Wordpress Hacks

March 16th in Wordpress Hacks, Wordpress Tips by .

Nothing is more frustrating that working so hard to build a great WordPress community only to find it’s been hacked and lost its rankings in the search engine results pages. You may not be able to stop all hackers but there are simple measures you can take to make your site harder to hack. Better WP Security is a handy WordPress plugin that shows you areas you need to be focusing on to make your site more secure.

wp better security

[click to continue…]


Continue Reading

January 4th in Wordpress Hacks by .

Earlier this month, I talked about how you can protect your WordPress site against hackers. As someone who has been a victim of hackers for so many times, I can tell you that you’d be doing yourself a favor if you keep a constant eye on your WordPress installation.

While protecting yourself by hiding plug-in and version info on your WordPress blog is the way to go, you should also do your utmost to protect your wp-admin folder. That’s where all the action happens. One way to protect your admin section is by limiting who can access your files there. Matt Cutts has an ageless piece on this.

But I would go one step beyond what Matt is suggesting in his document and deny access to wp-login file as well. That would allow you to protect your blog against Brute Force attacks. Here is how:

{Files wp-login.php}
order allow,deny
deny from all
allow from [your ip]

Replace { with < in the above, and put your IP in there, and you are ready to go. Keep in mind that this will make it very inconvenient for anyone to play with your log-in file (including you). But I rather be safe than sorry.


Continue Reading

December 16th in Plugins For SEO, Wordpress Hacks by .

Running multiple WordPress blogs can be time consuming and challenging at times. If you are a one man company and you intend to get into the adsense business, you are going to have a tough times creating and managing hundreds of blogs, unless you are using a service such as WordPress Direct. You can also grab PLRs and use them on your site as content. But one problem that most folks forget about is content duplication penalty.

Duplicate content is frowned upon by Google, and you can be penalized heavily by Google if your content is deemed to be duplicate of someone else’s. In essence, having duplicate contnet on your blog is the fastest way to get yourself into the supplementary index on Google. Many folks believe (incorrectly) that using private label articles helps them get around the duplicate content issue. But that can’t be further from the truth. If you can buy the articles and others can do too, then you are going to have duplicate content.

That’s what I love about Synonymizer. This cool plug-in allows you to spin words around and make your articles unique. In other words, this is like injecting steroids to your automated WordPress blog. What makes Synonymizer different from article spinners is that it not only spins all your blog posts, it directly works with WordPress.

Synonymizer is compatible with RSS2Blog and WP Auto Blog. Better yet, you can work with HTML, Javascript, and even PHP. And you are not limited to PLRs. You can also work with RSS feeds and still avoid duplicate content penalty. If you are one of those Adsense guys or just want to use auto-blogging solutions to keep your blog updated when you have no time to do it yourself, Synonymizer is a must have (see the video here). Who says you can’t be a lazy blogger?


Continue Reading

November 18th in Wordpress Hacks by .

Creating An Automated WordPress Blog

I don’t know about you, but when I started my blogging journey with WordPress, I was always interested to find more efficient way to get things done faster. One way to do it is of course to run an automatic WordPress blog. What do I mean by automatic? Well. Let’s say you have 5 blogs that you update on a daily basis, and you provide very useful information to your readers. Wouldn’t it be nice to be able to have day off (for whatever reason) and still manage to post some useful content to your blog? That’s all automated blogging is about.

Believe it or not many folks run semi-automated blogs and get away with it. In essence, they post 3 times a day and the other days, they use a software such as WordPressDirect to post useful articles or videos to their blogs. There are other solutions that you can use to run automatic blogs, which is why I decided to dig in to find out if there is anybody out there teaching how to run a fully-fledged automatic WordPress blog.

The one I found on Amazon is “how to create an automated WordPress blog.” The author has many other training packages for sale, and the content is in general top notch. With the right combination of plug-ins and other tools, you can effectively run an automated blog without having to pay for a service such as WP Direct. Automated blogging is in early stage right now so you should definitely mix automatic posts with real posts to keep your blog fresh. Having said that, it’s good to have an insurance policy in case you get sick or break a leg.


Continue Reading

November 10th in Wordpress Hacks by .

A lot of us have done it in the past, hopefully without knowing. You read a blog, you see a nice image that you can link to, and you do it without really thinking about the ramifications of your actions. In general, you should not link to an image that you do not have the right to, and you should not others’ bandwidth to serve the image on your site. But a lot of folks do it, and that’s a big problem for folks.

You have two options at this point. You can either watermark your WordPress images (read a tutorial on it here) or you can use .htaccess to protect your images from getting linked. Hot Linking is not a big issue if you are not serving that many images or your blog is not that popular. But once you start getting real traffic, it’s easy to get over your monthly hosting limits if people hot link to your images. That’s why I prefer using the .htaccess instead of watermarking my images. I rather cut off the access altogether.

So here is how I would do it using .htaccess. Please note that there are plenty of tools that you can use to customize your htaccess, and there are multiple ways of doing this, but here is what has worked for me:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?wpjedi.com/.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]

For those of your not familiar, here is what we are saying. We are saying that if the referrer is not WPJedi.com (not case sensitive) or any of the sub-directories, return a 403 error code. Now you can grab this and use it on your own domain, but make sure that you change wpjedi.com with your own domain. Also, as you can see, WPJedi currently doesn’t host any video files, but if you are doi10ng that, you want to make sure you add .mov, .avi or whatever extension you are using for your videos to the fourth line.

Did I miss anything? Do you do it another way? Please share your experience with the code.


Continue Reading

October 23rd in Wordpress Hacks by .

A screenshot of a 404 error in Wikipedia with Camino.

If you have been a webmaster before, you are probably familiar with the concept behind error pages. The most popular error page is a 404 page. That’s the page where your readers will land if they type something wrong or if they reach a page that does not exist. So it is essential for every WordPress blog owner to customize their 404 page to retain the misguided traffic, if possible.

Unfortunately, most WordPress themes do not come with a 404 page. And some of them which do have 404 pages are not optimized to retain traffic. So if your WordPress blog doesn’t have a 404 page here is what you need to do:

  1. Go to your default template and copy the 404.php page. You can also grab the page.php file from your current theme and rename it to 404.php.
  2. One thing that I like to do on a 404 page is showing people as many navigation links as possible to move them through my site. Many 404 pages just come with the standard message of “this page does not exist.” But that is not optimized, so you need to optimize your 404 page to keep some of the traffic that is reaching your 404 page by mistake.
  3. It is also possible to show different 404 pages to your readers based on the keyword that they have used to reach your error page. Think about the possibilities here. But of course that’s a more advanced topic.
  4. I personally like to list all my categories on my 404 page. The way to do it is by using the list_cats function. Here is what I personally use (I put it right where it says “edit this entry”:
    list_cats(FALSE, '', 'ID',
    'asc', '', TRUE, FALSE,
    '', '', '1,33',
  5. The above function lists your categories and subcategories in form of an unordered list. You should probably customize your CSS to make your page look like what you prefer.
  6. I also use Google custom search on my 404 pages. I put one at the very top of the page and try to help people search through my posts. And they may click on some of my ads and nab me a penny or two.

As you see, creating a 404 page for WordPress is not that hard. WordPress is so powerful that you can create complex solutions with a few lines of code. Having said that, you should never settle for the default template that comes with your WordPress theme (to test it out just test an address that you know is not valid). I will talk about Google custom search in another post for those having trouble implementing it on WordPress.


Continue Reading