You must have noticed that there are 5 types of User Roles in WordPress. Administrator, Editor, Author, Contributor and Subscriber. However, if you wish, you can create a new type of User Role.

Each of these 5 types of users has different scope of work, capabilities and limitations. The list of different User Roles of WordPress in the order of power is as follows:

Subscriber:

These types of users can do virtually nothing. By registering, they become members of that site, but they can’t post anything. If so, you will not allow comments on your site without a registered user; But if you don’t want them to post, you can use this roll.

1. They can comment.
2. Be able to update your profile.

Contributor:

This type of user will be able to post. But their posts will not be published directly.

1. They can comment.
2. Be able to update your profile.
3. Be able to post. Posts will not be published directly, there will be pending. Edit or delete text before it is published; But once published, you can no longer edit or delete. Cannot add Media (image or other files) to image.
4. See comments from yourself and other posts.

Author:

They will be able to post and the post will be published directly. This roll is commonly used in blogs.

1. Be able to comment.
2. Be able to update your profile.
3. Can post, the post will be published directly. Can edit or delete published text. Can add Media to posts.
4. See comments from yourself and other posts. You can delete, edit, unapprove the comments of your post.

Editor:

They mainly do Moderation work.

1. Be able to comment.
2. Be able to update your profile.
3. Will be able to post, the post will be published directly. Can edit or delete published text. Can add Media to posts.
4. Can delete, edit, etc. the writings of others. If there is a Contributor level post pending, it can be published.
5. Create a Page. You can delete, edit, etc. of your own or other’s page.
6. Can delete the category of the post or add a new category.

Administrator:

They can do everything. Editor level can work on everything as well as changing themes, adding or deleting new themes, Activate, Deactivate or Delete plugins etc. It is also the administrator’s job to control the widget, menu, etc., various settings, even the site content (posts, pages, users, etc.) to export, import.

I will show you how to make WordPress custom widgets like your choice. To do this you need to follow some steps. Let’s start without exaggerating. You must know the widget ID number. To know the widget ID, you need to find out the web source and some inspector tools. This sample has a pages widget and contact form. You put it in the code as you need.

The code in bellow:


add_filter( 'widget_display_callback', 'hide_widget_pages', 10, 3 );
function hide_widget_pages( $instance, $widget, $args ) {
if ( $widget->id_base == 'pages' ) { // change 'pages' to widget name
if ( !is_page( 'contact' ) ) { // change page name
return false;
}
}
}


Many people use admin as a username when installing WordPress. So if you have a username with admin, delete it. Because when hackers try to hack your site, they will try to hack as the first weapon with admin username, because it is the primary tool to find various bugs. So there is no option to delete the default username “admin”, as well as give access to another new user as admin (it will help you to secure the WordPress site), User from Dashboard then add a new user and add a user with the mail address. Then login with the new account, and go to Users> All Users and delete the previous account named ঐ admin.

You also need to hide the WordPress version, the plugin directory, the wp-config.php file, and the wp-content directory. First hide the WordPress version, to do this login to your hosting account go to file manager, from there find and remove the readme.html and license.txt files. Because they store all the information of the WordPress version of your site.

To hide the plugin directory, go to the .htaccess hosting panel, go to the code edit option, and put the code at the bottom.


# disable plugin directory browsing
Options -Indexes


To hide the wp-config.php file, add the code in .htaccess

order allow,deny
deny from all

 

To hide the wp-content directory, login to the C panel, then find the index manager and enter. Now you do WebRoot (public_html / www) then you click on wp-content. You will get 4/5 options. Select No Indexing and save it. Diameter, it’s done. This way you can keep your site away from hackers.

