Category: Wordpress

Most Useful WordPress Plugins

Here are some useful plugins for WordPress which are tested and bug free.

WP Simple Survey

  • The test is in multiple choices and you can have as many answers for every single question.
  • Each answer can have its own score which the results can be determined based on the total of your scores.
  • This one has a nice progress bar that shows your progress on the quiz.
  • Forces the user to input their Information such as name and email, you can capture more info on pro version.
  • Has a database which can be managed, imported and exported on pro version.
  • You can direct the users into deferent pages based on the result of the quiz.
  • It comes with 3 ranges of scores. Failing, passing and excellent but you can add more ranges in pro version.
  • It sends the results to any email that you wish.

Link to Plugin

mTouch Quiz

  • This one is very easy to use.
  • You can have hints to answers.
  • It’s smart phone compatible
  • On pro version you can have contact form 7 and Gravity plug-ins and add-ons installed.
  • On pro version you can have timers on each question

Link to Plugin

BuddyPress ScholarPress Courseware.

This one turns the WordPress Buddy Press into an online school with all the features you need.

  1. Class Dashboard
    • Progress Indicator
    • Overall status
    • Student evolution (based on received grates)
  2. Courses / Curriculum
  3. Lectures
    • Handbook/Tree style for content organization
    • Bookmarking of lectures
  4. Bibliography
    • Web API’s integration with WorldCat/ISBNdb
    • BibTex Import
  5. Assignments
    • Responses
    • Quizzes/Tests form builder with automatic grading and response evaluation
    • Forum/bbPress integration
    • Gradebook
    • CSV Import
  6. Schedules
    • Calendar
    • Month, Week, Day view
    • Integrates with Assignments due date
    • iCal export/feed
  7. Customization using an external CSS
  8. Notifications/Emails
  9. Activity Streams
  10. Localizations

Link to Plugin

Contact Form 7

Contact Form 7 can manage multiple contact forms, plus you can customize the form and the mail contents flexibly with simple markup. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering and so on.

Link to Plugin

lightbox Gallery

Changes to the lightbox view in galleries.

Link to Plugin

Under Construction

Makes it so your site can only be accessed by users who log in. Useful for developing a site on a live server, without the world being able to see it.

Link to Plugin

WordPress SEO

The first true all-in-one SEO solution for WordPress, including on-page content analysis, XML sitemaps and much more.

Link to Plugin

WordPress Database Backup

On-demand backup of your WordPress database.

Link to Plugin

How to secure WordPress 3 sites

  1. Backup your site
    it’s highly suggested to backup the database regularly in case if the site gets hacked or crashed.
    One way to back up the entire site easily is true a plug-in called “backwpup”
  2. Keep your WordPress updated
    you need to keep your site updated in order to have the latest security and bug fixes. Here are the 3 things you need to constantly update, when the update is available.
  1. WordPress version
  2. Plug-ins
  3. Themes

Here is a plugin that notifies you whenever there is a new update available “Update Notifier”

 

  1. Choose a strong password
    using a random mix of numbers, letters, special characters and upper and lower case is a great way to create strong password.
  2. Choose trusted plug-ins
    When you are looking for plug-ins, make sure to choose the ones that have reliable recourses, good reviews, documentations, screenshots and ratings. Also you need to make sure that the plug-in is being updated periodically and compatible with your current version of WordPress.
  3. Remove unused plug-ins
    Eliminate all the unused plug-ins, files and themes by removing them in order to keep your site clean and organized
  4. Protect your configuration files
    the “wp-config.php” is a key file to your site security and you need to keep it protected
  1. Protecting it true htaccess
    drop the following code beneath all the other rules into your htaccess file:# PROTECT WP-CONFIG
    <Files wp-config.php>
    Order Allow,Deny
    Deny from all
    </Files>

    Check to see if it didn’t mess up your website and also you need to check and see if the code is actually working on your website.
    Try to go to your wo-config.php true your browser, here is the address:
    http://yourdomainname.com/wordpress/wp-config.php
    if it’s working you will see a 403 forbidden error as it is expected.

  2. Limiting access true file permissions
    make sure your htaccess and wp-config files access permission on your server is set on 644. 
  • Configuring authentication keys
    we can improve the security of WordPress user log-in process by setting up the secret keys to the site configuration file. In your wpconfig.php file if you look under database credentials where it says: “Authentication Unique Keys and Salts”, you will see that freely installed WordPress doesn’t provide any secret keys and we need to add our own keys in here. The quickest and strongest way to set up the key values is to visit the secret key service that is being provided by WordPress, here is the address:
    http://api.wordpress.org/secret-key/1.1/salt
    then copy and past everything into the wp-config.php file overriding the default code.
  • Customizing database prefix
    it is highly recommended to change the database table prefixes fro wp_ into something unique. The best way to do this is during the installation of your word press where you have the option of typing in any word ad your database table prefix. Here is how to properly name your prefix without messing up your database file naming and orders:
    You should keep wp_ in the beginning followed by the unique name and another underscore followed by the table name, here is an example.
    wp_uiquename_tabelname
    Changing your database table prefix after installation is still possible but it’s a bit more complicated step to take here is a link to a tutorial on that:
    http://www.digwp.com/2010/10/change-database-prefix
    1. 9.   Don’t be Admin
      admin is default username created by WordPress and it’s the first choice of the hackers in order to get into your website true admin logging panel. Changing it to any other name than admin is a good step towards your website security.
    1. Setting up file permissions
      you need to make sure your file and directory permissions are right and the best and most secure way that it can be. There is a very good plug-in that can take the guess work out and scan your files and directories and make sure you are on the right path: “WP Security Scan” 
    2. Preventing directory listings
      you have to make sure that your directories are lucked up and are not visible from the browser if there are no index files in there. If so you can easily secure the directories adding the following code into your .htacess file “Options -Indexes” put it preferably on the top of the file and upload it into the server. If the .htacess is not the option you can just add a black index file into each directory.
    3. Securing admin directory from other IP addresses
      we can improve security by preventing unwanted access to the WordPress admin directory using a small slice of code in .htaccess file that we create in the root of wp-admin directory. Simply create a brand new .htaccess file and paste the following code into the file:
      # SECURE WP-ADMIN
      <FilesMatch “.*”>
       Order Deny,Allow
       Deny from all
       Allow from 123.456.789
      </FilesMatch>
      note:make sure to put the correct ip address in the code where it says Allow from and if you don’t know your ip address you can simply search for “what is my ip address” in the google and you will find a tool that will help you find out your IP address.
    4. Hide your version number
      hackers use your version number to attack your specific version security holes and that information is available for the public in your source code, RSS feed and other places. Here is how you do it: You need to copy and past the following code snippet into your “functions.php” which is located in your theme files if there is not one you need to create one and past the code to the bottom of the document.
      // remove version number from head & feeds
      function disable_version() { return ”; }
      add_filter(‘the_generator’,’disable_version’);
      remove_action(‘wp_head’, ‘wp_generator’);
    5. Protect your site from spammers
      In order to protect your site from spammers you need to install the anti spam plug-in “Akismet” simply get the activation code from the website and activated your plug-in.
    6. Secure your admin page
      we can secure our admin page using a plug-in that gives us many options to have more security. The name is “Login Lock