Author Archives: Qaiser Bashir

Vertical Centering an Image

Recently I had to vertically center an image, I tried all the css tricks. Making wrapper div as table and then inner div as table-cell with css property vertical-align:center.

On the other side it’s very easy to do with JQuery.

 

jQuery

Improve WordPress Page Loading Time & Overall Site Optimization

Your WordPress website needs to load fast. Faster websites keep visitors engaged. The difference between waiting 2 seconds and 5 seconds for a website to load is substantial. Google’s rankings are based partly on your  site speed and users are known to quickly leave a site if it loads in 5 seconds or more. WordPress speed optimization can dramatically increase your conversion rates while boosting your rankings in search, as Google uses website speed .

The most common (major) issues are:

  • Images need to be optimized
  • Too many redirects
  • Too many WordPress plugins
  • Not utilizing broswer cache
  • Server and coding issues

How to make website load fast and optimise the speed of your WordPress site?

There are few things you can do to improve site speed and user experience.

1: Make sure you are using a Cache plugin. Here is list of some good ones.W3 Total Cache

WP Super Cache

One of the best and most downlaoded cache plugin. Downloads: 4,808,605.

This plugin generates static html files from your dynamic WordPress blog. After a html file is generated your webserver will serve that file instead of processing the comparatively heavier and more expensive WordPress PHP scripts.

Quick Cache

Downloads: 449,066

W3 Total Cache

downloads 2,446,750 times.

W3 Total Cache improves the user experience of your site by increasing server performance, reducing the download times and providing transparent content delivery network (CDN) integration.

2: Database Optimization

Optimize and clean your database regularly. You can do this from your host panel or you can use wordpress plugins.  There are two good plugins

Optimize Database after Deleting Revisions

Optimize DB

3: Post, Page, Comments Clean-Up:

Remove unnecessary post and page revisions and spam comments (site’s often have hundreds or thousands of these stored in the database)

4: Image Optimization:

Optimize images (reduce size, losslesly compress, properly resize images so they are scaled correctly)

5: Plugin Cleanup:

Check all your plugins for resource usage, remove unecessary plugins and/or install better replacements when possible

6: Fix 404 Errors:

Remove broken calls to the server causing 404 errors and decreasing page load time

 7: Minimize HTML, CSS & Javascript

wp-db-backup

Improve WordPress Security: 25 Essential Plugins + Tips

If you are running a WordPress-powered website, its security should be your primary concern. In

most cases, WordPress blogs are compromised because their core files and/or plugin are outdated;
outdated files are traceable and it’s an open invitation to hackers.

Plugins For Better Security

WP DB Backup
WP DB Backup is an easy to use plugin which lets you backup your core WordPress database tables just by a few clicks. Besides it is so easy, it has also been one of the most used plugin to secure your WP-powered website.

wp db backup Improve WordPress Security: 25 Essential Plugins + Tips

WP Security Scan
With this plugin, scanning your WordPress-powered site will be a simple task. It finds the vulnerabilities in your site and offer useful tips on removing them.

wp security scan Improve WordPress Security: 25 Essential Plugins + Tips

Ask Apache Password Protect
This plugin doesn’t control WordPress or mess with your database, instead it utilizes fast, tried-and-true built-in security features to add multiple layers of security to your blog.

askapache password protect Improve WordPress Security: 25 Essential Plugins + Tips

Stealth Login
The Stealth Login plugin will help you to create custom URL addresses for login, registering and logout of WordPress.

stealth login Improve WordPress Security: 25 Essential Plugins + Tips

Login Lockdown
Login Lockdown will help you to lock attempts for a period of time on logging in to your admin panel after a number of attempts.

login lockdown Improve WordPress Security: 25 Essential Plugins + Tips

WP-DB Manager
This is another great plugin which allows you to manage your WP database. It could be used as an alternative to the WordPress Backup Manager.

wp db manager Improve WordPress Security: 25 Essential Plugins + Tips

Admin SSL Secure Plugin
Another plugin for keeping your admin panel secure. It acts on the SSL encryption and is really useful against hackers or people trying to get unallowed access to your panel. It is the rival for the Chap Secure Login Plugin.

