Points to consider before installing a new wordpress plugin

Installing a new plugin is very easy in wordpress. All you need to do is to search for your plugin, select it, install and activate. If you do not find it suitable to your needs, just deactivate, delete it and move on. However not many people realise what a plugin does in the background once it gets activated and assume that once a plugin is deleted its all gone which is really not true in most cases. A deleted plugin mostly leaves quite a few traces in your system. Depending upon the plugin these traces can severely affect the performance of your system if you try too many plugins without checking what it does in the background Many plugin developers do not follow WordPress coding standards. They do not provide an unintall function for the plugin. This means you need to manually clean up all the traces of the plugin after it is deactivated and deleted. I am currently not experiencing any performance issue with...
Read More
How to tackle WordPress slow queries

How to tackle WordPress slow queries

Here are some wordpress slow queries i.e. queries which take more than 0.05s. It really depends on your wordpress site i.e. how big is the database, plugins and your site configuration. However if you are facing performance issues related to the Dashboard then it is more likely to be due to the slow wordpress dashboard queries. Query Monitor is good plugin to check/analyse your slow queries. Some Wordpress Slow queries Below query auto populates the custom fields drop down box. [crayon-59c0ffa4d5999491330043/] For large tables this query can take lot of time like 2secs or so. If you do not need custom fields it is very easy to turn them off using below function. [crayon-59c0ffa4d59a4223003673/] For more information read this interesting post on CSS Tricks Below query runs on every Dashboard page so it is important that your wp_options table is optimised. [crayon-59c0ffa4d59a9307676230/] Depending upon the plugins you have installed, the wp_options table size can grow rapidly. Some plugins use this table to store _transient options. These _transient options are objects stored in cache....
Read More

Types of GIT repositories

Three types of GIT repositories GIT working repository GIT bare repository GIT mirror repository GIT working repository This repository is the one which is on your local machine. This is the respositoy which you work on i.e. add, edit or delete your application files and commit your changes. This repository can be created using below 2 ways git init: Initialises an empty working repository. Necessary files are then added or created later. This command is mostly used when you are starting with a new application in which case the repository is empty when you begin. git clone: This command is used if you already have a working repository on your server, GitHub, GitLab, etc. This will create a Git repository on your local maching with working/application files already inside the repository. This repository has a .git folder with all the version related files inside this folder while your application files reside outside this folder. GIT bare repository This repository is generally created on your server mostly for...
Read More

Prevent your emails going to spam/junk

Emails going to spam folder can be a sticky issue and generally there is no simple way to fix the problem. If you are already facing this issue then either your domain is blacklisted somewhere or you may just be missing a few simple tricks. In any case a preliminary check should be to check if your sending domain or your IP is blacklisted. This would be a preliminary check because if you are already blacklisted then no matter what efforts you make to fix other things your emails will still end up going to spam / junk folder. Check if your site is blacklisted using below tools by adding your site domain or IP address. If you are using cloudflare then try both i.e. your site domain and then your site IP address. This is because if you are using cloudflare, a domain check may not resolve to the true IP of your site. http://mxtoolbox.com/ https://www.senderscore.org/ If your site is blacklisted you will need to request to have...
Read More

How to apply Sendgrid categories to WordPress emails

What are Sendgrid Email Categories Creating categories for different kinds of emails sent through sendgrid is quite beneficial. It allows you to track emails based on each category i.e. it allows you to tag your emails by topics. e.g. it would be nice to know how many user registration emails actually were delivered, how many people requested password resets, etc For instance emails sent through wordpress can be categorised as User Registration Password Reset Newsletter, etc How to add Sendgrid categories As per the sendgrid documentation You can add categories to the X-SMTPAPI header of the emails you send via SendGrid. This will allow you to track emails based on your own categorization system. In case of wordpress emails here are the steps to follow Install the Wordpress Sengrid plugin: Since the version 1.6.9 this plugin allows to add categories in the email headers. add the category headers to the wp_mail function as shown below How to add category headers to the wp_mail function [crayon-59c0ffa4d6c1c930061678/] The above headers can be added to your custom plugins where you define your own wp_mail...
Read More

