Posted on

Multiple Vulnerabilities in WordPress and way to secure it

We know that WordPress has Multiple Vulnerabilities. So that’s why your site can be hacked easily. I will discuss how to overcome this problem, I did not write down what the problem is. Because a lot has already been written about this. So I just discussed the remedy here.

First go to the / public_html / or / www / or / htdocs / folder or the sub-folder where you have installed WordPress with the FTP or Hosting Cpanel’s File Manager.

Now open the .htaccess file from the WordPress Installation Root folder.
Now copy and paste the following code.


# Start WordPress Vulnerabilities fixed
order allow,deny
deny from all
order allow, deny
deny from all
# End WordPress Vulnerabilities fixed

Once pasted, save the file.

Now go to the “wp-admin” folder and create a .htaccess file here and copy and paste the following code into the file as before.


# Start WP-Admin Vulnerabilities fixed
order allow, deny
deny from all
order allow, deny
deny from all
# End Wp-Admin Vulnerabilities fixed

Now save the file.

Now open the browser for testing and open the link as below

http://wordpresslink.ext/wp-admin/install.php

or

http://wordpresslink.ext/wp-admin/setup-config.php

If it shows 404 Error or Not Found type message, you will understand .. You have done the job successfully.

Now to add a little more security, go to / wp-content / themes / your used theme / folder and open the functions.php file.

Now at the very end of this file?> Copy and paste the following line before. By doing this, no one will be able to understand which version of WordPress you are using


[highlight]remove_action('wp_head', 'wp_generator');[/highlight]

Now your WordPress site is protected.

Posted on

Take care of MySQL database of WordPress site

Nowadays 90% of PHP based web scripts run on MySQL databases. And this database also needs some care. Fever is a small problem like cold but it stays in the database. It is possible to take good care of this MySQL database with phpMyAdmin. But for inexperienced people like me, this is very scary because the necessary information in the database can be erased by forgetting a little bit. Or running a SQL query as a hobby can be read in danger. Many people use PhpMyAdmin to back up databases. It is difficult to avoid danger without good possession.

Anyway, there is no benefit in talking so much. Let’s talk about work. Today I will talk about the care of the WordPress database. There are many plugins in WordPress Database Care that can optimize, repair (repair) the database and mail you with scheduled (regular) backups. Today I will talk about such a plugin. My personal preference is the WP-DB Manager. Let’s see what this plugin can do?

Features of the plugin:

  • Database Auto Backup
  • Database Repair
  • Database optimization
  • Restore backed up database
  • E-mailing the backed up database
  • Empty or delete a table

How to install?

Let’s know the installation method. Download the plugin and upload it to the plugins folder. Then create another folder named backup-db in the wp-content folder. Upload htaccess.txt inside wp-dbmanager to backup-db and rename it to .htaccess. Then activate the plugin.

The plugin is very easy to use. If you still have any questions, you can comment.

 

Posted on

Display all files including Excel, Word, PDF, PowerPoint in WordPress

Today I sat down to write about a nice plugin of WordPress. Many people now have a website and he is always looking for new options. Today you can embed Excel, Word, PDFs, PowerPoint, many types of files in a very easy way with a nice plugin. I am writing a detailed tutorial on this.

Google Docs Embedded Plugin

The name of the plugin is Google Doc Embedder. With it you can embed the file on your own server site. This means that these types of files can be read or viewed directly on the website.

Use the short code to display the file [gview file = “http: // link / to-your-file”]

Google Docs Embedder Features

You can easily embed all the files on your site, the list below.

  • Adobe Acrobat (PDF)
  • Microsoft Word (DOC / DOCX)
  • Microsoft PowerPoint (PPT / PPTX)
  • Microsoft Excel (XLS / XLSX)
  • TIFF Images (TIF, TIFF)
  • Apple Pages (PAGES)
  • Adobe Illustrator (AI)
  • Adobe Photoshop (PSD)
  • Autodesk AutoCad (DXF)
  • Scalable Vector Graphics (SVG)
  • PostScript (EPS / PS)
  • OpenType / TrueType Fonts (OTF, TTF)
  • XML Paper Specification (XPS)
  • Archive Files (ZIP / RAR)

Install the plugin:

  • Go to WordPress Admin Dashboard.
  • Now you have click on the “Plugins” menu and “Add New”.
  • Then type “Google Doc Embedder” in the search box and click on the “Install Button”.

 

Posted on

Everything about CSS font size

One of the most confusing aspects of web design is the determination of the font-size unit of CSS. There is no web designer who has not had this problem or got confused. There are 5 types of font size units for use in web design. These are – px, pt,% (percent), em and rem. The subject of measurement is different in these 5 types of units. The way they work is also different.

However, there is so much debate about which unit is more suitable or which unit is better to work in that it is difficult to choose which unit to specify. According to each designer, one unit is more effective. So before you choose, you should know the usage, working method and advantages and disadvantages of all the units so that you can work by choosing what you like without blindly using the unit taught by your coding teacher. However, in this case, keep in mind that it is not convenient to do your own work, but choose the type of unit that will create less error. So let’s not know about the current 5 running units.

5 units of font size (5 units to declare font-size):

px (pixel unit):
This is a very common unit, especially for web design. There is no match for those who work to convert the design to the web pixel perfect. But this unit has a big problem that very few designers notice. But the problem seems very obvious to me at least. The problem is –

Everyone knows that now almost all tabs or similar devices have a width of 1024 pixels or in some cases more. But you know, 1024 pixels is the resolution of a small desktop monitor. Speaking of which, the 1024 pixel desktop monitor is 14 inches whereas the display size of many tabs is 8 inches. So you can understand that 1024 pixels are shown in 6 inches. That means a display smaller than half the size for the same resolution. Now imagine if a 12-pixel text could be seen better on a 14-inch monitor than on a small 6-inch display. If you still don’t understand, try browsing the same design on two monitors, then you will understand.

So if you have to use the pixel unit to make your design pixel perfect or for any other reason, then look at this issue. Take a look at the size of the font used on a large monitor, it is not a problem to see it on a small device. And if possible, use a font that replaces a font that looks as small as it can be seen clearly. And the rules for using this font size unit are as follows:

font-size: 14px;

pt (point unit):
It is basically more popular in print media. 1 point is 1 part of 72 of 1 inch. It’s about the size of a pixel. However, the difference from pixels is that you can measure with a scale using this unit, but not in the case of pixels. This means that if you print an image in pixels, you can no longer measure how many pixels it contains. The problem I am talking about in the case of pixels with the screen of the tab also exists in this case. The use of this unit is as follows:

font-size: 14pt;

percent (%) (percent units):
In the case of px and pt, the problem with tabs or small devices can be solved with the use of percent units. The root font has a default size for any device. This means that if the font-size: 100% means 12 pixels on a large screen of 1024 pixels, it is usually more in the case of small devices. That means in that case the font-size: 100% can be 14 pixels. Then there was no problem with the tab in this case. However, in all cases, the root value is not calculated. In this use, any sub-element relates to its parent element. This means that if you give the font size of a ul 120%, it will probably be 14.4 pixels. But if there is a ul in any li inside it, then the font size of that ul will be 16.28 pixels and if there is another ul inside it, then its font size will be 20.84 pixels. How? The first ul was 120%, now if 100% = 12 px then 120% = 1.2 * 12px = 14.4px. This time, in the case of the next ul, it will not compare with the original font but with its parent element. So in this case the font size of the parent is 14.4px so its font size will be 14.4 * 1.2 = 17.28px, thus later again 17.28 * 1.2 = 20.74px; So understandably, it also has limitations. However, in this case, it should be used as follows:

font-size: 120%;

em (EM unit):
EM is a popular unit for use on the web. It is widely used. Its type of work is much like a percentage. 1 em = current font size. So you can understand that EM also has problems with sub-elements like a percentage. Even after that EM has become quite popular. There was no doubt about its popularity if the rem did not come. Its use is as follows

font-size: 1em;

rem (REM unit):
Personally, this is my favorite unit. Because it solves all my problems. Although sometimes I use rem and em mix for fonts. Its unit system is like em and%. The only difference is that it always relates to the root font size. That means 100% = 1rem of the device or browser. In other words, the problem of parent and child has been solved after it came. Although many designers are not yet aware of this unit. The font-size in the rem unit is:

Font size too: 1 RAM;

So if you have read this post, you must understand which font size unit is more reasonable to use or which is better for you.

Posted on

Ways to stop WordPress spam

If you have a site that is open to user registration, you may encounter a problem sooner or later. What is that? Spam !!! Spam is always a big problem for WordPress. Here is an example:
There are various websites or tools through which you can see how many users you currently have on your website. Suppose you are receiving an email as soon as you register a new user on your website as an admin. After receiving the email, you enter the website or tools to see how many users your website currently has. You see, there are no users on your website right now. So where did the new user registration email you received come from?