admin ssl Improve WordPress Security: 25 Essential Plugins + Tips

User Locker
If you want to avoid brute-force hacking your site, then the User Locker plugin is right for you. It works on the same system as Login Lockdown, however, it’s a 5-stars rated WP plugin which has a great fame among its users.

user locker Improve WordPress Security: 25 Essential Plugins + Tips

Limit Login Attempts
Limit Login Attempts blocks the internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

limit login attempts Improve WordPress Security: 25 Essential Plugins + Tips

Login Encryption
Login Encrypt is a security plugin. It uses a complex combination of DES and RSA to encrypt and secure the login process to the admin panel.

login encryption Improve WordPress Security: 25 Essential Plugins + Tips

One Time Password
This unique plugin will help you to set a one-time password for your login, in order to prevent logging of unwanted users from internet cafes or such.

one time password Improve WordPress Security: 25 Essential Plugins + Tips

Antivirus
Antivirus is a quite popular security plugin which will help you to keep your blog secured against bots, viruses and malwares.

antivirus Improve WordPress Security: 25 Essential Plugins + Tips

Bad Behavior
Bad Behavior is the plugin which helps you fight with those annoying spammers. The plugin will not only help you prevent spam messages on your blog, but also will try to limit access to your blog, so they won’t be able even to read it.

bad behavior Improve WordPress Security: 25 Essential Plugins + Tips

Exploit Scanner
Search the files and database of your WordPress install for signs that may indicate that the files or the database has fallen victim to malicious hackers. Even if it’s another scan plugin, it’s worth a try.

exploit scanner Improve WordPress Security: 25 Essential Plugins + Tips

User Spam Remover
The plugin’s name tells its functions, a popular plugin which will help you prevent and remove the unwanted spam messages.

user spam remover Improve WordPress Security: 25 Essential Plugins + Tips

Block Bad Queries
This plugin attempts to block away all malicious queries attempted on your server and WordPress blog. It works in background, checking for excessively long request strings (i.e., greater than 255 chars), as well as the presence of either “eval(“ or “base64″ in the request URI.

8 Essential Tips

Changing default “wp_” Prefixes

Your website might be at stake if you are using the predictable wp_ prefixes in your database. The following tutorial teaches you how to get them changed via phpMyAdmin in 5 simple steps.

You can also get this done with WP Security Scan plugin.

Hide login error messages

Error login messages may expose and give hackers an idea if they’ve gotten username correct/incorrect, vice versa. It is wise to hide it from unauthorized login.

To hide login error messages, simply put the following code in functions.php

[Source]

Keep wp-admin Directory Protected

Keeping “wp-admin” folder protected adds an extra layer of protection. Whoever attempts to access files or directory after “wp-admin” will be prompt to login.

Protecting your “wp-admin” folder with login and password can be done in several ways:

  • WordPress plugin – Using the WordPress AskApache Password Protect plugin.
  • cPanel – If your hosting supports cPanel admin login, you can set protection easily on any folder via cPanel’s Password Protect Directories graphical user interface. Find out more from this tutorial.
  • .htaccess + htpasswd – Creating a password-protected folder can also be done easily by setting the folders you want to protect inside .htaccess and users allowed to access inside .htpasswd. The following tutorial shows you how to do it in 7 steps.

Maintaining backups

Keeping backup copies of your entire WordPress blog is as important as keeping the site safe from hackers. If the latter fail, at least you still have the clean backup files to revert.

Prevent directory browsing

Another big security loophole is having your directories (and all its files) exposed and accessible to public. Here’s a simple test to check if your WordPress directories are well protected:

  • Enter the following URL in browser, without the quotes. “http://www.domain.com/wp-includes/”

If it shows blank or redirect you back to home page, you are safe. However, if you see screen similar to the image below, you are not.

protect directory file listing Improve WordPress Security: 25 Essential Plugins + Tips

To prevent access to all directories, place this code inside your .htaccess file.

