFFFF;
border: 5px solid rgba(180, 180, 180, 0.7);
border-radius: 8px 8px 8px 8px;
left: 50px;
padding: 10px 5px;
position: fixed;
text-align: center;
top: 50px;
width: 55px;
}

.smf-twitter {
height: 62px;
margin-bottom: 10px;
}

.smf-facebook {
height: 60px;
margin-bottom: 10px;
}

.smf-plusone {
height: 60px;
margin-bottom: 10px;
}
.smf-stumbleupon {
height: 60px;
margin-bottom: 10px;
}
.smf-linkedin {
height: 60px;
margin-bottom: 10px;
}

So now you are ready to add this nice social panel to your website.

Using Loops and Pagination in WordPress

Using loops you can show wordpress content.If you want to show the full content for the first two posts and then just the excerpt for the rest then this code is for you.

<?php
      $page = (get_query_var('paged')) ? get_query_var('paged') : 1;
      query_posts("paged=$page&posts_per_page=5"); ?>

	<?php $count = 1; // Sets count to 1 on first output post ?>

		<?php while (have_posts()) : the_post(); ?>

     <?php if ((!is_paged()) && ($count == 1 || $count == 2)){ // THIS STARTS FULL CONTENT IF IS FIRST POST AND NOT PAGED, THE OR OTHER COUNT ALLOWS FOR SHOWING MORE THAN ONE OF THE FULL CONTENT POSTS BEFORE GOING TO EXCERPTS ?>

                    <?php the_content(); ?>

                    <?php } else { // THIS ends FULL CONTENT and SHOWS FOLLOWING POSTS ELSE ?>

                    <?php the_excerpt(); ?>

<?php } $count++; // THIS IS the END of ELSE and sets count one up ?>


	<?php endwhile; ?>
?>

WP Turbo Autoblogging Premium WordPress Plugin

WP Turbo is a brand new wordpress auto blogging software. Install wpturbo plugin in your wordpress, sit back and relax to see the revenue growth in your ad campaigns. WP Turbo is an auto blogging plugin for WordPress, Create niche blogs on any subject you can think of, mix in videos, music, affiliate products and more.

WPTurbo is a new premium plugin for WordPress that allows you to create powerful nice sites which create content, update themselves automatically and earn you income each month by various affiliate programs.

Read more