Easy WordPress Setup and Modification

quote rotator plugin: “Quotes-Collection” by Srini G.

Quotes Collection, an outstanding WordPress plugin by Srini G. is easy to configure, has no problem with multiline quotes, html within entries, and, for those who aren’t afraid of a little code – has even more options. (We apologize for not correctly displaying the code – the “code” function (“Writing Code In Your Posts” in the WordPress Codex seems a bit over our heads. For instance, inserting the string  (open bracket) quote|random (close bracket)




Have faith, with a dashing hero like me on the case, how can we fail? – Captain Jack Harkness — James Moran, Torchwood – Wikiquotes from episode 2.2, “Sleeper“

within a post or page will display a random post. The code




Have faith, with a dashing hero like me on the case, how can we fail? – Captain Jack Harkness — James Moran, Torchwood – Wikiquotes from episode 2.2, “Sleeper“

Will display a specific post. I have only one small cautionary observation: while you can easily find this plugin in the WP directory by searching for “quotes-collection” - the widget which the plugin creates is called “random quotes,” although the settings are in the Tools menu under “quotes collection.”

Since we’ve been testing a whole bunch of plugins in this category, and the in-house testing staff is an easily confused bunch to begin with, this gave us a moment’s pause.

Other than that – this one’s a keeper. Assuming you’ve got quotes worth quoting.

Tip of the hat to the always-useful Randa Clay, who mentioned this plugin in her post “Keep Your Site Looking Fresh With Rotating Content.”

A Common-Sense WordPress Security Primer:

A Common-Sense WordPress Security Primer, by David Coveney of the Liverpool-based InterConnectit IT. An excerpt:

There’s been a big fuss lately over the latest WordPress hacks that have targetted older versions of WordPress.

And in my view, they show the less pretty side of WordPress and some people in the community… but not all of them.  The attitude has been a straight “upgrade your blog and you’ll be secure.”

Well, I have news for you.  They’re wrong.

You’re Never Secure

Even if you have the very latest version of everything there are, out there, what are known as zero day exploits.  These are vulnerabilities which are kept secret by the hackers who have found them.  They cease to be secret if they become widely used in a large scale attack.  Like the current one against WordPress.

Now, if there are vulnerabilities out there that nobody knows about then your high profile WordPress site or blog could be targetted in a way that you, I, or the (great and lovely) WordPress developers out there don’t know about.

Not Everyone Can Upgrade Immediately

Quite frankly, I find the glib assertion that staying up to date is all you need to be secure to be… terrifying.  It’s bad advice because it leaves people with the feeling that all they need to do is to stay up to date and all is well.  Not only that, but it sidesteps the whole issue that WordPress should really consider running security updates on older versions of WordPress – not all sites can quickly change from one version to another.  When WordPress 2.8 came out it broke multi-use widgets – you could recode them, but then settings could be lost.  There are sites out there that run hundreds of widgets, and re-configuring them will be a big job.  If a new vulnerability comes out in WordPress it may not even be relevant to some sites because they may be doing everything else correctly.

In fact, in a critical environment you absolutely do not update your software without running a full suite of tests to make sure the updates won’t bring down your site.  This is a major problem for sites which, in some cases, are turning over tens of thousands of pounds a month.  Yes, they can throw money at the problem, but it still takes time – and when there’s a vulnerability the one thing you don’t have is a lot of time.  So a site needs to rely on more than just WordPress for security.

Mr. Coveney clearly understands something about the phenomenology of risk, and he’s got some good practical advice. Perhaps we can persuade him to write something for Popular Logistics, our primary blog, which is about risk assessment, mitigation and control.

A Common-Sense WordPress Security Primer. By David Coveney at InterConnectit – or perhaps it’s pronounced “InterConnect IT.”

Possibly related posts: (automatically generated)

• Related posts on WordPress Security
• Security And Anti-spam Plugins For WordPress | Saigon SEO dot Com

Vladimir Prelovac: How to do a full WordPress backup and restore

Straightforward, simple instructions for a critical task: How to do a Full WordPress Backup and Restore. Vladimir Prelovac, on his blog, Prelovac.com, does things which seem to fall into two categories. The first is providing concise and clear instructions on important subjects which, despite their importance, don’t inspire people to write oustanding tutorials (or perhaps they consist of search terms so common that it’s hard to find them via search engines). We’ll get to Vladimir’s second area of brilliance in a moment.

I have only one thing to add to his advice, which includes using the excellent plugin WP-DBManager, by Lester Chan. Be careful that you don’t set the plugin to backup too often without removing older backups. The reason is that some web hosts, because of the way Unix works, are even more concerned about the number of files on their servers than they are about space. I ran afoul of my hosting company’s limits by being a little careless about the settings in WP-DBManager. It doesn’t take very long to generate a few hundred thousand files when you back up a WordPress installation.

The second is adding some great powerful functionality – e.g. the Insights plugin. Insights permits you, while you’re composing a post, and without leaving the editing window, to search your own blog (“didn’t we write something about this before that we should refer to here?”); open-license images (“wouldn’t a picture of, say, a cherry make this post perfect?”), videos, Wikipedia, news, blogs, and books, all of which permit you to very efficiently improve a post by making it more authoritative, more persuasive, clearer, and more entertaining.

Using Insights, I’m able to quickly retrieve earlier posts about Vladimir: Here’s our earlier post about Insights: Insights Plugin: finding images, citations, references while composing. This plugin’s so good that I don’t mind at all repeating myself.

How-To-Blog: 3 posts about using Twitter on your blog

Matt Lawrence, one of the four people who have created How-To-Blog-TV (don’t let the .tv domain fool you – they’re doing “old-fashioned” blogging and instructional video), has written three posts which will introduce you to Twitter as blogging tool, and walk you through the necessary steps to get up and running.

