There are all sorts of plugins that you can use to monitor and protect the WordPress Login Page. That’s not what this post is about. This post is aimed at developers and DIY site admins, who like to keep a close eye on site activity. Talking hands-on with code. How familiar are you with the traffic hitting your WP Login Page? Do you know the difference between a brute-force attack and legitimate login requests? The WP Login Page (wp-login.php) is […] Continue reading »
Quick tutorial for my Dashboard Widgets Suite plugin. This post explains how to customize the DWS widget names on the Dashboard. Normally each DWS widget displays the widget name along with “Widgets Suite” and a little gear icon that links to the plugin settings. Several users have asked if there is a way to change the text, specifically how to remove the extra text and gear icon. So this article explains how to do it as of Dashboard Widgets Suite […] Continue reading »
WordPress provides the wp_headers filter hook and send_headers action hook to add and modify HTTP requests. For front-end pages, these are ideal hooks that should be used whenever possible. Unfortunately however neither hook works on all pages in the WordPress Admin Area. After some experimentation, I found an easy solution to modify HTTP headers on any/all pages in the Admin Area. Continue reading »
While working on the site’s 24th redesign, my goal was to simplify the UI as much as possible. As much as I enjoy lots of cool effects, I wanted the new design to be as minimalist as possible. So that meant dropping a LOT of little bells and whistles that were included in the previous design. One feature that didn’t make the cut was smooth scrolling to internal anchor targets. Like when you click a link that takes you #somewhere […] Continue reading »
I’m seeing a big increase in bot attacks targeting theme files directly. First they get the URL to your theme directory. There are numerous ways for a bot to get this information. For example most themes include assets like CSS and JavaScript files, and the link includes the full URL. So then once they have the theme URL, bad bots will make direct requests for well-known theme template files, like index.php and header.php. Requesting template files directly may reveal possible […] Continue reading »
How do YOU stop comment spam? If you’re like a lot of WordPress users, you just grab another plugin or two and call it good. I mean after all, plugins like Akismet work great at stopping spam. The only downside is that, well, you’re relying on another plugin. And that’s fine for folks who just wanna “get ’er done”, although each active plugin requires additional maintenance and server resources. Continue reading »
Recently a reader named Chris asked, “how can we turn ON a plugin from the database?” He mentioned reading my previous article, Quickly Disable or Enable All WordPress Plugins via the Database, but for circumstantial slash technical reasons needed to do the opposite and enable a plugin directly via the WordPress database. I thought it was an interesting question that might actually be useful to discuss here at Perishable Press. Continue reading »
While working on the site’s 24th redesign, I ended up with about 10 code snippets that were awesome but ultimately not needed. So rather than just delete these tasty functions, I am posting them here for future reference. Who knows, during the next site update I may decide to implement or repurpose some of these techniques. And of course sharing is caring, so feel free to use any of these code snippets in your own projects. Check out the Table […] Continue reading »
For those who haven’t yet noticed, WordPress now adds rel="noopener" attributes for any external links added via the link Quicktag in the Visual/RTE. So if you enable the option, “Open link in a new tab”, WordPress automatically will add the rel noopener attribute to the link. This is to protect against CORS and other exploits that take advantage of blank-target links. It’s a smart move that may escape many in the WordPress community. So in an effort to help foster […] Continue reading »
Preparing for Gutenberg, I’ve been sharpening my JavaScript skillz. Getting further into things like Webpack, React, Node.js, and all sort of other awesome scripting adventures. As I dive further into JavaScript land, it’s amazing how much more quickly I am able to do things that I never had to do before relying so heavily on JavaScript. Even so, the extra tools are good to have in the ’ol developer tool belt, so I’ll be sharing much more about JavaScript stuff […] Continue reading »
Welcome to the official homepage for my free WordPress plugin, WP Cron HTTP Auth. This page explains what the plugin does, how it works, and where to download and get support. The plugin actually is very simple, however, so there is not a lot to explain. If you are looking for plugin documentation, visit WP Cron HTTP Auth at WordPress.org. There you will find installation steps, support forum, translation tools, and more. Continue reading »
Welcome to the official homepage for my free WordPress plugin, Disable WP REST API. This page explains what the plugin does, how it works, how to test the plugin, and why anyone would anyone on earth want to disable the REST API, for crying out loud, all explained on this page. If that sounds like you, you’re in the right place. If you are looking for plugin documentation, visit Disable WP REST API at WordPress.org. There you will find installation […] Continue reading »
Welcome to the official homepage for my free WordPress plugin, Contact Form X (CFX). This is a more personal look at the plugin, aimed at readers who are familiar with my work. Here you’ll find some screenshots, cool features, and of course some rambling backstory (because there is one). If you are looking for official plugin documentation, visit Contact Form X at WordPress.org. There you will find docs, download, installation steps, support forum, translation tools, and more. Continue reading »
I’ve been super busy this year, cranking out some useful new plugins. Nothing as awesome as Banhammer Pro, but some pretty useful new plugins nonetheless. So I’m launching a total of five new WordPress plugins. The first four basically are utility plugins designed to make WordPress life easier. The 5th and final plugin (for awhile at least), is Contact Form X, which I am now using as the contact form here at Perishable Press. Contact Form X I know what […] Continue reading »
For those still in the dark, WordPress 5.0 will bring HUGE changes to the post editor. Dubbed Gutenberg, the new WP post editor replaces the entire “classic” post editing screen. So as of WordPress 5.0 and beyond, the “Edit Post” screen will be completely replaced by a giant WYSIWYG content builder called “Gutenberg”. So much more is being replaced than just the content editor. The list of things that are replaced by Gutenberg include the RTE/Visual Editor, Plain Text Editor, […] Continue reading »
Currently Gutenberg does not display the Custom Fields meta box. Before Gutenberg, in WordPress 4.9 and earlier, the “Edit” screens in the WP Admin Area optionally displayed the Custom Fields meta box. The Custom Fields meta box is employed by millions of sites, themes and plugins. Including my own collection of WordPress plugins, which use custom fields for Posts, Pages, and many Custom Post Types. Basically Custom Fields are a critical part of WordPress functionality, so I wrote a plugin […] Continue reading »