This is spam! The link to the registration page of your website is always the same. Not just your website, but most website registration pages always have the same link (eg: www.domain.com/login). There are many software through which registration can be done on the website automatically.

How do spam users affect on your site ?

  • Unsolicited posts: They may post links to spam sites on your site that become backlinks to their site in search engines.
  • Decreasing your website speed: Registering too many spam users can increase the size of your database and affect performance.
  • Hacking: Sites can be hacked by spam accounts to find out the weaknesses of your site.

There are two ways to protect your website from spam users:

Stop Spam Registration: You can use the captcha to prevent spammers. Here are four great plugins for WordPress:

Delete spam users who have already registered on your site:  If you have not taken preventive measures and your database is now loaded with spam users, the following plug-in may help you to delete this account:

 

 

Posted on

Only show posts by the login author on the dashboard

If you have a multi-author based site, then by default everyone will be able to see the post-panel of others besides their posts. Although I can’t edit them. If you are the admin of the site, you will want to hide the posts of any other author. And that makes sense.

So let’s see how you can show only the posts of ঐ logged in Author on the dashboard to a specific Author. The work is very easy. There are many ways. I picked up the easiest of them all.

From Dashboard Appearance> Editor. Go to your theme’s function.php. And add the code below.


add_action( ‘load-edit.php’, ‘display_authors_posts_only’ );
function display_authors_posts_only() {
global $user_ID;
if ( current_user_can( ‘edit_others_pages’ ) ) return;
if ( ! isset( $_GET[‘author’] ) ) {
wp_redirect( add_query_arg( ‘author’, $user_ID ) );
exit; } }

Diameter. You’re done. : D

Posted on

Create your own custom widget

The WordPress Widget makes it so easy for WordPress users that it can be used anywhere on the site with just a drag and drop. There are many WordPress themes or plugins on the market that allow widget users to create their own layouts. Plugins are even available for widget management. Today’s post will show you how to create a custom WordPress widget for yourself.

What is a WordPress widget?

WordPress Widget is basically designed to help its users to design and structure the site in a simple way. The most interesting thing about using WordPress widget is that you can use it in any sidebar or widget ready area by dragging and dropping on your site. This is a very useful tool for WordPress theme developers or plugin developers which multiplies the speed of their work. They create functionality for the site through various programming and the user can use them where they need to customize their site according to their needs. This is possible only because there are WordPress widgets. You can also create your own custom WordPress widget and use it as a drag and drop on your site.

Creating custom WordPress widgets

You need to paste the code given below in the functions.php file of the theme. The code that is kept for you here will greet the visitors.


// Widget description
array( ‘description’ => __( ‘Sample widget based on WPBeginner Tutorial’, ‘tortoizthemes_widget_domain’ ), )
);
}
// Creating widget front-end
// This is where the action happens
public function widget( $args, $instance ) {
$title = apply_filters( ‘widget_title’, $instance[‘title’] );
// before and after widget arguments are defined by themes
echo $args[‘before_widget’];
if ( ! empty( $title ) )
echo $args[‘before_title’] . $title . $args[‘after_title’];
// This is where you run the code and display the output
echo __( ‘Hello, World!’, ‘tortoizthemes_widget_domain’ );
echo $args[‘after_widget’];
}
// Widget Backend
public function form( $instance ) {
if ( isset( $instance[ ‘title’ ] ) ) {
$title = $instance[ ‘title’ ];
}
else {
$title = __( ‘New title’, ‘tortoizthemes_widget_domain’ );
}
// Widget admin form
?>

<label for="”get_field_id( ‘title’ ); ?>”>
<input id="”get_field_id( ‘title’ ); ?>” name=”” type=”text” value=”” />

<!–?php
}
// Updating widget replacing old instances with new
public function update( $new_instance, $old_instance ) {
$instance = array();
$instance[‘title’] = ( ! empty( $new_instance[‘title’] ) ) ? strip_tags( $new_instance[‘title’] ) : ”;
return $instance;
}
} // Class tortoizthemes_widget ends here
// Register and load the widget
function tortoizthemes_load_widget() {
register_widget( ‘tortoizthemes_widget’ );
}
add_action( ‘widgets_init’, ‘tortoizthemes_load_widget’ );

Now go to your dashboard Appearance »Widgets, drag and drop the Techonlinebd widget to any of your sidebar areas. Visit the site to see what you have done for your site.

Isn’t that a very common job? I hope the post will be useful to you, if you have created a widget through it, please comment and request to give the link. Stay well.