WordPress also shows some meta-information (Writer link, version, and RSD link of Windows Live) by default which hackers can take advantage of. Just leaving these codes on the site does not mean the angle to give hackers the opportunity to hack. However, to remove these, go to functions.php from the editor of appearance from the dashboard and put the following code.


remove_action( 'wp_head', 'wlwmanifest_link' ) ;
remove_action( 'wp_head', 'rsd_link' ) ;
remove_action( 'wp_head', 'wp_generator' ) ;


If you try to login with the wrong username, again and again, the login error message in WordPress will be ERROR: “Invalid username or password”. Many times hackers use it, a simple trick can protect you from possible hacking. To prevent this message from showing, go to functions.php and enter the following code.

WordPress is a very popular platform for blogging. Most bloggers nowadays use WordPress for professional blogging. The aesthetic design and SEO of the site is just as important as the WordPress-based site to bring good traffic, as well as the loading speed of the site to attract visitors. Because when a visitor first visits your site, it is very important to get his attention within a few seconds or the visitor will not stay on your site for a long time and will bounce to another site. Not only the bounce of the visitors of the site but also the page load speed of the site is very important in the case of Google search ranking. So if you are not aware of the loading speed of the site today, you will lose visitors as well as the long-term benefits of the site’s SEO.

Here are 10 simple tricks you can follow to greatly increase the speed of your WordPress site:

1. Choosing a good host: Choosing a good host for a WordPress site is very important. Many people use shared hosting for their WordPress site, which results in more traffic to the site due to limited bandwidth. So shared hosting should be avoided to increase the speed of the site.

2. Choosing Solid Frameworks or Themes: You may be surprised to hear that the default themes in WordPress, especially in Twenty Ten or Twenty Eleven Frameworks, load the site a bit faster because they are light frameworks.

3. Use effective cache plugins: WordPress plugins work fairly well, but cache plugins work the most, especially the W3 Total Cache plugin, which works much better in reducing page load time. WP.org has many such free plugins that are very easy to use.

4. Using a Content Delivery Network or CDN: Content Delivery Network or CDN is a type of third party system that maintains the static files on the site which in most cases increases the loading time of the site pages.

5. Image Optimization: The larger the image size of the site, the lower the page loading speed. Yahoo has a site called Smush.it that reduces the size of the image while keeping the original quality of the image intact. There is also a free WordPress plugin called WP-SmushIt that automatically optimizes the image of the site.

6. Optimizing the homepage of the site: People usually land more on the home page, so it is very important to optimize the home page to reduce the loading speed of the site. There are several ways to optimize a home page

• Using Excerpt instead of showing the entire post on the home page.
• It is not advisable to have more than 5-6 posts on the home page.
• Don’t use unnecessary sharing widgets.
• Removing unnecessary plugins.
• Keep the homepage to a minimum because readers will come to read your blog, not thousands of wizards will come to your blog…

In general, a clean and focused homepage not only makes the blog look beautiful but also increases the loading speed of the site.

7. Optimizing WordPress Database: To my knowledge, the WP-Optimize plugin is very good for optimizing WordPress databases. Also the WP-DB Manager plugin works well. Basically this plugin keeps a date schedule to optimize the database.

8. Disabling Hotlinking and Leaching of Content: This problem usually arises when other sites link directly to your site through the image of their article and load the server. So if you regularly create custom images on your site, it is possible to greatly reduce the loading speed of the site.

9. Avoid excessive post drafts: When we write a post, we take a break in the middle of the writing or post-draft to give revision at the end of the writing. But if the post is published after the completion of writing, if it is in the draft, it reduces the loading speed of the site. In this case, the Revision Control plugin works well for post-draft control.

10. Adding LazyLoad to an image: LazyLoad is a process that loads the image of a post only when the visitor scrolls down the post or shows the first post while loading the site. The LazyLoad process basically does not load the images of all the posts at once so the loading speed of the site increases. You can use the jQuery Image Lazy Load plugin to do this automatically.

I hope you have benefited from reading today’s article. If you like the article, you must share it.

In this post, I will show you how to show visitors IP address in WordPress. You can create your own IP address detection site using these codes. So whenever a visitor visits your blog or website, he will be able to see his own IP address.

