Herself's Webtools

Scripts, HowTos, Templates, Plugins, Widgets, Tips

How to add ‘Twitter This’ links to your WordPress Posts




Twitter seems to be the preferred social network now so I decided I needed some ‘Twitter This’ links on my WordPress Blogs.

You’ll want to add this link to both the index.php and the single.php pages in your theme. Every theme is different so I can’t tell you exactly where to add it. I find the comments section in those pages and work my way up to where the date, tags or other miscellany is stored and added them there on my themes.

The link you’ll want is:
<p><a href=”http://twitter.com/home?status=Reading:<?php echo urlencode(get_permalink(get_the_ID())); ?>&title=<?php echo urlencode(get_the_title(get_the_ID())); ?>”>Twitter this</a></p>

You might also check out James Wilkes Design version of the link He is pickier than I about the encoding.

Many thanks to:
Jamie Huskisson and to James Wilkes Design who gave me the pieces I needed to put the link together correctly.


Some bot blocking htaccess hacks for WordPress




There are some great security plugins out there. But all WordPress security plugins require that the bot use the front door to the website. Otherwise the security plugin isn’t turned on.

Your .htaccess file provides better coverage and is more efficient. I realize not everyone has access to .htaccess and that is why bot blocker, security plugin and other security plugins exist. But if you have access to .htaccess that is where you should be doing your security.

This will not stop all bots but should slow them down quite a bit.

Improved .htaccess file

^ – starts with
$ – ends with

———————————————————————————
# block known trouble makers dumb enough to
# announce who they are
SetEnvIfNoCase User-Agent “^EmailSiphon” bad_bot
SetEnvIfNoCase User-Agent “^EmailWolf” bad_bot
SetEnvIfNoCase User-Agent “^ExtractorPro” bad_bot
SetEnvIfNoCase User-Agent “^CherryPicker” bad_bot
SetEnvIfNoCase User-Agent “^NICErsPRO” bad_bot
SetEnvIfNoCase User-Agent “^Teleport” bad_bot
SetEnvIfNoCase User-Agent “^EmailCollector” bad_bot
SetEnvIfNoCase User-Agent “^LinkWalker” bad_bot
SetEnvIfNoCase User-Agent “^Zeus” bad_bot
SetEnvIfNoCase User-Agent “^botpaidtoclick” bad_bot
SetEnvIfNoCase User-Agent “^Click Bot” bad_bot
SetEnvIfNoCase User-Agent “^WebRipper” bad_bot
SetEnvIfNoCase User-Agent “^Wget” bad_bot
SetEnvIfNoCase User-Agent “^Snoopy” bad_bot
SetEnvIfNoCase User-Agent “^Security Kol” bad_bot
SetEnvIfNoCase User-Agent “^libwww-perl” bad_bot
SetEnvIfNoCase User-Agent “^Java” bad_bot
SetEnvIfNoCase User-Agent “^DataCha0s” bad_bot
SetEnvIfNoCase User-Agent “^Grazer” bad_bot
SetEnvIfNoCase User-Agent “^lwp-request” bad_bot
SetEnvIfNoCase User-Agent “^lwp-trivial” bad_bot
SetEnvIfNoCase User-Agent “^Morpheus” bad_bot
SetEnvIfNoCase User-Agent “^Site Sniper” bad_bot
SetEnvIfNoCase User-Agent “^Winnie Poh” bad_bot
SetEnvIfNoCase User-Agent “^curl” bad_bot
SetEnvIfNoCase User-Agent “^Akregator” bad_bot
SetEnvIfNoCase User-Agent “^ac-baidu” bad_bot
SetEnvIfNoCase User-Agent “(Ubuntu-feisty)$” bad_bot

<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>

# block directory browsing
Options All -Indexes

# protect some files
<files wp-config.php>
order allow,deny
deny from all
</files>

<files .htaccess>
order allow,deny
deny from all
</files>

# block bot registrations and send them to the front door
# if you try to register and your accept statement only has */*
# I’ll think you’re a bot
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-login\.php*
RewriteCond %{HTTP_ACCEPT} ^\*\/\*$
RewriteRule (.*) http://yourdomain.com/ [R=301,L]
</IfModule>

———————————————————————————

Additional resources:
Perishable Press Stupid htaccess tricks
Almost Perfect htaccess File for WordPress


Simple SEO hacks for WordPress




Always there are trade offs. The more information you pull from your database to put in each page, the greater the drain on your server.

