How to get WordPress image link from the media ID
In this example, I’m using ID 14988 Using Media Library If you are logged in as admin, add the media ID in the website URL: then copy the file URL: Using SQL Using WPCLI or
5 Easy Steps to start a WordPress blog today
Welcome to the world of Blogging. 🎉🎉🎉 Blogging is a great way to express yourself, build a business, or share experiences. There are endless reasons that drive people to start blogs. No matter what your reason for beginning is, you can get your WordPress blog set up and running in five easy steps. 1. What’s … Read full article →
Delete inactive WordPress Plugins and Themes using WPCLI
Deleting all inactive WordPress themes and plugins from your website is a recommended security practice. Even when deactivated, old, insecure plugins and themes might still pose a threat to the security of your WordPress website. Here are oneliners to remove inactive themes and plugins from your WordPress website using WP-CLI. List all inactive WordPress themes: Delete … Read full article →
Fatal error: Uncaught Error: Call to undefined function wp_check_php_mysql_versions()
WordPress website was broken and inside the error_log file the following error was repeatedly printed: Fatal error: Uncaught Error: Call to undefined function wp_check_php_mysql_versions() This fatal error indicates that WordPress was unable to check server configuration: PHP and MySQL versions. In 99% of the time, the error is caused by missing or modified WP core … Read full article →
What is 🗄️ File inclusion and How to prevent WordPress file inclusion attacks
File inclusion vulnerabilities allow an attacker to read (and sometimes execute) files on the WordPress website, gain unauthorized access to sensitive information and inject malicious files through the “include” functionality. This can be very dangerous because if the webserver is misconfigured the attacker may gain access to sensitive user information and even execute arbitrary commands. There … Read full article →
Enable HSTS Preload for a WordPress website
To enable HSTS Preload on a WordPress website (https://hstspreload.org/?domain=wpxss.com) you need to add the following code snippet in the .htaccess file: If you have access to the server settings *(You are using a VPS or DEDICATED server) then you can enable it server-wide for all domains by adding the snippet to the /etc/apache2/conf.d/includes/pre_main_global.conf file TIP: … Read full article →
5 Easy Ways To Speed Up Your WordPress ⚡
WordPress is an awesome content management system. You can install it in one click, you can find professional-looking themes for as little as a few dollars, and you can use a wide range of plugins for added functions and features. Nonetheless, WordPress websites can become sluggish sometimes, chasing impatient visitors away. This article is going … Read full article →
How to display a Random 🔀 WordPress Post inside a Page
Here is a handy snippet that displays a random post, so each time a user refreshes the page a different post will appear. The snippet should be saved as a PHP template for pages and a page has to use it. Step 1. Create a new file random.php inside your active theme folder and put … Read full article →
⚠️ What is Cross-site scripting (XSS) and How to prevent WordPress XSS attacks
The most regularly seen attack type is script injection (XSS attack), rogue scripts are injected into the webpage for malicious purposes. This includes redirects to third-party websites, collecting user data, downloading malware to visitors, etc. WordPress has a bunch of useful developer functions that are used to sanitize data (Validating Sanitizing and Escaping User Data) … Read full article →
Remove file version strings from CSS and JS links
By default .css and .js files used in WordPress themes and plugins will add a version number using ?ver= To disable this add the following inside your theme functions.php file or as a new plugin: