Independent Digital

You’ve probably been using WordPress for a while now, you love it but every now and then something weird happens and your blog just does not perform as it should. So when a new update comes out, you’re overjoyed and eagerly update your blog, hoping all the problems will disappear. But they don’t. Maybe your blog was hacked at some stage but you found the gap and blocked it for good, or so you thought.

You keep getting hacked even though you have kept up with the latest WordPress updates so now you’re thinking of ditching Wordpress. Don’t! The solution is simple, it may take a bit of time but it will be worth it in the end.

I’ve been using Wordpress for about 2 years now and have been hacked a few times. Each time I thought I had it sorted only to be hacked again and again…Here are some of the symptoms I experienced:

• I edited posts and pages, pressed SAVE but they were deleted instead of being saved.
• I try to access my blog only to see this… database error: [User '???????' has exceeded the 'max_questions' resource (current value: 50000)]
• I started getting high volumes of spam mail (some using my address as the sender)
• I try to access my blog and all I see is a blank page
• My theme disappears
• My theme is swapped for the classic or default theme
• My database disappears
• I keep getting the installation page when trying to access my blog
• Posts and pages disappear

My final solution was to delete everything and start again. Naturally I had a backup. I first checked my server for any weird looking files and folders. I found a few and downloaded these to a safe folder. I then noted all the plugins that I had as well as the theme that I was using. I deleted all these. Then I deleted all the WordPress files and folders. I then checked the server once again for any weird folders or files (a bit difficult as I had quite a few other, non-WordPress related stuff installed, many of which I could not remember whether they were legitimate or not). So be careful, don’t delete unless you are absolutely sure that it is not supposed to be there. Try downloading to a safe folder before deleting so if it was a valuable folder or file, then you can always recover it.

Okay, once I had a “clean” server, I downloaded the latest version of WordPress, unzipped it and installed it on the server. I chose to create a new wp-config.php file rather than use the old one – I wanted a completely fresh start and didn’t want to risk carrying stuff over from that last install that may be “infected”. Once I had the basic installation working perfectly, I downloaded a new copy of my chosen theme from a legitimate site (see article on themes are a security risk) and installed this in the Themes folder.

If you can view your backup file, check out the wp_options table for any “active_plugins” and delete these, save the file and import it into your WordPress database. Try viewing your blog – it should function properly with the new theme.

I then downloaded all the latest plugins (as per the list of plugins that I had installed before the deletion) from legitimate sites. Unzipped and uploaded these to the plugins directory and activated them all. I then tried accessing the blog and found a few problems:

• The layout was not as it used to be. I then realised that I had done some editing of the theme files to suite the layout that I wanted. So back to editing the HTML to get the pages looking as before.
• Some plugins weren’t working. This was because some of them required some code to be installed within the WordPress “loop”. So a quick inspection of the installation instructions for the various plugins pointed me in the right direction. I was able to install the necessary code and get the blog working as before. I also chose to install “clean” plugins rather than use the old ones because of my fear of contamination. (see article on plugins are a security risk)

So what did I learn from all this?

1. Updates alone will not sort out a hacking problem. Previous versions of WordPress had security problems, which may have led to a security breach of my site. Similarly I may have been careless in other ways, allowing a hacker into my site. The point is that the hacker got through and was able to install code on my site. Updates from then on were useless as far as securing my site was concerned as the hacker was already on my site.
2. I expected Wordpress to take care of my security when I should have been taking care of it myself. I thought that if I updated regularly, my site would be secure. I was wrong as the hacker was already inside.
3. That I need to take security seriously. I did not believe that I would be hacked. I was, not once, not twice but many times. The time and effort that I spent trying to recover from the problems caused should rather have been spent taking preventative measures.
4. That I need to make sure that my site is free of suspicious files and code (within themes and plugins) – if hackers can get into your site, they can upload destructive files and edit your files by adding malicious code). It happened to me. One of the symptoms I noticed was the increasing amount of spam email that I was receiving. Since sorting out my site, the spam email has disappeared.
5. That I need to update my plugins and themes – from LEGITIMATE sources.
6. Increase my security by installing security plugins such as login lockDown,wp-security scan and askApache.