For this, you need to do two things. The first is to open the function.php file of your theme and copy and paste the following codes into the file.


/check ip from share internet
$ip = $_SERVER[‘HTTP_CLIENT_IP’];
} elseif ( ! empty( $_SERVER[‘HTTP_X_FORWARDED_FOR’] ) ) {
//to check ip is pass from proxy
$ip = $_SERVER[‘HTTP_X_FORWARDED_FOR’];
} else {
$ip = $_SERVER[‘REMOTE_ADDR’];
}
return apply_filters( ‘wpb_get_ip’, $ip );
}

add_shortcode(‘show_ip’, ‘get_the_user_ip’);


The first task was over. Now it’s time to start the second task. The second task is much easier. If you want to show the IP address of users in your post, page, or any specific WordPress widget, enter the following shortcode.

[show_ip]

We hope that after reading this post you will understand how to show IP address in WordPress widget

If you have any questions you can let us know by commenting below.

Open Source and User-Friendly WordPress is the most popular content management system in the world. Another reason for its popularity is that it is a CMS with which you can easily create any type of website with a little technical knowledge, be it blog, e-shop, or learning management system.

However, due to being open-source, its source code is within the reach of everyone. So hackers can easily find the WordPress security bugs. So if you use WordPress, you must think a little about WordPress security. If you follow the following 10 steps, you can be fairly safe from all these security bugs.

10 WordPress Security Tips to Survive WordPress Site Hacking

1. Do not use the username ‘admin’
This is only done by those who are new to WordPress. But the thing is that this is the username of a large number of sites in the world. This is because, in previous versions of WordPress, it was the default username. Although I do not agree to give the title of a hacker to those who use it. However, many sites are hacked every year just because of the use of this username. So there is nothing to avoid here.

2. Use the login lockdown system
One of the favorite hacking systems of website hackers is brute force. Where they try to log-in to the same website using a large number of possible username and password combinations. It may seem impossible for you to hack like this. But to them, it is very straightforward. This is because they use a variety of software to do this, which can quickly run several (even a few thousand) log-in attempts. And this way you can try to log in again and again, any such site can be hacked. Hackers even hack several sites using a dictionary attack (a combination of certain users and passwords that are common around the world). Now the question is how do you live? Follow the very simple procedure. Set a login limit on the site. This means that if someone tries to log in more than 3 times but is not successful, they may see a captcha code next time. Or his IP will be blocked. There are several reliable plugins that you can use to do this.

3. Visitors do not need to hide such information
There is a lot of information that WordPress site shares but which visitors do not need to know. But sharing some of this information is dangerous for you. For example, the WordPress version. There are also many plugins to hide such information.

4. Remove the wp-config.php file
For those who are not familiar with WordPress backend, let us first introduce wp-config.php. This is a file in the WordPress root directory that connects the database to your WordPress directory. Here are the names, usernames, passwords, servers, table names, etc. of your WordPress related database. This means that if someone gets this file, they can access and change it anywhere on your site. So remove your wp-config.php file from the root directory of WordPress and move it to another folder. This will not be a problem for WordPress. Wherever it is, WordPress will find it.

5. Change the table prefix
Normally when you install WordPress, the prefix of its table is wp_. Which is mentioned in your wp-config.php file? Since it is open-source, if you leave the prefix like this, the hacker already knows what the prefix of your tables is. So if you want to survive, change your table prefix from wp-config.php before installing WordPress.

6. Use the secret key
When you open the wp-config.php file, you will see the following 4 lines.

define('AUTH_KEY', '');
define('SECURE_AUTH_KEY', '');
define('LOGGED_IN_KEY', '');
define('NONCE_KEY', '');


I am surprised to see that many veterans do not use these keys. Secret keys work to make your password stronger. Generate and copy these keys by visiting here: http://api.wordpress.org/secret-key/1.1/. Now add these to wp-config.php.