User Role Editor plugin – Critical Security vulnerability

If you are running User Role Editor plugin version 4.24 or older, immediately upgrade to the latest version 4.25 In version 4.24 and older the vulnerability allows any registered user to gain administrator access. Please see more details about the vulnerability which was exposed by wordfence, a popular security plugin for wordpress. The plugin used a function to check if a certain user has access to edit another user. But this function was not being used properly which created the vulnerability. The author was checking if users have access to edit another user using the ‘current_user_can’ function and checking for the ‘edit_user’ (without an ‘s’ on the end) capability on a specific user ID.   ...
Read More
WordPress Hooks, filters and actions

WordPress Hooks, filters and actions

What are wordpress Hooks Wordpress Hooks provide the ability to enhance, modify or customise a wordpress functionality by writing your own code without modifying the wordpress core code. A Wordpress Hook code can either be written directly in your themes (preferably child theme's) functions.php or by creating your own plugin (recommended way) Types of hooks There are 2 types of wordpress hooks action hooks: These hooks can also be called as trigger hooks as they gets triggered based on a certain action/event. e.g. when a user registers on your site an action hook can be set up to geocode the user address and add the latitude longitude to the user_meta table. filter hooks: This hook allows to enhance or modify wordpress functionality or data e.g. it allows to use a custom template for certain post types, allows to use your custom page for lost password functionality, filter user data before displaying on browser or storing in the database. Examples of hooks user_register action hook: This action hook allows you to access data...
Read More

WordPress Custom Login page

Creating a Wordpress custom login page has 2 benefits Login page can be created based on your own theme The URL for the login page would be different to the Wordpress login URL. This is a good security practice provided you block the Wordpress default login page or redirect it to your custom login page. This does not mean that you need to create your own methods to store and retreive cookies by creating your own login function. Wordpress provides easy to use functions using which you can create own own plugin to create a wordpress custom login page. So here is the sample login form Wordpress custom login page - form [crayon-59c0ffa4d711d610645323/] Here the form action submits to a page which does the authentication part. If you have created your own plugin the page would most likely be in your plugin folder. Here is the page which does the authentication and sets the cookie Wordpress custom login page - authentication [crayon-59c0ffa4d7125529245495/] wp_authenticate authenticates the user. If ok wp_set_auth_cookie sets the cookie for...
Read More

Automatic Database backups using free Sypex Dumper tool

Automatic database backups can be set up very easily using a simple shell script and a cron job. However it may not be a practical solution for huge databases and the restoration process can also be difficult. There are various tools available to make this process simple. Sypex Dumper is just one of them. What is Sypex Dumper Sypex Dumper is a software product (PHP-script), which can help you create a backup copy (dump, export) of a MySQL database, and also restore the database from the backup file if needed. Read more and download With this tool huge databases can be backed up and restored with very high speed using least server resources and greatly reducing the size of the database dumps. Free version of the tool is enough to create the automatic backups. The Paid version allows to selectively restore a particular table from the entire database. Steps to set up automatic Database Backups Let's assume you want to create backup of your database every day and keep the...
Read More

MySQL archive records based on date column

Let's assume you have a logs table and you want to delete the logs which are more than 1 year old. Ideally you would like to automate this using a cron job. MySQL Between query [crayon-59c0ffa4d763a590938270/] Using the above query we can delete all the logs for the year 2014. However we cannot automate this query since we are providing the dates manually. MySQL DATE_SUB query [crayon-59c0ffa4d7642208916090/] Above query deletes all the records which are older than a year. Here we do not need to provide dates. It automatically finds the records which are older than a year using NOW and INTERVAL parameters. So let's say you want to delete all the records which are 6 months old then the query would be [crayon-59c0ffa4d7646264238146/] Now lets automate the process of archiving our logs table This can be done through a number of ways. Shell Script [crayon-59c0ffa4d764a433412755/] A shell script can be created with above code. The script can then be added to a cron job. MySQL event scheduler Read more [crayon-59c0ffa4d764e065820619/] PHP Script Create a PHP page to run the query and...
Read More