How to fix Timthumb security issue?

Timthumb.php is a popular script that is used to resize images dynamically in WordPress sites. This can be usually found in some popular premium  themes and image related plugins. Last week, a serious security issue was found in Timthumb. Unless, you update Timthumb to its latest version at once, your site is vulnerable for hacking. This is a serious threat affecting thousands of websites and even the WordPress founder Matt blogged about this. So, please act now. Here are few simple steps to fix timthumb security flaw: Update: Use Timthumb Vulnerability Scanner plugin. 1. Deactivate unwanted plugins. 2. Delete all inactive plugins and themes. If you have customised any of these … [Read more...]

How to find if a site is powered by WordPress?

Many clients approach me thinking a site is done in WordPress while it is not. So, how to find if a site is powered by WordPress? 0. Use It detects a WordPress site with almost 100% accuracy. 1. Right click on any page in the site and select "View page source". You can also select "Page Source" in the view menu in the browser. In the source page, search for terms like wp-content or wp-admin or wp-includes . Any site not having these words in the source is not powered by WordPress. Some might have changed the wp prefix for security reasons. But is a very rare case. 2. Check to see if it is powered by WordPress. You can also use this method to … [Read more...]

Best WordPress Permalink structure

When you install WordPress, the default permalink structure you have is . You can retain this structure if having the shortest URL possible is your priority. Else, you need to change this for better SEO. The most used custom WordPress permalink structure is . The permalink structure I use is . This is good for performance. Also, gives an idea to the user when the post was written. They can also trim the URL like or and see archives for that period. If you write posts daily or write many posts a day like in news websites, then … [Read more...]

FTP publishing on Blogger to WordPress: Migration guide

Blogger is closing its FTP publishing soon. Those who want to stay with Blogger custom domain or Blogspot can wait for their Migration tool. I recently migrated a client's site from Blogger FTP publishing to WordPress and it was a learning experience. Here is a brief migration guide: 1. Create a beta site in WordPress. ( ) 2. WordPress import will not work with FTP publishing on Blogger. So, switch FTP publishing to some Blogspot domain name for a moment. Don't worry. Your blog will be safe as all the FTP files still remain on your server and your site will be accessible. 3. Import your Blogger comments and posts from the Blogspot domain to beta WordPress … [Read more...]

WordPress Security Tips

WordPress security tips: * Keep your WordPress installation and plugins up-to-date always and immediately. Many attackers try to take advantage of loopholes in outdated software. So, do not hesitate to upgrade WordPress fearing it would break custom made themes and plugins. Security should be the top priority. Use only trusted sources for WordPress themes and plugins. Please be aware that most of the pretty looking free WordPress themes may be having malware. * Use a strong, unique and different password each for WordPress admin user name, WordPress MySQL database, FTP user account and the web hosting control panel user name. These two steps are the most important WordPress security … [Read more...]

Slow WordPress?

Is your WordPress site slow? Try these simple steps to increase  your page loading speed: 1. Upgrade WordPress software, current theme and plugins to their latest versions. 2. Use W3 Total Cache plugin. This will increase page speed for repeat visitors and non-bouncing visitors. 3. Deactivate and delete as many unnecessary plugins you can. Check the remaining plugins using P3 (Plugin performance profiling plugin). If you can implement a function by directly modifying the theme without using the plugin, then do it. 4. Use smaller sized images in  your posts. Use GIMP or PhotoShop and save the images as File->Save for web. 5. Reduce the number of images / scripts you call … [Read more...]