Herself's Webtools

Scripts, HowTos, Templates, Plugins, Widgets, Tips

Archive for the ‘wordpress’ Category

Security plugins updated

without comments

This week I updated all three WordPress security plugins – install and uninstall functions were added, the user interface and code was cleaned up. I hope to make them smarter over the coming few months.

Tripwire
Download WordPress Tripwire Plugin

Prevent bot registrations
Download WordPress Bot Blocker Plugin

Security plugin
Download WordPress Security Plugin

Written by Linda MacPhee-Cobb

August 12th, 2011 at 7:45 am

How to create a list of posts by category in WordPress

with 2 comments

I have to say creating a link lists of posts by category in WordPress is downright painful. To create the archive list ( see link near search box on sidebar ) you need a list of your categories, the category number. You will use these to create an archives.php page.

1) A list of your categories can be found by going to the Dashboard, then drop down the Posts menu and select categories.  These are the headings you put between the <br><h3>Category Name</h3> in the php below.

2) Category numbers had to be dug out of my database.  I used MySQL Admin, went to my WordPress database.  Select your database, find the wp_terms table and click on the leftmost icon under ‘Action’ to list your tags and categories. The link_id is the category number.

3) PHP code copy and paste this to a file named Archives.php.  Change the category names and numbers to match those on your website.  Also add or delete as many categories as you need. Your template is likely different than mine you may need to adjust the sidebar, footer etc to match your template’s style

4) showposts=200 is the maximum number of posts it will show in that category, adjust if you need to.

<?php
/*
Template Name: Archives
*/
?>

<?php get_header(); ?>

<div id=”content”>

<h2>Archives</h2>

<div>

<p>Complete archive of the blog’s posts sorted by category</p>

<br><h3>Fun things to do in Houston</h3>
<?php query_posts(‘cat=5&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

<br><h3>OMG We’re in Texas</h3>
<?php query_posts(‘cat=7&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

<br><h3>The Move</h3>
<?php query_posts(‘cat=15&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

<br><h3>This ‘n That</h3>
<?php query_posts(‘cat=14&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

<br><h3>Tokyo Trip</h3>
<?php query_posts(‘cat=172&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

<br><h3>Geekiness</h3>
<?php query_posts(‘cat=83&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

<br><h3>Photos</h3>
<?php query_posts(‘cat=10&showposts=200′); ?>
<?php while (have_posts()): the_post(); ?>
<li><a href=”<?php the_permalink() ?>”><?php the_title(); ?></a></li>
<?php endwhile; ?>

</div>
</div>

<?php get_sidebar(); ?>
<?php get_footer(); ?>

5) Upload your archives.php file to your theme directory on your webserver.

6) Finally create a new page – drop down the attributes menu on the right and select archives as your template

Or if you’d rather there’s a new plugin out to do display all posts in all categories for you James Wilkes Web Design

Written by Linda MacPhee-Cobb

April 2nd, 2010 at 11:51 am

Some bot blocking htaccess hacks for WordPress

without comments

There are some great security plugins out there. But all WordPress security plugins require that the bot use the front door to the website. Otherwise the security plugin isn’t turned on.

Your .htaccess file provides better coverage and is more efficient. I realize not everyone has access to .htaccess and that is why bot blocker, security plugin and other security plugins exist. But if you have access to .htaccess that is where you should be doing your security.

This will not stop all bots but should slow them down quite a bit.

