Category: Hints & Tips

0

If you pay attention to your webstats, you’ve likely come across regular hits coming from a crawler/bot called “Semalt”.   According to their site and some other blog sites, the bot is not hitting your site with any bad intentions, but others have stated that they seem to be associated with spamming and scamming of some kind.   Either way, its best to keep your site free from these bots as they can screw up your web statistics by inflating your visitor and bounce rates.   The majority of sites are recommending to block this bot – and there are some great tips on doing so.

Block Semalt via .htaccess

In order to block them via the server level, you need to add the following code to the BOTTOM of your .htaccess file:

SetEnvIfNoCase Via evil-spam-proxy spammer=yes
SetEnvIfNoCase Referer evil-spam-domain.com spammer=yes
SetEnvIfNoCase Referer evil-spam-keyword spammer=yes
SetEnvIfNoCase Via pinappleproxy spammer=yes
SetEnvIfNoCase Referer semalt.com spammer=yes
SetEnvIfNoCase Referer poker spammer=yes

Order allow,deny
Allow from all
Deny from env=spammer

They also created a tool where you can remove your website from their crawl list.  A lot of sites are saying “why should we give them our domain information, when they shouldn’t be crawling our site in the first place – and there is a point there.   But we did test their ignore list with a few domains, and a month later, none of those sites had been hit by semalt – so it does appear, at least in theory, to work.

To add your sites to their block list, simply visit this link, and type all of your URLs into the list, and hit submit.

http://semalt.com/project_crawler.php

 

WordPress as awesome as it is, is also one of the most popular open source CMS scripts that is out there – and we all know being that kind of popular carries the increased risk for devious hackers to find new ways to break into your site.   In many cases the hackers break in only to spam your blog with tons and tons of links to less than desirable sites.   Other times they can install redirects to other sites or even install malware/spyware.   Regardless of the severity of the hack, we as WP users always need to be diligent about doing everything we can to protect our sites, and our customers/readers from potential security risks.

Our friends over at MasterSiteManager.com (an awesome stats, rankings and SEO tracking service that we use and highly recommend) have tested and put together a great “must have” list of plugins to help protect your blogs from hackers.    If you use some of these really great (and FREE) plugins, along with working with your hosting company or server admins to make sure your server is as secure as possible, you will see your vulnerability to these attacks drop significantly.

1. Restrict Login By IP – lets you specify IP addresses or hosts that users are allowed to login from. Only users that have the exact IP will be able to access the dashboard. Everyone else will get a “Forbidden” error when trying to log in or access an admin page directly. However, normal visitors won’t be affected – everyone will still be able to read your posts browse the site.

 

2. AskApache Password Protect – it utilizes fast, tried-and-true built-in Security features to add multiple layers of security to your blog. This plugin is specifically designed and regularly updated specifically to stop automated and unskilled attackers attempts to exploit vulnerabilities on your blog resulting in a hacked site.

 

3. WP-Ban – It will display a custom ban message when the banned IP, IP range, host name or referer url trys to visit you blog. You can also exclude certain IPs from being banned.

 

4. WP System Health – This plugin provides a new Dashboard Widget (limit to administrators) that displays information provided by 4 different categories: system, php, wordpress, database.

 

5. WP-DB-Backup – WP-DB-Backup allows you easily to backup your core WordPress database tables.

 

6. Exploit Scanner – This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.

 

7. WP Security Scan – Scans your WordPress installation for security vulnerabilities and suggests corrective actions.


Of course, you should always make sure you are running the most recent version of WordPress and that you take regular (nightly) backups of your site so that if you are hacked, you can quickly revert to a saved version, or do a file comparison to find the injected code.

Drop us a note below if you have any other tips or suggestions!