As of the time of writing, my site seems to be working smoothly and thankfully hacker free. If you would like to sort out your hacker problem once and for all but don’t have the time to do it, why not let us take care of the hassle and do it for you. Let us know.

Experiencing problems with a new plugin? Here’s hoping that this short post will help by ending your frustration and saving you time. I use a few plugins on this site. All of them were working perfectly before I upgraded to WordPress 2.5 then all of a sudden I couldn’t get the Subscribe2 plugin to work – or should I say that I could not activate it. Each time I tried to activate it, I would get a fatal error message.

I searched all over the place but could not find a solution, then I began reading posts elsewhere where users were having similar problems. Some mentioned that it was due to a conflict between plugins so I decided to investigate down that avenue. I have a duplicate website running on my PC so I deactivated all the plugins then activated the Subscribe2 plugin. Surprisingly it activated without a hitch, so I knew I was on the right track.

One by one I began to activate the other plugins. All but one, the Contact Form ][ plugin, activated perfectly. The familiar fatal error cropped up when I tried to activate this plugin. I then deactivated all the plugins once again and activated then deactivated only these two plugins (Contact Form ][ and Subscribe2) with the result that whichever one was activated first, worked, while the one activated second, came up with the fatal error message.

I needed both these plugins so I emailed their authors explaining the conflict. Hopefully they will be able to correct the problem. I really liked both these plugins. In the meantime I have been trying out a few of the other contact form plugins (I decided to keep the subscribe2 plugin working as I had linked a free E Book give-away to subscribers and needed this plugin to allow people to subscribe. It’s a great book on security, written by experts. So if you want a copy, subscribe! It’s FREE!).

I tried at least three other contact form plugins and they all conflicted with the Subscribe2 plugin. I did find one that did not conflict but it is not exactly what I was looking for, I may use it as a temporary measure until I find the perfect one or a solution to the conflict is found.

P.S. If you find either the contact form or subscribe option not working, please be patient and come back later as I am busy trying to sort the problem out.

Best regards

clive

You’ve just written a great post. Someone surfs the net and finds your post, reads it, then moves on. But hey, you’ve got lots more just like that, even better, juicier posts you’re sure they’ll love to read. Trouble is they don’t know that. But you say there’s a whole list of categories right there in the sidebar. Too bad your visitors don’t have the time to wade through those long lists. If only you could somehow attache links to similar posts at the bottom of your posts. Then when people read your posts and they come to the bottom of the post, they see the links and will probably click on them. Great. They find more useful information and you keep them on your site for longer. After all, the idea is not only to get the visitors to your site but also to keep them there for as long as possible.

You not only improve the visitors experience by giving him more useful information in the form of related posts but you also keep him on your site for longer, allowing him to experience more of your site than he would have without the related posts links. Without the related posts links, he would have read the one post then moved on to another site. By keeping him on your site for longer, you are also able to increase his exposure to your advertising campaign and hopefully increase your revenue.

Aizatto’s related posts plugin is very easy to install. Simply download it, unzip and upload the single PHP file into your plugin directory. Go to Options in the Admin panel and choose the options that suite you (I left the defaults and they work just fine), save and you’re done. Try it out. Select a post on your site and you should see a list of related posts attached to the bottom of that post. You can always change the settings in the Admin panel if you want to.

You can download Aizatto’s related post plugin here

If there is just one WordPress plugin that you have to have installed, then I would have to say that iy is the WordPress Codex and Forum searcher plugin. Why you ask? Well, it enables you to search the WordPress Codex and the WordPress support forum from within the WordPress Administration Panels. Clicking on any of the search results opens a new window, enabling you to view the result while working in your admin panel. Fantastic.

Get help with your WordPress blog here.

Download the WordPress Codex and Forum searcher plugin here.

Check this article out for more useful WordPress plugins.

WordPress Plugin resource list

Using WordPress Plugins A starter article on how to use WordPress Plugins.