Keep WordPress core files & Plugins updated

One of the safest ways to keep your WordPress site safe is to make sure your files are always updated to the latest release. Here are couple of ways (practices) you can do:

  • Login to Dashboard often – A yellow notification will appear at the top of the Dashboard if update is available. Login often and keep yourself updated to the latest copy of WordPress core files.
  • Deactivate and remove unused plugins – Unused plugin will eventually get outdated and may pose a security risk. If you are not using it, delete it.
  • Subscribe to WordPress Releases RSS.

Pick a Strong Password

Is your password safe? A strong and safe password is more than just something memorable with numbers (e.g., john123). For starters, it should consist of more than 12 characters with the combination of numbers and alphabets in lower and uppercases.

Here are some applications that allow you to generate strong password:

Remove admin user

A typical installation of WordPress comes with a default user named “admin”. If that’s the username to your WordPress site, you are already making hacker’s life 50% easier. Using user “admin” should be avoided at all times.

A safer approach to logging into your admin securely is to create a new administrator and have “admin” removed. And here’s how you do it:

  1. Login to WordPress admin panel
  2. Go to Users -> Add New
  3. Add a new user with Administrator role, make sure you use a strong password.
  4. Log out of WordPress, re-login with your new admin user.
  5. Go to Users
  6. Remove “admin” user
  7. If “admin” have posts, remember to attribute all posts and links back to the new user.

 

20 Helpful WordPress SQL Queries Snippets

There are endless reasons for editing the WordPress database, but there are always those SQL queries that are needed more than the rest. And that is what we have for you today.

Always Backup WordPress First

Your WordPress database stores every single one of your carefully written posts, every comment from your loyal readers and every setting that you have used to personalize your site. So, no matter how confident you are with your ability to use these SQL queries, please, please, always remember to backup your WordPress database first.

Here are some resources to help yo backup WordPress:

· WordPress Backups – Here you will find detailed instructions to back up your WordPress Site and your WordPress Database as well as resources for automatic WordPress backups (plugins).

· How to Backup the WordPress Database – PhpMyAdmin – This less detailed tutorial will show you how to backup your WordPress database in phpMyAdmin.

· WP-DB-Backup Plugin – WP-DB-Backup allows you to automate the backup of your core WordPress database.

Add a custom field to all posts and pages

This useful snippet will add a custom field to both posts and pages within your WP database. All you have to do is replace the ‘UniversalCutomField‘ to whatever name you like and then change ‘MyValue‘ to the value of your choice.

For posts only, use this snippet…

…and for pages only, use this code…

Source

Delete Post Meta

When you install or remove plugins they make use of the post meta to store data. After you have removed the plugin, the data will still remain inside the post_meta table, which of course, is no longer needed. Remember and change ‘YourMetaKey‘ to your own value before running this query.

Source

Identify Unused Tags

In a WordPress database, if you run a query to delete old posts, as the one above, the old tags will remain and appear in your tag cloud/listing. This query allows you to identify the unused tags.

Source

Batch Deleting Spam Comments

This little snippet was a life-saver a few weeks back when we had over 60,000 (really!) spam comments.
All you have to do is run this SQL command:

Source

Batch Deleting All Unapproved Comments

This SQL query will remove all of yourthe unapproved comments and will not touch your approved comments.

Source

Disable Comments on Older Posts

For this query, specify the comment_status as either open, closed, or registered_only. Also, specify the date by editing the 2010-01-01 to suit your needs.

Source

Disabling and Enabling Trackbacks & Pingbacks

For this query, specify the comment_status as either open, closed, or registered_only.

Globally enable pingbacks/trackbacks for all users:

Globally disable pingbacks/trackbacks for all users:

Enable/Disable Pingbacks & Trackbacks Before a Certain Date

For this query, specify the ping_status as either open or closed. Also, specify the date by editing the 2010-01-01 to suit your needs.

Source

Delete Comments With A Specific URL

If you have spam comments that all contain the same URL then this query allows you to remove them in one go. The following query will delete all comments with a specific url. The ‘%’ means that any url containing the string within the ‘%’ signs will be deleted.