Improved .htaccess file

^ – starts with
$ – ends with

———————————————————————————
# block known trouble makers dumb enough to
# announce who they are
SetEnvIfNoCase User-Agent “^EmailSiphon” bad_bot
SetEnvIfNoCase User-Agent “^EmailWolf” bad_bot
SetEnvIfNoCase User-Agent “^ExtractorPro” bad_bot
SetEnvIfNoCase User-Agent “^CherryPicker” bad_bot
SetEnvIfNoCase User-Agent “^NICErsPRO” bad_bot
SetEnvIfNoCase User-Agent “^Teleport” bad_bot
SetEnvIfNoCase User-Agent “^EmailCollector” bad_bot
SetEnvIfNoCase User-Agent “^LinkWalker” bad_bot
SetEnvIfNoCase User-Agent “^Zeus” bad_bot
SetEnvIfNoCase User-Agent “^botpaidtoclick” bad_bot
SetEnvIfNoCase User-Agent “^Click Bot” bad_bot
SetEnvIfNoCase User-Agent “^WebRipper” bad_bot
SetEnvIfNoCase User-Agent “^Wget” bad_bot
SetEnvIfNoCase User-Agent “^Snoopy” bad_bot
SetEnvIfNoCase User-Agent “^Security Kol” bad_bot
SetEnvIfNoCase User-Agent “^libwww-perl” bad_bot
SetEnvIfNoCase User-Agent “^Java” bad_bot
SetEnvIfNoCase User-Agent “^DataCha0s” bad_bot
SetEnvIfNoCase User-Agent “^Grazer” bad_bot
SetEnvIfNoCase User-Agent “^lwp-request” bad_bot
SetEnvIfNoCase User-Agent “^lwp-trivial” bad_bot
SetEnvIfNoCase User-Agent “^Morpheus” bad_bot
SetEnvIfNoCase User-Agent “^Site Sniper” bad_bot
SetEnvIfNoCase User-Agent “^Winnie Poh” bad_bot
SetEnvIfNoCase User-Agent “^curl” bad_bot
SetEnvIfNoCase User-Agent “^Akregator” bad_bot
SetEnvIfNoCase User-Agent “^ac-baidu” bad_bot
SetEnvIfNoCase User-Agent “(Ubuntu-feisty)$” bad_bot

<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>

# block directory browsing
Options All -Indexes

# protect some files
<files wp-config.php>
order allow,deny
deny from all
</files>

<files .htaccess>
order allow,deny
deny from all
</files>

# block bot registrations and send them to the front door
# if you try to register and your accept statement only has */*
# I’ll think you’re a bot
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-login\.php*
RewriteCond %{HTTP_ACCEPT} ^\*\/\*$
RewriteRule (.*) http://yourdomain.com/ [R=301,L]
</IfModule>

———————————————————————————

Additional resources:
Perishable Press Stupid htaccess tricks
Almost Perfect htaccess File for WordPress

Written by Linda MacPhee-Cobb

December 6th, 2009 at 2:54 pm

Simple SEO hacks for WordPress

with 2 comments

Always there are trade offs. The more information you pull from your database to put in each page, the greater the drain on your server.

To do well in search engine rankings you want individual titles and meta descriptions for each individual page. To do this in WordPress you pull the information from the database in your header.php file.

When I ran into server problems I took this out and yes, it hurt my search engine rankings. Now that I’m with Media Temple and things seem to be running smooth I’m adding them back in.

Most, but not all, themes do have the title customized, few have meta tags customized and even fewer have them done properly.

To have an individual title for each separate post and page use this in place of the current title<title>…</title> in your header file.

<title><?php if (is_single() || is_page() || is_archive()) { wp_title(”,true); } else { bloginfo(‘name’); echo(‘ &#8212; ‘); bloginfo(‘description’); } ?></title>

To have a customized meta description for each page and post use this in your head.php file

<?php if (is_single() || is_page() ) : if ( have_posts() ) : while ( have_posts() ) : the_post(); ?>
<meta name=”description” content=”<?php the_excerpt_rss(); ?>” />
<?php endwhile; endif; elseif(is_home()) : ?>
<meta name=”description” content=”<?php bloginfo(‘description’); ?>” />
<?php endif; ?>

I looked at several SEO optimized themes at WordPress and very few had the custom meta tags.

To see if the meta tag is working on your site pull up an individual post:

In your browser look for view->page->source

Look through the top of the page source and you should see <meta description and specific information for that page.

To see if the custom title is working bookmark the page and see if the title defaults to your blog name or the title of that page.

How do I know Google wants this.  Google told me.  Are you using Google Webmaster Tools?

And have you read Google Search Engine Optimization Guide ( pdf )?

Written by Linda MacPhee-Cobb

November 22nd, 2009 at 11:49 am