7. Hide your / wp-admin
wp-admin or wp-login.php Whatever you say, there are many tools to change its name. Suppose you change the wp-admin of your site using a plugin my site admin. Now if anyone goes to yoursite.com/wp-admin then he will get 404 error. To log in, go to yoursite.com/mysiteadmin. So you can protect yourself or your company from hacking to make such changes. However, this cannot be done on community blogs.

8. Beware of using plugins
Don’t use three plugins. Especially in cases where the plugin works with your special data which can cause problems on your site is hacked, you must review it and see how reliable it is. It is wise to break the loop and add something between them without using such plugins and in that case, add that facility manually.

9. Refrain from using free themes
Many people download and use free themes or premium themes for free. Be careful if you have to do this alone. Check if there are any security bugs in it. There are many sites to check online. However, I have doubts about whether the checking site is reliable. There are also some bugs in the use of purchased premium themes. But I will post another post later on how to choose a bug-free and high-quality theme.

10. Keep backups
Make regular backups of your site. Almost all premium themes now have this option built-in. If not, you can use any plugin or do it manually. However, it is advisable to use a system that will send auto backups to any of your web backup accounts from time to time.

There are many more WordPress security rules. For example, always keep the site’s WordPress, themes, plugins updated. Be careful when choosing hosting etc. I did not share anything more than today. Hopefully, you will spend enough time on the security of your site.

I don’t think there is a need to give a big lecture or introduction about WordPress. Over the past few years, WordPress has moved faster than any other content management software (CMS). Thousands of web sites are coming under the banner of WordPress every day. But you know what? Almost all of these thousands of web sites are at risk of not doing something urgent. And today’s post is about these urgent tasks.

Remember, if you have WordPress already installed on your site, you should do these 10 things! Otherwise, your site may be in danger or fall into any trouble, or maybe the site will be heavy, which you will not notice, but slow speed visitors will understand.

When he came, he went to work without lecturing.

1. Delete Delete Delete

Just installed, and now delete? Bad head or not? No brother, the head is fine. You should delete some items after installing WordPress. That is what I will say.

A. First, you have to delete the default admin name. This means that the user name that is given when installing WordPress, in general, is admin. And that’s what almost everyone leaves out. That’s a mistake. Because when a hacker tries to hack, he will first try with the admin username. Because almost everyone uses it. So if your admin username is admin, delete it now. What to do? I say the easy way. First login with admin username. Then go to Users> Add New and create a new admin account, whose username will be anything other than admin. Then log in with that account, and again go to Users> All Users and delete the previous ঐ admin account. Became the diameter.

B. Now go to your hosting control panel and delete both license.txt and readme.html files from Filemanager. Because these two files contain all the information about your current version of WordPress. As a result, hackers or attackers can see and understand where the security problem of the site may be.

C. Delete unused themes and plugins. However, do not delete Akismet in any way. Talking about it later. Also, delete unused themes and plugins.

2. Change Permalink Structure

Permalink Structure is the style of links to everything including the text/page of a site. Let me give you an example of some links.

http://example.com/mobileo/6484

http://example.com/2020/11/01/example-post-name/

http://example.com/?p=100

http://example.com/example-post-name/

You see, there is one link type after another. This way you have to decide what will be the Permalink Structure of your site. However, if the name is usually English, then it is better to use the name of the post in the URL. But be careful if it is Bengali. In many cases, Bangla Link does not work properly if it is shared in many places including Facebook. The most popular of the Permalink Structure is: http://example.com/%postname%/%post_id%/

To do this you need to go to Settings> Permalinks.

3. Launch the Akismet plugin

This is why I said earlier not to delete Akismet. It is built-in in WordPress. If it is activated, any spam comments and trackback spam on your site will be deleted instantly. You don’t have to worry about that. To activate it, go to Plugins> Installed Plugins and click on the Active button. You have to do a free registration from their site. Activate your Akismet with an API code, and rest assured.

