What to do when stuff stops working on your WordPress site

I recently received get this frantic message from a client who owns a Guest House in Port Elizabeth; “My booking requests from my web site were non-existent for a couple of weeks and a regular client has just let me know that the booking form on my web site does not work!”

This Guest House web site runs on a Studiopress WordPress theme and utilises Gravity Forms for bookings. With any dynamic web site like WordPress one is required to check for plugin and core updates on a regular basis – if you don’t you run the real risk of your web site not running optimally and losing business.

Here is a quick user guide to solving such a problem:

  1. Get into the habit of checking that the dynamic portions of your site do work – like the booking and contact forms.
  2. If someone says a form does not work test it yourself.
  3. Do not always assume the worst if the form doesn’t work – check if an update is available as that will normally sort any problems out.
  4. If an update doesn’t work then it is possible that you have a conflict with one or other plugin and you will need to deactivate ALL your plugins except the one you have problems with and then check again.
  5. If the problem persists deactivate your theme and activate one of the standard WordPress themes.
  6. If that still does not work then revert to the plugin provider giving as much info as possible – WP version as well as plugins and versions used.
  7. Or you could pay your webmaster to do it for you.

Dealing with those pesky WordPress Spam Registrations

Faced with the above dilemma I thought to myself; “Please NOT another plugin to deal with this scourge!”

The solution for me was pretty simple enough, though as the site in question does have Gravity Forms installed and collects additional information at registration – much like we do here on Server Observer for candidate authors.

The catch all address for registration on WordPress installations is …./wp-register.php so all I did was logged in to Cpanel and created a 301 (permanent) redirect from the wp-register.php address to the specific address where the author registration form is hosted. No plugin bloat – just easy, quick and simple.

Celebrating 10 years of WordPress

First I used B2 Evolution and then WordPress – I suppose a bit like Betamax v VHS or Vimeo v YouTube when the ‘better’ option was trounced by better marketing. In the case of VHS I believe it was as a result of widespread adoption by the porn industry and in the case of YouTube as a result of a massive injection of Google money. That Google is known as a ‘porn fighter’ may or may not have anything to do with this.

You will find more statistics at Statista

Enhanced by Zemanta

Looking for a cost effective web site solution?

A new dynamic web site based on WordPress can be a very steep and daunting challenge for someone new to the platform and it’s requirements. Even experienced web designers sometimes struggle to keep up with the number of changes and upgrades.

Many people start off well and then make wrong decisions about templates, plugins and update requirements – those updates can come thick and fast and sometimes being too quick on the button can result in conflicts that take hours to sort out.

Then the challenges of writing or updating an article or updating an existing page brings the real possibility of losing rather than gaining visitors .

Add hosting, domain name management, social media, Search Engine Optimisation and analyses of visitor trends and it is no wonder that the path to marketing products on the internet is littered with the empty corpses and dreams of many.

After being fulltime on the internet since 2003 I have a cost effective one stop solution to offer anyone wanting a web site that works.

My web design, maintenance and hosting solution includes the following:

  1. Registration of a domain (in YOUR name);
  2. Choice from a growing number of Responsive Templates (one design, many devices – PC to Tablet to Smartphone);
  3. Installation of WordPress (WP);
  4. Installation of WP Plugins;
  5. Template re-design to client specifications, colour and logo;
  6. Installation and annual licensing of the Gravity Forms contact form;
  7. Hosting;
  8. Monthly WP Maintenance and Upgrades;
  9. Advice on posting articles and images;
  10. SEO advice;
  11. Email Setup;
  12. Analytics Setup;
  13. Post to Social Media Setup and Maintenance.

My solutions include all the above and, if I had to value the above services and products over three years with no escalations I get a figure of R10 800.00. My offer is simple: If you sign with me for two years then you pay R475.00 per month, if you sign for three years you pay R325.00 per month.

At the end of the period you decide if you want a complete re-design or not. If not then the monthly prices drop to the ruling price (currently R135.00 per month) which will include hosting, annual Gravity Forms updates and monthly WP core and Plugin Upgrades. If you want a complete redesign then we carry on at the ruling price of the day.

Contact me HERE:
  • This field is for validation purposes and should be left unchanged.

You could expect to pay close to R10 000.00 and more just to get your web site off the ground:

  • Depending on the complexity some designs start at R3 500.00 and go on up past the R10 000.00 mark.
  • Decent plugins for WP are from R320.00 (the better ones then cost a per annum licensing fee)
  • Hosting can be found from R25.00 to R180.00 per month
  • Asking your web designer to do minor updates to the site and WP core and plugins can work out at R200.00 to R600.00 per hour
  • Search Engine Optimisation advice can also be expensive on an hourly basis

My solution offers you the following benefits:

  • No large upfront payment
  • A fixed monthly fee to take care of the technical stuff
  • Set and forget convenience
  • You will have a webmaster who is aware of his obligations on a monthly basis

The bad stuff:

  • If you move before the end of the agreed period then I will ask you to settle the outstanding.
  • If you move before the end of the agreed period then the design may not go with you and remains my intellectual property until paid for in full.