Source

Identify & Delete Posts that are over ‘X’ Days Old

If you ever need to identify and delete posts that are over a certain amount of days old, then this snippet will help.

To identify any posts that are over ‘X’ amount of days run this query, remembering to replace the ‘X’ with the amount of days you are looking for:

To delete any posts that are over ‘X’ amount of days run this query:

Source

Removing Unwanted Shortcodes

WordPress shortcodes are great, but when you decide to stop using them, their code will stay within your post content. Here is a simple SQL query to run on your database to get rid of any unwanted shortcodes. Replace ‘tweet‘ with your own shortcode name.

Source

Change Your WP Posts Into Pages and Vice-Versa

Changing posts to pages is very easy, all you have to do is run this short SQL query through PHPMyAdmin:

… and if you want to change pages to posts use this snippet:

Source

Change Author Attribution On All Posts

The first thing you will need to do for this snippet is retrieve the IDs of the WordPress author. You can find this out by using the following SQL command:

Once you have the old and new IDs, insert the command below, remembering to replace ‘NEW_AUTHOR_ID‘ with the new authors ID and ‘OLD_AUTHOR_ID‘ with the old.

Source

Batch Deleting Post Revisions

Post revisions can be very useful, but they also considerably increase the size of your MySQL database. You could manually delete posts revisions, but a much quicker method would be to use this SQL query.

Source

Disable or Enable All WordPress Plugins

If you have ever been faced with the white screen of death and found yourself unable to login to the WordPress Admin after activating a new plugin, then this snippet will certainly help you. It will disable all plugins instantly, allowing you to log back in.

Source

Changing the Destination URL of a WordPress Site

Once you’ve moved your blog (template files, uploads & the database) from one server to another, the next thing you will then need to do is to tell WordPress your new address.

Remember and change ‘http://www.old-site.com‘ to your old URL, and the ‘http://www.new-site.com’ to your new URL.
The first command to use is:

Then you will have to change the url from the table wp_posts with this snippet:

And finally, you’ll need to do a search through the content of your posts to be absolutely sure that your new URL link is not messing with the old URL:

Source

Change the Default ‘Admin’ Username

Every WordPress installation will create an account with the default Admin username. Being able to change this default username, will give your WordPress admin panel additional security.

Change ‘YourNewUsername‘ to your new name:

Source

Manually Reset your WordPress Password

If you’ve only a single user on your WordPress installation, and the login name is admin. You can reset your password with just this simple SQL query, which once executed will replace PASSWORD with your new password.

Source

Search and Replace Post Content

To search and replace within the post content area of WordPress use the following code. Replace ‘OriginalText‘ with the original text you would like to change and replace ‘ReplacedText‘ with your new text.

Source

Changing the URL of Images

If you need to change the paths of your images, you can use this SQL command below:

Source

20 Snippets and Hacks to Make WordPress User-Friendly for your Clients

The snippets below will allow you to control almost all aspects of WordPress` Admin area and customize it to benefit your clients level of tech comfort.

Disabling Plugin Deactivation

This snippet is particularly useful if you have given a client plugin activation/deactivation privileges (allowing them to add new plugins themselves), but the site you have built requires some core plugins to function and should never be deactivated.
The code below will remove the ‘Deactivate’ links from whichever plugins you deem fundamental as well as removing the ‘Edit’ links from all plugins.

Paste this into your functions.php:

Source →

Disabling Theme Changing

Just like the Plugin Disabling code above, you really don’t want your clients tinkering or experimenting with any theme changes. The code below will remove the ‘Appearance’ menu option from the Dashboard.

Paste this into your functions.php:

Source →

Disable Top-Level Menus from the Admin Panel

Depending on your client, you may need to take disabling/hiding WordPress menu options even further. With this snippet you can hide whichever Top-Level Menu (Posts, Media, Links, Tools…) you need to.

Paste this into your functions.php:

Source →

Disable Submenus from the Admin Panel

Maybe your client doesn’t need the drastic action taken by the above snippets, and only needs some key sub-menu items disabled/hidden. This code will help.

Paste this into your functions.php:

The menu-ID:s are found in wp-admin/menu.php.