Restrict Login By IP

Animoto - The End of Slideshows

Turn your photos & videos into pure amazing. Animoto very easily produces beautifully orchestrated, completely unique video pieces from your photos, video clips and music.    Animoto has really done a superb job of adding new themes we can use to make video productions look really slick, plus they have given us the option to create highly professional business videos from just our photos/images & using their stock music.
Here is a  cool little clip that literally took us about 10 minutes to create, just to show you how cool this thing is:


Plus…
* you can also add short video clips within the Animoto videos

A Pro account will give you:
* no animoto branding
* unlimited dvd-quality videos
* 1000+ pre-licensed songs and even stock video clips
* and you can commercially redistribute your produced videos.

They’ve even launched an iPhone app that allows you to create videos from your iPhone – we’ve tried it, pretty slick   😉

You can check out all their templates, music and slick video stuff at http://Animoto.com.   Highly recommended for any business looking to spruce up their site!Get started making some cool videos now!!


Now go make some super cool videos for your blog or website!


Cheers!

6

We have run into quite a few people lately getting this error on their WordPress installation, so we figured we’d post the solution here as a quick fix for anyone else having similar issues.

The error will appear something like this:

Warning: Cannot modify header information – headers already sent by (output started at //home/wordpress/wp-config.php:1) in /home/wordpress/wp-includes/pluggable.php on line xx

Of course the locations of the files listed in the warning will vary based upon your installation.

The likely culprit, believe it or not, are spaces.   Most likely while making some modifications to your store you inadvertantly left in a space either before the beginning < ?php tag, or after the last/terminating ?> tag within the page.

  1. Download the first file listed in the warning message (we recommend taking a backup copy, just in case).   In the warning message above, it would be //home/wordpress/wp-config.php.   We've also seen the error pop for spaces on wp-login.php pages, as well as the functions.php page within your theme folder (to name just a few).
  2. Once the page is loaded, simply make sure the FIRST thing listed in the file is a < ?phptag, and if there are any spaces before it, delete them.
  3. Similarly, if the page ends in a ?> tag (not all do), make sure any spaces after that are deleted.
  4. Save the file, and re-upload overwriting the old version of the file.

  5. Thats it!   In 99% of cases this should fix your "cannot modify header information" errors within WordPress.

    Cheers!

If you are looking for a way to separate your blog posts from the rest of your site, or if  you would like to add an easy way to access all recent posts…. keep reading.

WordPress has a built-in feature that allows you to assign a Page as your Static Homepage and another Page as your Post Page. But this feature does not work well for all themes because it assumes that index.php (your homepage) contains your list of recent posts.   Therefore, when you create a new Page called “Blog” and assign that as your Post Page….  what happens?   The “Blog” page will look exactly like your homepage.

This method works great for themes that only have posts on the homepage.   But if your theme contains other homepage elements such as Image Sliders, Highlights sections, etc.   you may not want those elements appearing on your “Blog” page.   This is when you will want to create a Page Template dedicated to displaying a list of your recent posts.   Here’s how:


1)  Open a new text file and add this to the very top of the file:

<?php
/*
Template Name: Blog Template
*/
?>


2)  Next, copy and paste the entire contents of your archive.php page into your new text file, directly below the code mentioned above.  (Most themes contain an archive.php file which defines how the list of recent posts should be displayed.   Different themes may call this file something else but in most cases, it is archive.php.)


3)  Within the newly pasted code, search for the start of the loop:  It begins with:

<?php if (have_posts()) : ?>

Directly ABOVE  <?php if (have_posts()) : ?> paste your query parameters.   For a list of all recent posts, you would paste: 

<?php query_posts(‘showposts=10’); ?>

You can change the “10” to the number of posts you want to show per page.  You can also change this query to show posts from specific categories like:

<?php query_posts(‘cat=12,5’); ?>


4)  Save this file as: template_blog.php and upload it to your theme folder.


5)  Create a new page where you wish to display your posts and give it a name such as “Blog”, “Posts”, “Latest News” …etc.   On the right side of the Page edit screen, select Blog Template from the Templates drop-down menu.   Click Update to save.


Now your latest posts will display on this Page!

