WP-CLI secure all – Single-command WordPress security!

April 13, 2022April 13, 2022 TheSmithy

HomePage

NEW feature in >wp-cli to secure any WordPress instance in just 60 seconds.

One command to rule them all 🤘

80% of the attacks to WordPress instances could be mitigated by simply applying common security best practices [1].

wp secure all exactly does that for you. Via wp secure all common best practices are applied proactively, and you are ready to go.

What’s covered by secure all?

The security vulnerabilities identified in 2012 [2] are still the security vulnerabilities of today [1].

wp secure all made it its mission to fix this grievance and make security the defacto standard.

By executing wp secure all security best practices such as:

Fix permissions

Set the correct permissions of all files & directories in your WordPress installation.

Set security headers

We add HSTS (Strict-Transport-Security), X-XSS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy.

Disable file editor

Prevents hackers from using file editor on your WordPress Dashboard.

Prevent PHP execution on sensitive locations

To extend security, you can block direct access to PHP files in plugins, themes, wp-includes and uploads.

Block access to sensitive stuff

Prevent hackers from accessing sensitive files and directories.

And many more …

See the README for an overview of all features.

Change preview size of featured image in admin panel

May 3, 2021May 3, 2021 TheSmithy

WP introduced a new filter called admin_post_thumbnail_size for you to be able to change the default image size in the admin panel.

To change the size of the featured thumbnail image you can use something like this:

function custom_admin_thumb_size($thumb_size){
  return "banner-xs"; //or use something like array(400,400).
}
add_filter( 'admin_post_thumbnail_size', 'custom_admin_thumb_size');

Koko Analytics – An open-source analytics plugin for WordPress

August 28, 2020August 28, 2020 TheSmithy

Koko Analytics – An open-source analytics plugin for WordPress that does not use any external services and respects your visitors’ privacy.

Koko Analytics

view a demo of Koko Analytics here.

Features

Plug and play. After activating the plugin, stats will be collected right away.
No external services. Any data about your visitors never leaves your site.
No personal information or anything that could lead back to a specific visitor is tracked.
Fast. Koko Analytics can handle thousands of daily visitors or sudden bursts of traffic without breaking a sweat.
Option to not use any cookies while still being able to determine returning visitors and unique pageviews.
Option to exclude certain user roles from being tracked.
Option to automatically delete older data.
Built-in blacklist to filter referrer spam.
Compatible with pages served from cache.
Compatible with AMP powered pages.
Completely open source (GPLv3 licensed).
GDPR compliant by design.

Add bread crumbs (with the yoast plugin)

October 22, 2019October 22, 2019 TheSmithy

Enable breadcrumbs in Yoast:

Search appearance > breadcrumbs

Then add this somewhere in your template:

<?php
    if ( $post->post_parent ) { // optional only add breadcrumbs if the page is a child-page
      if ( function_exists('yoast_breadcrumb') ) {
        yoast_breadcrumb( '<p id="breadcrumbs">','</p>' );
      }
    }
  ?>
<?php

How to move the Yoast SEO Meta Box to the bottom

August 7, 2019August 7, 2019 TheSmithy

Place this in your theme’s functions.php file.

/*-------------------------------------
  Move Yoast to the Bottom
---------------------------------------*/
function yoasttobottom() {
  return 'low';
}
add_filter( 'wpseo_metabox_prio', 'yoasttobottom');

Disabling Gutenberg on certain templates

August 6, 2019August 7, 2019 TheSmithy

Disabling Gutenberg on certain templates

Using a plugin

The Classic Editor plugin is great for disabling Gutenberg site-wide, but is not a good choice for selectively using it on certain pages.

Gutenberg Ramp lets you disable Gutenberg on a per-post-type basis. You could use Gutenberg for posts, but keep the classic editor for pages.

Using a filter

We can use the use_block_editor_for_post_type filter for more fine-grained control. It passes two parameters:

$can_edit, boolean, whether Gutenberg should be used to edit
$post_type, string

commonWP

June 17, 2019June 17, 2019 TheSmithy

commonWP

Description

commonWP is a plugin that enables usage of free, public CDN (jsDelivr) for open source JavaScript and CSS files. Those files are:

All files from WordPress core, unless development version of WordPress is used.
All files from plugins hosted by WordPress.org Plugins Repository, unless author of specific plugin doesn’t use SVN tags for releasing.
All files from themes hosted by WordPress.org Themes Repository.
All files from plugins and themes hosted on GitHub that support GitHub Updater.
All files marked as available on npm in any type of theme, plugin, or MU plugin.

WP Test – Test your theme with Test data

December 10, 2018December 10, 2018 TheSmithy

WP Test
Github

WP Test is a fantastically exhaustive set of test data to measure the integrity of your plugins and themes.

This test data comes packed with lessons learned from over four years of theme and plugin support, and baffling corner cases, to create a potent cocktail of simulated, quirky user content.

Installation via WordPress Admin

Download the data from the repository.

Modern WordPress theme workflow with Sage 9 and Vue.js

December 10, 2018December 10, 2018 TheSmithy

article

Custom module developer guide

http://kb.wpbeaverbuilder.com/article/124-custom-module-developer-guide#overview

Create a plugin

Make a new folder in plugins: bb-plugin-custom
Create a php file with the same name: bb-plugin-custom.php
Copy-paste this in the file:<?php
/**
* Plugin Name: My Custom Modules
* Plugin URI: http://www.mywebsite.com
* Description: Custom modules for the Beaver Builder Plugin.
* Version: 1.0
* Author: Your Name
* Author URI: http://www.mywebsite.com
*/

define( ‘MY_MODULES_DIR’, plugin_dir_path( __FILE__ ) );
define( ‘MY_MODULES_URL’, plugins_url( ‘/’, __FILE__ ) );
function my_load_module_examples() {
if ( class_exists( ‘FLBuilder’ ) ) {
// Include your custom modules here.
}
}
add_action( ‘init’, ‘my_load_module_examples’ );
Edit the information such as Plugin Name and Author. You should also rename the constants MY_MODULES_DIR and MY_MODULES_URL to match your plugin’s namespace, keeping the _DIRand _URL suffixes.

Add a module to your plugin

Overriding built-In modules

Any of the built-in modules can be overridden within your theme by following the steps below.

1. Create a new folder in your theme’s folder named fl-builder.

2. Create a new folder within your theme’s fl-builder folder named modules.

3. Copy the module you wish to override from wp-content/plugins/bb-plugin/modulesto your theme’s fl-builder/modules folder.

That’s it! You can now start editing the module to suit your needs. Note that even though you can customize the module’s code, the module’s folder name, main PHP file name, and main class name must remain unchanged to be recognized by the builder.

If you’re not seeing your changes, try clearing the Page Builder cache.