Source →

Restrict Admin Menu Items Based on Username

Say you want to restrict client access to certain Top-Level menu items, but you still want to maintain the full menu for the main administrator, this snippet will help.

Replace ‘clients-username’ and paste this code into your functions.php:

Source →

Remove Meta-Boxes from Posts & Pages Editor Screens

Publishing posts and pages are more than likely key to your clients business and probably the main reason you chose WordPress for them in the first place. To help avoid any confusion from within the posts/pages editor screens it could be helpful to remove unused meta-boxes (custom fields, recent comments, post tags…).

Paste this into your functions.php and edit as required:

Source →

Remove Pages Columns

Adding this code allows you to remove whichever column from the ‘Pages’ page you feel are not necessary to your client.

Edit as required and paste this snippet into your functions.php:

Source →

Remove Posts Columns

Similar to the snippet above, this code will remove columns from the posts page.

Edit as required and paste this code into your functions.php:

Source →

Removing Default Widgets from the Dashboard

The majority of the default Dashboard widgets may not be necessary to your non-tech client and could potentially be a disastrous distraction. This snippet will remove whichever widget you define from the Dashboard.

Paste this into your functions.php:

To view each widget’s call have a look at the Dashboard Widgets API page on the Codex.

Source →

Create Personalized Dashboard Widgets

When building themes for clients it could be useful, and appreciated, to create a personalized ‘Welcome’ widget on the Dashboard. This snippet will create a simple ‘Hello World’ widget, and can be easily edited to your own specifications.

Paste this code into your functions.php:

Source →

Add, Remove & Reorder Dashboard Widgets By Role

You may have a client that needs the WordPress Dashboard customized depending on user roles, by restricting editors or authors to all of admins details. This code will get rid of the ‘Incoming Links’ widget for authors and editors and then clean up some of the other boxes for everyone.

Paste this into your functions.php:

Here’s a list of how to unset each of the current default dashboard widgets:

Source →

Remove Author Metabox/Options & Move to Publish MetaBox

This code will remove the Author MetaBox and Screen Options and then add those option into the publish metabox.

Paste this into your functions.php:

Source →

Add or Remove Links to the New WP Admin Bar

The new Admin Bar gives you quick access to all of the main areas of your site, like creating a new post or page, moderating comments or modifying widgets. The snippets below will allow you to add or remove any links.

This snippet will add links to the admin bar. Paste into your functions.php:

This snippet will remove links from the admin bar. Paste into your functions.php:

Source →

Show an Urgent Message in the WP Admin

This snippet will allow you to shows a custom message to any logged in user. Particularly useful if you need to inform a client/user that they have done something wrong.

Firstly, paste this into your functions.php:

Next, add a hook to the admin notices function to show your custom message:

Source →

Hide the WordPress Upgrade Message

You may have clients who do not want to deal with any maintenance updates. For those clients, using this snippet, you can hide the WordPress Upgrade Message.

Paste this into your functions.php:

Source →

Simpler Login URL

The default URL for logging into your WordPress powered site is: http://yoursite.com/wp-login.php. To make things easier, or at least more memorable, for a client you will need a cleaner URL like: http://yoursite.com/login

Paste this code in your .htaccess file before the default WordPress rewrite stuff:

Source →

Change the Dashboard Footer Text

When building a site for a client, it can be useful to be able to customize the dashboard footer text. This little snippet will do the job.

Edit “Your own text” and paste this into your functions.php:

Source →

Changing the WP Login Logo

When building themes for clients, one of their expectations may be to have some sort of company branding within WPs admin. The first page a client will ever view is the login screen and its very easy to customize by simply replacing the default WordPress logo with your clients company logo.

The new logo should be 326×82 pixels and copy it to your themes ‘images’ folder.

Edit ‘companylogo.png’ and paste this code into your functions.php:

Source →

Adding a Custom Dashboard Logo

The next step in customizing WPs backend is to replace the Dashboards logo. You will need to create a transparent (.gif or .png) image of 30x31px. Then, save that image in your theme’s image folder (/wp-content/themes/theme-name/images) and name it whatever you like.