Posted on

WordPress keyboard shortcuts

WordPress is the most popular content management system (CMS) blogging software. It is an open-source (free) blogging software. Blogs can be created in WordPress without any coding knowledge. Most web developers use WordPress. Because WordPress is the best way to create a dynamic site or blog. We use shortcuts to complete any task quickly. My post today is about WordPress keyboard shortcuts.

WordPress keyboard shortcuts:

  • Link: Alt + Shift + A
  • Bold: Ctrl + B
  • Align Center: Alt + Shift + C
  • Strikethrough: Alt + Shift + D
  • Edit HTML: Alt + Shift + E
  • Align Left: Alt + Shift + F
  • Full Screen editing: Alt + Shift + G
  • Help: Alt + Shift + H
  • Italics: Ctrl + I
  • Align Full: Alt + Shift + J
  • List Item (li): Alt + Shift + L
  • Insert image: Alt + Shift + M
  • Check Spelling: Alt + Shift + N
  • Ordered List (ol): Alt + Shift + O
  • Publish the Post: Alt + Shift + P
  • Blockquote: Alt + Shift + Q
  • Align Right: Alt + Shift + R
  • Unlink: Alt + Shift + S
  • Read More: Alt + Shift + T
  • Unordered List: Alt + Shift + U
  • Advanced Editor: Alt + Shift + V
  • Unquote: Alt + Shift + W
  • Redo: Ctrl + Y
  • Undo: Ctrl + Z
  • Advanced Editor: Alt + Shift +Z
  • Various header sizes: Ctrl +Number (eg: Ctrl+1,2,3,4,5,6)

To enable WordPress keyboard shortcuts to go to Administration> Users> Your Profile. If you like it, please comment. Thanks, everyone for reading my post.

 

Posted on

With code to view maintenance mode on WordPress site

Working on our site or blog panel or dashboard is a daily occurrence. But if the work is such that it is not possible to display the content on the homepage at this time. Or in a word: do not allow anyone on your site at this time. What to do then? Then you have to show a message of maintenance mode on your homepage. And we use different types of plugins to do this. But using the plugin makes the site relatively heavy which makes your site take longer to load. So if you wish you can do this on your WordPress site with a shortcode. And all you have to do is:
You need to copy the code from below and add it to the functions.php file.


function wpexplorer_maintenance_mode() {
if ( !current_user_can( 'edit_themes' ) || !is_user_logged_in() ) {
wp_die('Maintenance, please come back soon.');
}
}
add_action('get_header', 'wpexplorer_maintenance_mode');

As long as this code is in the functions.php file of your WordPress site theme, if someone enters your site, it will show you the message of maintenance mode which is in the above code where Maintenance, please come back soon. Replace there. Thanks.

Posted on

Different User Roles of WordPress and their work

You must have noticed that there are 5 types of User Roles in WordPress. Administrator, Editor, Author, Contributor and Subscriber. However, if you wish, you can create a new type of User Role.

Each of these 5 types of users has different scope of work, capabilities and limitations. The list of different User Roles of WordPress in the order of power is as follows:

Subscriber:

These types of users can do virtually nothing. By registering, they become members of that site, but they can’t post anything. If so, you will not allow comments on your site without a registered user; But if you don’t want them to post, you can use this roll.

  1. They can comment.
  2. Be able to update your profile.

Contributor:

This type of user will be able to post. But their posts will not be published directly.

  1. They can comment.
  2. Be able to update your profile.
  3. Be able to post. Posts will not be published directly, there will be pending. Edit or delete text before it is published; But once published, you can no longer edit or delete. Cannot add Media (image or other files) to image.
  4. See comments from yourself and other posts.

Author:

They will be able to post and the post will be published directly. This roll is commonly used in blogs.

  1. Be able to comment.
  2. Be able to update your profile.
  3. Can post, the post will be published directly. Can edit or delete published text. Can add Media to posts.
  4. See comments from yourself and other posts. You can delete, edit, unapprove the comments of your post.

Editor:

They mainly do Moderation work.

  1. Be able to comment.
  2. Be able to update your profile.
  3. Will be able to post, the post will be published directly. Can edit or delete published text. Can add Media to posts.
  4. Can delete, edit, etc. the writings of others. If there is a Contributor level post pending, it can be published.
  5. Create a Page. You can delete, edit, etc. of your own or other’s page.
  6. Can delete the category of the post or add a new category.

Administrator:

They can do everything. Editor level can work on everything as well as changing themes, adding or deleting new themes, Activate, Deactivate or Delete plugins etc. It is also the administrator’s job to control the widget, menu, etc., various settings, even the site content (posts, pages, users, etc.) to export, import.