Plugins. The WordPress page on plugins. Short and sweet with a basic definition for plugins

Managing Plugins. Covers the management of plugins, including installation and troubleshooting

Plugin Application Program Interface (API). Documents the API (Application Programming Interface) hooks available to WordPress plugin developers, and how to use them.

Plugin Resources. Has a whole lot of useful links relating to plugins and plugin development. Very useful if you want to create your own plugin.

Official WordPress Plugin Directory Well, it?s the official directory of WordPress plugins

WordPress Plugin Database at wp-plugins.net Well, it?s a database of WordPress plugins at the wp-plugins.net site

Plugin Submission and Promotion Shows you how to distribute your new plugin.

Writing a Plugin Gives the steps needed to follow, and things to consider when creating a well-structured WordPress plugin

http://wp-plugins.org A repository and environment for plugins and plugin development. It includes a set of development tools aimed at assisting the active WordPress development community and is free to use.

http://wordpress.org/extend/plugins/about/readme.txt Describes the format of a plugin

GPL Is a GNU site listing the requirements for the GPL license

GPL compatible license Alternative compatible licences to the GPL license

Reporting Bugs If you encounter any WordpPress bugs whilst creating your plugin, then you need to go here to see how to report these bugs.

Template Tags All you need on template tags. Includes a list of the general user tags available in WordPress, sorted by function-specific category.

Creating Tables with Plugins This article describes how to have your plugin automatically create a MySQL table to store its data.

Creating Options Pages Covers creating custom options panels in WordPress

Option Reference Lists the options, along with some of the default values from the current WordPress install.

Adding Administration Menus This article explains how to add custom administration screens to WordPress in a plugin.

Translating WordPress This article explains how translators (bi- or multi-lingual WordPress users) can go about localizing WordPress to more languages.

WordPress Coding Standards WordPress is working to gradually improve the code structure by helping users maintain a consistent style so the code can remain clean and easy to read at a glance. Read this article to see how you can help keep the code clean.

Inline Documentation This page is the start of the effort to add inline documentation to the WordPress core code to aid in future development, improvements and changes, as well as to assist others when learning about PHP and WordPress. Check it out.

How to Write a Wordpress Plugin An extensive, twelve entry series on the process of creating your own Wordpress plugin. Every step is covered, from ?Seven Steps for Writing a Wordpress Plugin? all the way down to adding ajax to your plugin and releasing it. This is an excellent article series for anyone interested in the process behind creating your very first Wordpress plugin. With code examples to help assist you, you will be on your way to future releases of your own plugins for the Wordpress community.

How to create WordPress Plugin from a scratch A great tutorial on how to write a simple plugin. The idea being to walk you through the steps you need to follow in writing your own plugin.

Using AJAX with your WordPress Plugin This post was written as part of the How to Write a WordPress Plugin series. More and more plugins are starting to use AJAX techniques. I personally don’t see a use for most cases of AJAX, but it may be necessary for your plugin to use AJAX to accomplish a task. This post will show you how to use AJAX with your WordPress plugin.

How to Write a Simple WordPress Plugin A quick tutorial on how to write a plugin.

Need help customizing your WordPress Blog?

WordPress is designed to be lean and fast. In most cases it is perfectly capable of doing the job as is, out of the box. Some users may have extra requirements, this is where Plugins come in. Plugins are tools that extend the functionality of WordPress. WordPress Plugins are designed by volunteers and are free to all users. Plugins are the responsibility of their authors so treat all new untried Plugins with caution. If you want to develop your own plugins, there is a comprehensive list of resources at Plugin Resources.

Where can you find Plugins?

You can find a list of WordPress plugins, and links to other repositories, here Plugins.

Is the Plugin compatible with your version of WordPress?

You can checkl to see whether the plugin you want is compatible with your WordPress version here, WordPress Plugin Compatibility.

Installing Plugins

Most Plugins come with a readme.txt file, which explains how to install the plugin. Usually the authors? website also has installation instructions. In any event, you need to load all the plugin files into the plugins directory (wp-content/plugins). Once you have uploaded a plugin to your WordPress plugin directory, activate it from the Plugins Management page.

Things to Know Before You Install Plugins

There are a few things you need to know before you begin to install WordPress Plugins.