Edit ‘custom-logo.gif’ and paste this snippet into your functions.php:

Source →

10 WordPress Plugins to Help Optimize Performance

WordPress has some really good plugins that can make a site load much faster, here are some  that will aid in improving and optimising your sites performance.

WP file Cache

This plugin implements object level persistent caching and can be used instead of the built in WordPress WP_Object_Cache. It will also aid in significantly reducing the load-time from your database. However, it should be noted that WP File Cache shifts the load from your database to your disk/file system and if Disk I/O is a bottleneck, file based caches will not help you.

Quick Cache (Alternative to WP Super Cache)

wp plugins 02 10 WordPress Plugins to Help Optimize Performance
This is a very useful plugin when it comes to optimizing your website’s speed. Quick Cache takes a real-time snapshot (building a cache) of every Page, Post, Category, Link, etc. These snapshots are then stored (cached) intuitively, so they can be referenced later, in order to save all of that processing time that has been slowing your site down.
It uses configuration options, that you select from the options panel.
Quick Cache uses advanced techniques that allow it to recognize when it should and should not serve a cached version of the file.

W3 Total Cache

This plugin helps to improve the sites’s performance via caching: browser, page, object, database, minify and content delivery network support. It improves the user experience of your site by improving your server performance, caching every aspect of your site, reducing the download times and providing transparent content delivery network (CDN) integration

 

WP Minify

wp plugins 03 10 WordPress Plugins to Help Optimize Performance
This plugin integrates the Minify Engine (a PHP5 app that helps you to follow several of Yahoo!’s Rules for High Performance Web Sites) into your WordPress blog, to combine and compress JS and CSS files to improve page load time. Some of its features include – debug tools, plugin hooks, support for minifying external files via caching, ability to pass extra arguments to minify engines etc.

Parallelize

wp plugins 01 10 WordPress Plugins to Help Optimize Performance
Parallelize allows automatically parallelizing WordPress attachement files (images or any files uploaded with the wordpress media features) across multiple hostnames, speeding page load. To assist caching, resources will always load from the same hostname.

WP smush.it

wp plugins 04 10 WordPress Plugins to Help Optimize Performance
This plugin reduces image file size and improves performance using the Smush.it API within WordPress. Every image added to the page is automatically run through Smush.it on the fly.

WP HTTP Compression

This plugin will allow your WordPress blog to output pages compressed in gzip format, if a browser supports compression. However, it should be noted that this plugin should not be used alongside WP Super Cache or WP Cache as those plugins are already implementing compression. Your blog will keep working but those plugins will stop caching new pages.
HTTP compression generally means a 60-80% REDUCTION in the size of your pages (broadband usage) as well as an INCREASE in download speeds of 3x to 4x.

Hyper Cache

This plugin is flexible and easy to configure cache system for WordPress. This is a new cache system for WordPress, specifically written for people who have their blogs on a low resource hosting provider. It can work even with hosting based on Microsoft IIS. Its features are easy to configure, easy to integrate with other plugins, global translator compatibility, redirects caching, auto clean system to reduce the disk usage and more.

WP Super Cache

This plugin generates static HTML files from your dynamic WordPress blog. After a HTML file is generated, your web server will serve that file instead of processing the comparatively heavier and more expensive WordPress PHP scripts.
99% of your visitors will be served static html files. Those users who don’t see the static files will still benefit because they will see different cached files that aren’t quite as efficient but still better than uncached.

DB Cache Reloaded

This plugin caches every database query within a given lifetime. It is much faster than other HTML caching plugins and uses less disk space for caching. DB Cache Reloaded ensures that a site works much faster and uses less disk space for cached files. It also makes sure that visitors always get actual information in sidebars and server CPU loads are as low as possible.

CDN tools

wp plugins 05 10 WordPress Plugins to Help Optimize Performance
This plugin is designed to help you drastically speed up your blog’s load time by loading data onto a content distribution network (CDN). It allows you to load Javascript and media files to an external server to drastically speed page loads. You can side load data to a commercial CDN or just load your larger JS libraries (Prototype, jQuery) for free from Google’s servers.