Prevent Directory Browsing With .htaccess

I recently shared several articles about .htaccess file, and as you may know by now, it's a great file if you're working on the security of your site. Today we'll disable the directory browsing in our website with some editing in .htaccess file.

You know how you can change a few characters in a URL and continue browsing the website. Sometimes, it could be very dangerous for our website, so it's time to prevent directory browsing.

Add following snippet to your .htaccess file:

# directory browsing
Options All -Indexes

Save the file, and that's it!

How To Remove Footer Credits From Jetpack Mobile Theme In WordPress

Jetpack is a great plugin for WordPress to connect your blog to WordPress.com. It also gives us dozens of crappy great plugins for our blog, such as mobile module, social share, wp.me short links, and more.

Jetpack's Mobile module is great plugin to create a mobile version of your website for mobile users, but it comes with a footer credit: Proudly powered by WordPress.

Giving WordPress their credit for their hard work is not bad, but if you're interested then you can easily remove the Jetpack.

In your file manager, edit footer.php file which can be found inside public_html/wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven

Just remove this code from line #27:

<a href="<?php echo esc_url( __( 'http://wordpress.org/', 'jetpack' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'minileven' , 'jetpack'); ?>" rel="generator"><?php printf( __( 'Proudly powered by %s', 'minileven' , 'jetpack'), 'WordPress' ); ?></a>

That's it.

Protect Your wp-config.php File With .htaccess

As a webmaster, it's our duty to take care of our website. And security is our #1 priority when it comes to take care of a blog. As we know, there are millions of security issues with WordPress, which can be solved with some simple things, such as security plugins, configuring our .htaccess file, etc.

Today we'll secure our wp-config.php file with some basic .htaccess editing. Add following code to your .htaccess file:

<files wp-config.php>
order allow,deny
deny from all
</files>

This code should be placed in an .htaccess file located in the directory that contains your wp-config.php file.

Optimize And Repair WordPress Database

In WordPress 2.9, WordPress gave us a new automatic database repair feature. This feature enables you to repair and optimize your database. You should use this feature time to time to take care of your website's home.

You can use this feature even when you're not logged in to your website. This is because its main intent is to repair a corrupted database, Users can often not login to their WordPress when the database is corrupt.

Just add following snippet to your wp-config.php file to activate this feature:

define( 'WP_ALLOW_REPAIR', true );

Once activated, you can see the settings on this page: http://www.yoursite.com/wp-admin/maint/repair.php

Once you are done repairing and optimizing your database, make sure to remove this from your wp-config.php.

Send Email Notifications When User Role Changes In WordPress

Yesterday I shared a code which sends an email to the user when the user updates their profile. Today I have something similar, but a bit different. This code sends an email the user when the user's role has changed.

It's a great way to let a member know about the role changes that you'll make. It's also a great trick if you're running a WordPress site with bbPress forum or multiple wirters & contributors.

Just add following to your functions.php:

function user_role_update( $user_id, $new_role ) {
        $site_url = get_bloginfo('wpurl');
        $user_info = get_userdata( $user_id );
        $to = $user_info->user_email;
        $subject = "Role changed: ".$site_url."";
        $message = "Hello " .$user_info->display_name . " your role has changed on ".$site_url.", congratulations you are now an " . $new_role;
        wp_mail($to, $subject, $message);
}
add_action( 'set_user_role', 'user_role_update', 10, 2);

That's it.

Increase Maximum Upload File Size Limit In WordPress

Sometimes, you need to upload a large file to your site. If you run a WordPress site with audio podcasts, videos, and .zip files, then you may need to increase WordPress' default 32mb limit.

There are lot of ways around the internet to increase your WordPress max upload file size, but most of them are not much hardy. But a little snippet by Word Impressed can solve your problem. You can easily increase or decrease your maximum upload file size limit.

Create a php.ini file (using notepad document) and upload it into your /wp-admin/ folder and add following snippet into the file:

memory_limit = 32M
upload_max_filesize = 32M
post_max_size = 32M
file_uploads = On

You can change 32m in the above code to whatever max file size you want.

Send Email Notifications When User Profile Updates In WordPress

Adding this snippet to your functions.php file will send an email to the user when the user updates their profile. It's really great way to provide more security to your users. It's also a great trick if you're running a WordPress site with BuddyPress or bbPress. It makes your website look more advance, and keeps your user secure from hackers.

Just add following to your functions.php:

function user_profile_update( $user_id ) {
        $site_url = get_bloginfo('wpurl');
        $user_info = get_userdata( $user_id );
        $to = $user_info->user_email;
        $subject = "Profile Updated: ".$site_url."";
        $message = "Hello " .$user_info->display_name . "\nYour profile has been updated!\n\nThank you for visiting\n ".$site_url."";
        wp_mail( $to, $subject, $message);
}
add_action( 'profile_update', 'user_profile_update', 10, 2);

Restrict Access To WordPress Media Uploads

Ever wanted to restrict access WordPress media upload mime/format? Yes, that's why you guys are reading this post. You can perform this trick with directories such as /uploads/, /upgrade/, and /backups/. All you need a .htaccess file for the directory.

Create an .htaccess file for your /uploads/ directory (or use existing file if present). Add following code to the .htaccess file:

# restrict access to uploads directory
<Files ~ ".*\..*">
    Order Allow,Deny
    Deny from all
</Files>
<FilesMatch "\.(jpg|jpeg|jpe|gif|png|tif|tiff)$">
    Order Deny,Allow
    Allow from all
</FilesMatch>

The above code denies access to all files but only to the specified types of mime in the 6th line. You can also add more file types to the code such as .zip, .mp3, .mov, or anything.

You can also use same technique in other directories such as /upgrade/, /backup/, and more. Just create an .htaccess file in the directory and add the above code.

Add QR Code For Posts And Pages In WordPress

QR Code (Quick Response Code) is a great way to promote your content, and is very easy for users to use them. They can visit a webpage without even typing the entire web address. Just scan the QR Code and that's it.

The QR code system was invented in 1994 by Toyota's subsidiary, Denso Wave. Its purpose was to track vehicles during manufacture; it was designed to allow high-speed component scanning.[

Would you like to add a QR Code to your posts and pages in WordPress? It's easy just add the following snippet to your single.php file of your WordPress theme in the location you wish to display the QR.

<img src="http://api.qrserver.com/v1/create-qr-code/?size=100x100&data=<?php the_permalink(); ?>" alt="QR:  <?php the_title(); ?>"/>

To adjust the size of the QR Code just change the following within the src size=100×100.

How To Hide Post View And Post Preview Buttons From WordPress Post Editor

Ever wanted to remove "preview post" & "view post" option from the WordPress' post editor? Here is the solution how to do this. Just add following snippet to your theme's functions.php file and don't forget to update the post type array in the following code:

function posttype_admin_css() {
    global $post_type;
    $post_types = array(
                        /* set post types */
                        'post_type_name',
                        'post',
                        'page',
                  );
    if(in_array($post_type, $post_types))
    echo '<style type="text/css">#post-preview, #view-post-btn{display: none;}</style>';
}
add_action( 'admin_head-post-new.php', 'posttype_admin_css' );
add_action( 'admin_head-post.php', 'posttype_admin_css' );