To do well in search engine rankings you want individual titles and meta descriptions for each individual page. To do this in WordPress you pull the information from the database in your header.php file.

When I ran into server problems I took this out and yes, it hurt my search engine rankings. Now that I’m with Media Temple and things seem to be running smooth I’m adding them back in.

Most, but not all, themes do have the title customized, few have meta tags customized and even fewer have them done properly.

To have an individual title for each separate post and page use this in place of the current title<title>…</title> in your header file.

<title><?php if (is_single() || is_page() || is_archive()) { wp_title(”,true); } else { bloginfo(‘name’); echo(‘ &#8212; ‘); bloginfo(‘description’); } ?></title>

To have a customized meta description for each page and post use this in your head.php file

<?php if (is_single() || is_page() ) : if ( have_posts() ) : while ( have_posts() ) : the_post(); ?>
<meta name=”description” content=”<?php the_excerpt_rss(); ?>” />
<?php endwhile; endif; elseif(is_home()) : ?>
<meta name=”description” content=”<?php bloginfo(‘description’); ?>” />
<?php endif; ?>

I looked at several SEO optimized themes at WordPress and very few had the custom meta tags.

To see if the meta tag is working on your site pull up an individual post:

In your browser look for view->page->source

Look through the top of the page source and you should see <meta description and specific information for that page.

To see if the custom title is working bookmark the page and see if the title defaults to your blog name or the title of that page.

How do I know Google wants this.  Google told me.  Are you using Google Webmaster Tools?

And have you read Google Search Engine Optimization Guide ( pdf )?


Good WP database checks to run




Every so often it’s good to just run a quick pass on your WordPress database and look for troubles.

There are two things I check for: users who don’t comment, and iframes and scripts inside of posts.

You can easily bookmark SQL queries in phpMyAdmin, I do this and try to run the scripts every week or so.

To check for iframes and scripts added to your posts log on to phpMyAdmin and then click the SQL tab and run the following command:


SELECT *
FROM wp_posts
WHERE post_content LIKE '%iframe%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%noscript%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%display:none%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%display:%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%ekibastos%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%visibility:hidden%';

This looks for hidden things in your posts. If you get any results back you should check that post very carefully for things you did not put in it.

Users who register and don’t comment are likely bots who got through the bot net, or spammers planning to come back later. I delete all users who register but don’t comment soon thereafter.

To check for users who haven’t commented run the following SQL query

SELECT user_login, user_email, date_format( user_registered, '%M %d %Y' ) AS user_registration_date
FROM wp_users
WHERE wp_users.user_login NOT
IN (
SELECT comment_author
FROM wp_comments
)
LIMIT 0 , 30

I’ve also begun checking comments for troubles using the same items I look for in posts:

SELECT *
FROM wp_comments
WHERE comment_content LIKE '%<iframe%'
UNION SELECT *
FROM wp_comments
WHERE comment_content LIKE '%<noscript%'
UNION SELECT *
FROM wp_comments
WHERE comment_content LIKE '%display:none%'
UNION SELECT *
FROM wp_comments
WHERE comment_content LIKE '%display:%'
UNION SELECT *
FROM wp_comments
WHERE comment_content LIKE '%ekibastos%'
UNION SELECT *
FROM wp_comments
WHERE comment_content LIKE '%visibility:hidden%'
LIMIT 0 , 30;

Another optimization you’ll want to make is to delete all those post revisions, they multiply quickly.

DELETE FROM wp_posts WHERE post_type = "revision";

And finally optimize your tables

OPTIMIZE TABLE `wp_comments` , `wp_links` , `wp_options` , `wp_postmeta` , `wp_posts` , `wp_terms` , `wp_term_relationships` , `wp_term_taxonomy` , `wp_usermeta` , `wp_users`;