4. Upload the theme

You should upload a theme after installing WordPress. And it should be fixed in advance. And always use paid themes to use themes. Free themes usually have a lot of problems, more use, and fewer updates. But paid themes keep updating all the time, and repair work continue with various issues. After all, these are a little less sold, so you may not see a site like yours yourself, but there are a lot of sites with the same design for free.

The following tasks need to be done in functions.php.

5. Remove WordPress Meta Information from Header (wp_head)

By default, WordPress contains some meta-information. Such as the WordPress version, RSD link, and Writer link of Windows Live. These are of no use to anyone except hackers. So why keep this code? To remove, copy, and paste the following code into functions.php.


remove_action( 'wp_head', 'wp_generator' ) ;
remove_action( 'wp_head', 'rsd_link' ) ;
remove_action( 'wp_head', 'wlwmanifest_link' ) ;


6. Remove excess feed links from header (wp_head)

WordPress alone creates a variety of additional feeds, including main feeds, comment feeds, single post feeds, category feeds, and archive feeds. Search engines never count those extra feeds outside of these feeds. So they should be removed. Copy and paste the following code into functions.php to remove any additional feeds, leaving useful feeds with the main feed.


remove_action( 'wp_head', 'feed_links', 2 );
remove_action( 'wp_head', 'feed_links_extra', 3 );


7. Hide or remove WordPress login errors

Usually when logging in to WordPress, if someone gives the wrong username, WordPress shows an error, ERROR: Invalid username. You may think that this is very good, but it is not. It will help hackers more than it will help your users. Because if they try this way, they may get a username, then they can attack the password. So refrain from showing login errors using the code below.


function themepacific_login_errors(){
return 'Nice Try!! Go Away!!';
}
add_filter( 'login_errors', 'themepacific_login_errors' );


WordPress core files and .HTACCESS

8. Prevent users from accessing your WordPress folder structure

Normally users can access your WordPress folders just like a computer folder, so they can easily get access to all your files. For example, if you go to the example.com/wp-content/uploads/ folder, you can see all the pictures, videos, audios, other files you have uploaded. You should stop it. There are two ways to do this.

A. Create a blank index.php file in the folder that has no file named index.php, including the wp-contents folder.

B. This method is easy to see but actually a little complicated. Moreover, a little mistake can cause the site to crash. So before doing this, you need to back up the .htaccess file from the home directory. When backing up, open the .htaccess file and add the following code to it.


Options All -Indexes


9. Turn off post revision

WordPress copies older versions of each post, making your database much larger. This is a problem with your site. So to avoid copying this old version, copy the following code to the wp-config.php file.

define( 'WP_POST_REVISIONS', false);

10. Exclude WP Core Files and Scripts from Google Indexing

All other search engines including Google can easily crawl and index all script files including your theme. This can make your site’s SEO worse or reduce your page rank. So you should protect the site from these files being indexed. Open the .robots.txt file from the WordPress home directory and copy the code below.


User-agent: *
Disallow: /wp-admin/
Disallow: /wp-includes/
Disallow: /wp-content/themes/
Disallow: /wp-content/plugins/


Today I will share how you can easily change the word “Howdy” in WordPress. Many use the plugin crane to change the “Howdy” text, while others use the function.php extra code. But today I will show you how to easily change the text “Howdy” without any plugin or code. Just replace “Howdy” with whatever you want. Such as HI, Hello, or Welcome.

Then see how to replace “Howdy”.

First, you go to your Hosting Panel with a file manager or FTP.

Then open your wp-includes folder

Now open the admin bar.php file and look at line 197

$ howdy = sprintf (__ (‘Howdy,% 1 $ s’), $ current_user-> display_name);

Change what you want

$ howdy = sprintf (__ (‘Hi,% 1 $ s’), $ current_user-> display_name);


Note: You must back up the admin bar.php file before editing

What is WordPress ?: –

In a word, WordPress is an open source platform !! If you want to understand better, I will tell you exactly like this: – You are reading my writing at the moment, right? Well did I write it on a piece of paper and send it with a post box? Of course not. Then you would look at the paper taken from the peon, not the monitor, but you are not doing that. You are looking at the monitor. So who is WordPress? WordPress is a paper that is changing in technology. In which there is no need to write, no ink pen or no need to send the writing to anyone else, no letter envelope or post box !! 😉 WordPress.com Versus WordPress.org. What is the difference between them? Only if there is a keyboard and net line. So we came to the conclusion that “WordPress is a digital writing platform as a result of technology! Which is open to all. ”There are two types of WordPress. I hope many people know this. Those who have not been able to go yet should take it now.