My added benefits:

I require a link back to www.MyPE.co.za in the footer of every page on your site either as a plain text link (which all web designers take as a matter of course) or RSS feed of latest articles (which actually will be good for your SEO and user experience).

The price choices:

  • R475.00 per month if you sign with me for two years
  • R325.00 per month if you sign for three years.
I tend to be picky and choosy about what I work on so please do not be offended if I turn you down!

WordPress Site Hacked

Your WordPress site has been hacked and you are upset. Before going off on a rampage and blaming everyone consider this:

  • Hackers come in through poor security on themes and plugins as well as,
  • Brute force attempts on the wp-admin login

The WordPress Security Checklist below will help prevent those miscreants from hacking into your site and causing havoc. See also a list (further down) of on and offline resources that will help you trace what went on during the hack and tools to help prevent a further hacking attempt.

As a first step you need to immediately change your passwords (as in right NOW) and username (if it was admin). Now sit back and read.

Server Level Security:

Disallow bots from scanning the important WordPress directories: By using the Robots.txt file it is always a good idea to block the wp-content, wp-admin, etc. directories.

This can be done by adding the following line:
Disallow: /wp-*

Turn off directory browsing: Many servers by default allow you to browse the listing of files within a given directory. You may have come across this before when a page is missing or there is no index to a directory. The server outputs a listing of the files in the directory instead. This is particularly important in regards to plug-ins. If someone can see which plugins you have on your site they might be able to see which ones are vulnerable.

This can be done through your .htaccess by using the code below:
Options All -Indexes

Protect your wp-admin folder. The wp-admin folder is a critical security point with in WordPress. Denying access to this folder (as well as the wp-config.php file) goes a long way to ensuring that your WordPress site is secure.

This can be done in several ways and you may want to do all of them.

Limit access to your wp-admin folder by IP Address: If you know that you are on an IP Address that doesn’t change you can prevent any intruders by blocking every IP but your own. The drawback here is that if you are travelling, are off site or trying to update the site from a location that is not your typical one you will be denied access as well.

This can be done through your .htaccess by using the example code below:
order deny,allow
deny from all
allow from 12.345.67.890
allow from 890.67.345.12

Limit access to your wp-admin folder through password protection: While not as secure as the IP Address method, it can be extremely effective to simply password protect your folder on the server level. This can also build upon the security enhancement of limit access to your wp-admin folder by IP Address by, for example if someone is able to spoof your IP address they still would need to hack your password to break in.

Limit access to your wp-admin folder by hiding it:
There is no reason that your wp-admin folder has to be called wp-admin. Hackers look for this administration folder in this location. One easy way to eliminate hacking of your site and administration area is simply rename the folder to something else. Simple enough?

Protect your wp-config.php file: The password to your database is stored in plain, readable text in your configuration file (wp-config.php). Access to your database gives hackers control over your complete site, so to say you need to protect it is an understatement. The first and most obvious step is to ensure the permissions are set correctly. Some servers set the wrong permissions by default which allows anyone who wants to the ability to read the contents of that file. The permission should be set using SSH or through an FTP client to 640. You can also do this using the File Manager in your hosting control panel (cPanel)

Additionally you can actually move the wp-config.php out of the main WordPress directory and still have everything function properly. This way hackers don’t know where to look for the file. For example if your wp-config.php is located in /public_html/blog/wp-config.php you could move it to /public_html.

WordPress Level Security

Remove the WordPress version number from the META tags: Some hackers target specific versions of WordPress because of known open vulnerability. An easy way to prevent your site from coming up as a target is to simply remove any indicators of the software version.

In older version of WordPress your theme file would have the following code in the header.php that generates a simple tag that outputs the current version:You can prevent this from being an issue by simply deleting that line of code.

Disable the “Admin” account: By default WordPress creates an “admin” account every time you install it. While the passwords are generated randomly it is never a good idea to let people know the login of your most powerful account. Because all WordPress installations have the same username for the master account you are doing just that.

Simply changing the username from admin to something less obvious will improve the security of your site.

This will have to be done through the database as WordPress won’t let you change or remove the account through the administration interface. The account is located in the wp_users table, and you can simply change the account name, display name, etc… to that of your choosing.