 (more…)

0

We are often asked, “I really love your _______ functionality, what software is that?”   Or “your __________ section is outta this world, is that a plugin?”    Since we are all about making the WPNow community even better, we thought we’d lay it all out there for you guys in case any of these software tools might help you with your own business.   (We’ll be adding more to this list as software is added).


Primary CMS WORDPRESS, of course!! Would we even think of building a site selling WordPress themes, on anything other than WordPress??   This ain’t your grandmother’s CMS…   🙂




Membership Management aMember Pro – an awesome script that manages our content, our theme club members and their subscriptions.   Offers content protection, integrates with just about every payment gateway out there, folder protection and more.  It provides you with a signup, login, and management system, that can then be integrated with WordPress or other CMS’s.  Basically what makes things super cool for our Theme Club Members.

Affiliate Management iDevAffiliate – an excellent tracking system for affiliates, running commission reports, tiered commissions and more. Fantastic program for a very, reasonable cost.



Forum Software

BBPress – A great fast, light easy to use forum script that integrates easily into WordPress working off of the same plugin system for easy functionality add-ons.



Email Management Gmail – Since we are for the most part, a virtual company with developers and support staff all over the country and the world, we needed an email system that we could all access at any point in time, via the web.   Gmail works fantastically for managing the many emails we get on a daily basis.
Newsletter Management Aweber – after trying out a number of different newsletter services, we found the best deliverability rate and easiest management platform to be Aweber.   Their opt in’s integrate well with WordPress and Amember.
Hosting and Server Admin Support Liquidweb – Having gone through pretty much every hosting solution in the book, we can say hands down, LiquidWeb offers the highest level of support, knowledge and capacity of any host we have found.   Problems are fixes within minutes (literally) and their server and security technology is top in the business.   Couldn’t give anyone a more hearty recommendation than these guys.



Video Hosting Amazon S3 – Sure we could host with Youtube or vimeo for free, but we opted to use a paid hosting service where we could host our videos for surprisingly low rates, and we still own the content (without all the little annoying ads)

All of our themes are compatible with the new WordPress 3.1.  Please note however,  the new addition of the Admin Bar on your site’s front end may cause the normal page elements to appear 28 px lower.   This is only visible to you, the admin, when you are logged in.   If you log out, the page appears perfectly aligned as usual.  *Note the addition of wp-includes/admin-bar.php

If you wish to remove the new 3.1 Admin Bar from appearing on the frontend of your site when you are logged in, please do one of the following.

1) Go To “Users” and uncheck the box next to “Show Admin Bar”  This will only affect the Admin Bar setting when you (being that specific user) are logged in.

2) If you have multiple users and wish to disable the Admin Bar for ALL users without having to change this option in each one’s User settings, open functions.php and add the following code:

add_filter( 'show_admin_bar', '__return_false' );

If you would like to remove the “Show Admin Bar” checkbox option and prevent it from displaying in the “Users” section entirely, add the following code to functions.php

remove_action( 'personal_options', '_admin_bar_preferences' );


0

Hello, my name is Jesse Wingert and I am the graphic designer and creative guy behind WordPress Now. I’m here to share a little bit of my secrets – if you will – about where to get some inspiration when it comes to making a color scheme for your website.

First, I do want to take a few steps backwards and just mention that this post is really for anyone, regarding any type of project – WordPress or otherwise. When us creative folk are developing a website, a new WordPress blog, an artsy picture, or even choosing which colors to use in our new living room, we need to come up with a color scheme. Color schemes work for several different purposes…

They work firstly as a very crucial piece of your product or company branding. Almost every successful company has established itself a set of colors that people immediately recognize and associate with that company. Google uses blue, red, yellow and green. McDonalds used red and yellow. The popular soda company, Pepsi, uses red, blue and sometimes a variation of grey. At WP Now, we use a mixture of dark grey and a few bright colors like teal, pink, and lime green, and these colors are involved with every aspect of our company. We use them with our logo, website, our business cards, t-shirts and anything else we can think of. (more…)