1 / WordPress.com
2 / WordPress.org

WordPress.com

WordPress.com is completely free and open to everyone. You don’t have to go to any big, big job to create your own blog here. No HTML or PHP code to edit. Because here is a blog for you. If you are interested in creating a blog here, you do not have to spend any money. No need to buy a domain and hosting! And when you need to buy, you don’t have to worry about counting money every year. Suppose you create a blog. Suppose your blog name is my blog then the address will be myblog.wordpress.com. It’s your responsibility to turn to WordPress.com for free!

Let’s talk about the benefits: –

The advantage is that everyone here can create a blog without any magic, honey, pumpkin. And you don’t even have to create a blog here. ” What is the difference between them? . All you have to do is register by mail or report that I took it and added a member to WordPress + here you will get 4 GB space;) WordPress.com Versus WordPress.org. What is the difference between them? I think it’s a lot of space.

There will be advantages but there will be no disadvantages? It doesn’t happen.

If you want to make money by blogging here, then your hopes are dashed. Because Adsense not allowed here;) WordPress.com Versus WordPress.org. What is the difference between them? . This is not the end, there is more, you can not use any plugin, theme, code as desired here. The 2/4 that is fixed should be taken with: D WordPress.com Versus WordPress.org. What is the difference between them? But you will have to take the blog in your own name with 19 dollars !! There is no less trouble. Not now, I went there! Also plagued by many problems WordPress.com. Even after that “I love WordPress.com”. Now if you say why? Then I can’t answer. I will just say that not everyone likes one;) WordPress.com Versus WordPress.org. What is the difference between them?

WordPress.org:

Before leaving the stand, there is a saying, “If kids want to learn something, join WordPress.org in a group.” Is WordPress.org free? Hmmm! And the real thing is that it is also free and not free. If you take the free domain and hosting, it is free;) WordPress.com vs. WordPress.org. What is the difference between them? And if you buy it with money, it is not free 🙁 WordPress.com vs. WordPress.org. What is the difference between them? So let’s skip it. The other day it will be explained again and again: D WordPress.com vs. WordPress.org. What is the difference between them? Here you will find WordPress.o You don’t have to go around with rg. You can choose .com / .net / .info or .co.cc / .tk for free 🙂 WordPress.com Versus WordPress.org. What is the difference between them? And if you talk about the place, I will say it depends on you. The more you buy from the hosting company, the better. It can be 1 GB or 10 GB. All depend on ability and demand !!

Let’s talk about the benefits: –

The advantage is that it is inconvenient in WordPress.com. Even after that, I will say it briefly here again. Here you can design your own blog. There is no obstacle to do as you wish. HTML, PHP code will not allow anyone to distort the site in different colors, different designs, shapes. There are thousands, thousands of plugins and themes. Use as you wish. In fact, in a word >> own property. Site made with your own money. You can also build a 5-storey building here or dig a huge pond to cultivate foreign carrots.

Problems here

There is no comparative problem. And if there is a problem, there is a system to fix it. However, sometimes the server may be down. However, if you take a good domain and hosting without making it free without stinginess, then 99.9% of your time the site will be fine and the biggest thing is that you will have to write carefully !! 🙂 WordPress.com Versus WordPress.org. What is the difference between them? Sites like Free WordPress.com are not feared to be deleted. I’m finishing here today. If you like the article, I hope you will encourage me with comments. Goodbye, here today. Pray that I can come back later with a better and more instructive tune for you: D