Change the WordPress table prefix: All installations of WordPress use the same name for all of the tables on the database. The problem with this is that if a hacker is able to use a SQL injection exploit they know exactly which tables to change data on. If you use an alternative prefix when you install the software this is prevented.

Use Security Keys: WordPress doesn’t require that you take advantage of their “security key” tool that better encrypts cookies, there by better protecting your passwords. Using security keys is a simple process where you generate a key and make some simple modifications to the wp-config.php file. You can generate WordPress security keys on this website: http://api.wordpress.org/secret-key/1.1/

Annie Cushing‘s Must-Have Tools for Spam / Hacking:

A Guide to Creating a Self Hosted WordPress Site

Why rent when you can buy?

Why maintain someone else’s property for their benefit?

Why buy Unit Trusts when buying shares is better?

Buying direct from the farmer is best.

We all know that it is far more beneficial to buy property or deal direct with the creator of a product in order to maximise our wealth. So too is it with the internet. Using sites like Facebook, Twitter, Tumblr, Blogger and WordPress are easy for a reason – they want you to contribute your brilliance to their sites in order to make money off of it.

Think about it – all you are doing is allowing them to freely use work that you would normally get paid for. Who feels like the idiot now?

There is a simple RULE when it comes to your unique content; “Post it on YOUR own digital space FIRST, i.e. your own web site, BEFORE sending it to Facebook, Twitter et al who are only to be used as marketing tools and not the showcase of your work”

Contact MyServ HERE to discuss hosting your WordPress site.

A Step-by-Step Guide to Creating Your Self-Hosted WordPress Website
Contact MyServ HERE to discuss hosting your WordPress site.

Showing More than One Image in a WordPress Post

There are a number of ways to display a number of images in or at the end of your posts in WordPress.

Two of the easiest methods involve using the native WordPress Gallery that comes standard with your installation. With the installation of a lightbox gallery you can accomplish some nifty effects with little effort.

First, some preparation:

  1. Prepare your images – I like to make the images smaller before uploading and aim for a size of between 600 and 800 pixels maximum width, around 120 kilobytes in size and 85% jpeg quality to enhance the user experience with quick loading images.
  2. Check that you have one of the popular lightbox galleries installed – I use the Lightbox Gallery by Hiroaki Miyashita, a nice lightweight plugin that just works.

Adding your prepared images:

  1. Log in to WordPress
  2. Add new post
  3. When finished the text for your new post click on the ‘Add Media’ icon/link
  4. Select ‘From Computer’
  5. Find the folder where your images are stored and highlight/select each one you want to upload. Click ‘Open’ (or whatever your OS says).
  6. WordPress will now batch upload each selected image.
  7. Click on ‘Show’ next to each image in turn and add your ‘Title’, ‘Alternate Text’ and Caption.
  8. Once you have finished captioning all the images click on ‘Save all changes’
  9. Once you have saved all changes you will be presented with a list of all the images uploaded and a Gallery Settings dialogue box. Select the order and number of columns you desire and click on ‘Insert Gallery’
  10. Save and publish your post and have a look at your gallery to see if you are happy.
  11. Tweak if necessary

See image gallery below of each step as above:

Deleting Images in the NextGEN Gallery

The NextGEN Gallery is a plugin for WordPress that organises and displays your images for you.

Images need to be managed and often old or irrelevant images must be deleted from the NextGEN Gallery.

Here is how to delete existing images out of an existing NextGEN gallery (They have to exist to be deleted right?):

  • Log in to WordPress
  • Select Gallery => Manage Gallery
  • Click on the Gallery you want to manage
  • Select the images you want to delete
  • Hit the Bulk Actions dropdown, select Delete Images
  • Check that you have selected ONLY the images you want deleted
  • Click on Apply

Rinse and repeat if necessary.

Select Manage Gallery

Select the Gallery you want to manage/delete images from

Select the images to be deleted, select Delete Images from the dropdown and then Apply

NextGEN Gallery is now proudly maintained by Photocrati Media after Alex Rabe created and maintained the plugin from 2007 through 2011.

Selecting a Different Author in WordPress

One of the frequent questions I am asked is how to select or attribute a different author or user name to a post on WordPress whilst logged in as an admin user.

The answer is a two pronged approach:

  1. Navigate to ‘Add New Post’ in your WordPress installation and click on the Screen Options drop-down to the top right of your screen (right next to the Help drop-down and below “Howdy, yourname”. Tick the Author box
  2. Then scroll to the bottom of the ‘Add New Post’ and select your Author from the new drop down dialogue box – remember you can drag this dialogue box higher up if you wish. Remember too that you must have other Users registered on WordPress in order to select different Authors.

See images below: