Launching a free plugin to disable the new Application Passwords feature introduced in WordPress version 5.6. The plugin is one line of code. Install and activate to completely disable all of the Application Passwords functionality. To re-enable all Application Passwords, simply deactivate/uninstall the plugin. Easy peasy. Continue reading »
BBQ Firewall is a lightweight, super-fast plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall. Continue reading »
Forgotten post! I wrote this article way back for WordPress 5.5 but forgot to publish. Rather than delete I am posting it now. I think the information remains relevant for the most part. Read with a grain of salt :) WordPress 5.5 brings some new features that may help a lot of users. The two biggies: sitemaps and lazy loading images. This rundown post explains a bit about each, and shares some free plugins to help should you need to […] Continue reading »
WordPress 5.5 and beyond features built-in sitemaps that are enabled by default. For new users and sites this may be a good thing. Now users don’t have to bother with thinking about how to implement a sitemap. Like with Privacy control, WordPress just does it for you automagically. BUT for the millions of sites that already have a sitemap thanks to any of the excellent and free sitemap plugins — that’s like maybe 5–10 million websites — well congratulations you […] Continue reading »
Whenever you upload an image using the Media Library, WordPress automatically creates a set of alternate-size images. The number and size of these auto-generated images continues to grow each year, as WordPress tries to keep up with increasingly hi-resolution screen sizes. For many WordPress-powered websites, the extra media sizes enable WordPress to serve images responsively and that’s a good thing. But for some WordPress sites, all the extra images simply are not necessary. In some cases downright wasteful. And that’s […] Continue reading »
WordPress 5.5 brings some cool new features, including built-in support for lazy-loading images. So whether you want it or not, WordPress will add a new “loading” attribute to all of your images. That way supportive browsers will be able to load your images as the user scrolls the page, instead of trying to load everything at once. It’s a popular front-end technique that may help to boost performance a little bit. Like anything else, there are pros and cons to […] Continue reading »
I’ve written before about protecting against malicious POST requests using Apache/.htaccess. In this tutorial, we’ll look at how to modify GET and POST requests using PHP and some core WordPress functionality (with no .htaccess required). Normally you would want to manipulate URI requests at the server level, but that’s not always possible (like on shared hosting). So in those cases where you want to modify GET, POST, or other types of requests on a WordPress site, check out the following […] Continue reading »
As you may know, WordPress creates numerous copies of all images uploaded via the WP Media Library. These additional images are generated in various sizes, depending on your settings and other factors. This may be totally fine in general, but if you are working with lots of images on your site, the extra files can really eat up your disk space. This can be wasteful, specially if your site does not make use of all the extra images. So to […] Continue reading »
Want to keep comments open on a few old posts? This plugin is for you. It does one thing and does it well: it overrides the WordPress setting, “Automatically close comments on articles older than x days”. So you can leave comments open for any individual posts that may have passed the deadline. I actually wrote this plugin for use here at Perishable Press. Normally comments are closed after 90 days, but there are a few old posts for which […] Continue reading »
In a recent tutorial, I explain how to Stop WordPress from modifying .htaccess. That post explains several ways to prevent WordPress from making changes to .htaccess. This post explains an even better way that is safe, effective, non-invasive, re-usable, and super simple. I’ve been using it on my own sites now for a few years and it works flawlessly. Continue reading »
There are all sorts of plugins that you can use to monitor and protect the WordPress Login Page. That’s not what this post is about. This post is aimed at developers and DIY site admins, who like to keep a close eye on site activity. Talking hands-on with code. How familiar are you with the traffic hitting your WP Login Page? Do you know the difference between a brute-force attack and legitimate login requests? The WP Login Page (wp-login.php) is […] Continue reading »
Quick tutorial for my Dashboard Widgets Suite plugin. This post explains how to customize the DWS widget names on the Dashboard. Normally each DWS widget displays the widget name along with “Widgets Suite” and a little gear icon that links to the plugin settings. Several users have asked if there is a way to change the text, specifically how to remove the extra text and gear icon. So this article explains how to do it as of Dashboard Widgets Suite […] Continue reading »
WordPress provides the wp_headers filter hook and send_headers action hook to add and modify HTTP requests. For front-end pages, these are ideal hooks that should be used whenever possible. Unfortunately however neither hook works on all pages in the WordPress Admin Area. After some experimentation, I found an easy solution to modify HTTP headers on any/all pages in the Admin Area. Continue reading »
How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just wanna “get ’er done”, although each active plugin requires additional maintenance and server resources. Continue reading »
While working on the site’s 24th redesign, I ended up with about 10 code snippets that were awesome but ultimately not needed. So rather than just delete these tasty functions, I am posting them here for future reference. Who knows, during the next site update I may decide to implement or repurpose some of these techniques. And of course sharing is caring, so feel free to use any of these code snippets in your own projects. Check out the Table […] Continue reading »
Welcome to the official homepage for my free WordPress plugin, WP Cron HTTP Auth. This page explains what the plugin does, how it works, and where to download and get support. The plugin actually is very simple, however, so there is not a lot to explain. If you are looking for plugin documentation, visit WP Cron HTTP Auth at WordPress.org. There you will find installation steps, support forum, translation tools, and more. Continue reading »