• Read the readme.txt files accompanying the plugin as well as the author’s website, before you install. You?ll be better informed.
• Know how to download and upload files and how to use FTP.
• You may need to modify WordPress files and templates so it will be handy if you know PHP, HTML, CSS and CHMOD.
• Record any changes you make. Use comments in the code to indicate any changes. You can also keep a text file on your site with notes on all the changes.
• Make backups of your database before installing any plugins in case things go wrong?
• Are you sure that the plugin will work with your version of WordPress? Different Plugins are available for the different versions of WordPress. You can check the plugin compatibility here, Plugins/Plugin_Compatibility. If it isn?t, consider upgrading.

Plugin Installation

Follow these steps when installing a plugin:

1. Backup
2. Inform yourself about the plugin. Read the accompanying readme.txt file and the authors webpage concerning the plugin
3. Upload the plugin to the wp-content/plugins folder in your WordPress directory
4. Make any necessary modification as indicated in the readme.txt file
5. Acitivate the plugin
   1. Access the Plugin Panel in your Administration Panels
   2. Scroll down through the list of Plugins to find the newly installed plugin
   3. Click on the Activate link to turn the Plugin on.

Hiding Plugins When Deactivated

Some plugins have tags within the template files and if the plugin is not activated, the Theme is ?broken? and may not load properly. It is therefore important to be able to detect the plugin. You can use the function_exists() function to do this. It checks whether the plugin exists and uses it if it does. If not then everything works as if the plugin was not installed.

Troubleshooting Plugins

Check the following if you are experiencing problems with your plugin:

1. Have you followed the plugin author’s instructions to the letter?
2. Check that any plugin tags or usage within your template files are correct, spelled right, and placed in the appropriate place
3. Have you uploaded the file to the plugins folder under wp-content. Delete the old version if it is an upgrade.
4. Has the plugin been activated in your Plugin Panel of your Administration Panel.
5. Deactivate and re-activate the plugin. This may solve the problem.
6. Is it the latest version for your version of WordPress?
7. Visit the plugin author’s website to see if someone else is having the same trouble. Perhaps an answer has been posted.
8. Contact the plugin author directly for assistance.
9. Search the Internet for the name of the plugin and the trouble you are having as someone else might have had the same problem and found a fix and posted it on their site.
10. Visit the WordPress Support Forum. You may get assistance there from other users.
11. If the problem persists and you cannot solve it, check to see if there are any similar plugins that you can try instead.

Plugin Management

Plugins are managed from the Plugins Panel in the Administration Panels of your WordPress site. Each plugin has a description of what it does, an author and website to refer to, and a version number. WordPress uses this information to list the plugin. If you installed the plugin and it is not listed then this ?header? information may be missing. The header information looks like this:/*
Plugin Name: Put the plugin name here
Plugin URI: Put the plugin web address here
Description: Describe the plugin here
Version: Put the plugin version number here
Author: Put the authors name her
Author URI: Put the authors web address here
*/
You can add this information yourself by opening the plugin in the Plugin Editor which is accessible from the Plugins Management page.

Activation and Deactivation

You can activate and deactivate each plugin from within the plugin management panel. You can also deactivate all the plugins by using the link at the bottom of the list of plugins. Remember that if you made changes to the WordPress code or template files in order to make the plugin work, then you need to reverse these changes when you deactivate the plugin else WordPress will not work properly.

Uninstalling Plugins

When, for whatever reason you want to uninstall a plugin, check the following:

1. Check the author?s site for instructions on how to uninstall the plugin..
2. Remove any modifications that you made to the WordPress code or template files.
3. Deactivate the plugin.
4. Delete the plugin files from your wp-content/plugins folder.
5. Remember to make the same changes in your site backup files.

Developing Your Own Plugins

If you have knowledge of PHP and you would like to develop your own plugin, then have a look at this helpful list of resources at Plugin Resources.

Thinking of creating your own Theme? Have a look at this helpful article.

Need help with your WordPress installation, themes and plugins? Contact Independent Digital at www.idig.za.net/contact/