Integrate Your Wordpress Blog with Twitter

WordPress Plugin: WP to Twitter Install & Setup

WordPress Plugin: WP to Twitter Install & Setup

How-To-Blog looks like it’s well on its way to become an excellent blogging resource; they’ve also got a Thesis Theme installation that’s very easy on the eyes.

Possibly related posts: (automatically generated)

• Related posts on social media
• 5 B2B Social Media Winners « Converge Weekly
• Social Media Influence: Social Media News & Intellegence » Twitter …
• Do We Take Social Media and Connectivity for Granted?

• Related posts on Thesis Theme
• HuTruc
• SimplePress Thesis theme review — Hư Trúc Blog
• Comparison of the Affiliate Theme vs StudioPress vs Thesis Themes …

• Related posts on twitter
• Dalai Lama Joins Twitter | ICT magazine
• How to Use Twitter for Marketing
• Twitter Posts 2010-02-23 | Marcus Couch

Aliso(n) Barrett’s new ColorBoxes plugin for WordPress

Alison Garrett is the author of the new WP plugin ColorBoxes – and the proprietor of Aliso The Geek ((We think there’s a clever play on words or anagram or something there – or she just forgot the “n.” But since she’s done all this top-flight work, we prefer to think there’s something mysterious happening.)). one of the principals in Barrett Creative ((notice all the consonants in his name are still there.)) and is the Interactive Architect at Brave New Media.

ColorBoxes is exceptionally easy to use; it accepts html tags – but if you don’t know anything about html, or think you don’t, just use the WYSIWYG editor (with the “Visual” tab highlighted), write what you want, click the “HTML” tab, and copy (or cut) and paste from the html side of the editing window into one of the colored boxes at the bottom of the editing page.

Colorboxes can easily be found and installed from within the WP Admin Panels: navigate to Plugins | Add New | Search, and when you get to the search window try “Colorboxes” and “Barrett,” since “Colorboxes” alone will return many hits you’re not interested in.

Let’s not forget her other plugins: SimpleMap (shows location of client’s store on map) and the WowHead Sidebar Search. I believe that WOW in WOWHead has something to do with the game “World of Warcraft.”

Randa Clay delivers the goods

Randa Clay, an excellent designer, is also an apparently infinite source of freebies, and useful advice. A few of her recent offerings:

• Randa’s 10 favorite free fonts
• The Ultimate Premium Theme (I’m not telling – and it’s a complicated answer, anyway)
• If you need some inspiration – check out Randa’s portfolio

RandaClay.com

Time Release Plugin from PiePalace.ca

The Time Release Plugin from Pie Palace is another brilliant piece of work from Erigami Scholey-Fuller, whose other plugins include

• MiniPosts and
• Irrepressible Fragment (about which I hope to be posting shortly)
• BiblioPress

It’s also worth mentioning that the PiePalace blog is worth reading for its own sake – recent coverage of Canada’s national discussion/debate on torture has been quite informative. But – onto Time Release. If you’re not able to post daily – but are occasionally able to write more than one post – you can check “queue for Time Release” in this box, which will appear in your post editing window:

We’ll assume for present purposes that you’ve set Time Release to release a post every day from the queue. If you post on Monday, Time Release does nothing. If, on Tuesday, you fail to post, Time Release will publish the first post in the queue, using as zero-hour the time of day at which it was installed. That is – if you want a new post every day at 8:00 A.M., make sure your WordPress installation knows the correct local time ( that’s in Settings | General in WP 2.9.1), and install the plugin at that time of day. The publication day will be the day it’s actually posted.

Time Release will let you appear more organized and consistent – but (current version, at least) doesn’t let you specify more than one post per day. Still, if you’re busy, this can keep your blog rolling more smoothly. While I’d like more control, I think I’d like – even more – to set the “put in queue” box checked as default, so every post after the first one each day gets queued. I do tend to post in clusters – so that would even things out. However, it’s easy to drag-and-drop the checkbox to the upper-right-hand portion of the screen, so it’s harder to miss or forget.

Time Release – downloadable at the WordPress Plugin Repository.

Easy Admin Color Scheme

If you’re running more than one blog, and work in more than one browser tab, it’s easy to get confused. Easy for me, anyway. I switched monitors – found that I was having some trouble reading some portions of the WordPress dashboard, and quickly found Easy Admin Color Schemes, a WP plugin by James Dimick. Without even using the customization options, I was quickly able to, in effect, “color-code” several blogs -which makes navigating between them much easier.

Easy Admin Color Schemes on the WordPress Plugin Repository.

Possibly related posts: (automatically generated)

• Related posts on Plugins
• WordPress UK » Blog Archive » Wordpress Mobile Plugins Review …

• Related posts on wp-admin panels
• in which i leave my comfort zone

ZadaNews: free magazine/news style WP theme

Via Weblog Tools Collection, a new theme released under the GPL ((The General

Public License, is, according to Wikipedia, “an example of a powerful copyleft license that requires derived works to be available under the same copyleft. Under this philosophy, the GPL grants the recipients of a computer program the rights of the free software definition and uses copyleft to ensure the freedoms are preserved, even when the work is changed or added to. This is in distinction to permissive free software licenses, of which the BSD licenses are the standard examples.” The GPL is the creation of the Free Software Foundation)). Here’s a screenshot:

Download available here. The ZadaNews theme can be seen in operation at ZadaNews.com.

I installed it in a sandbox (quick: can we use “sandbox” as a verb, as in “we sandboxed it within an inch of its life”?) and found looked impressive immediately, and the backend ((If I’d had either enough coffee or enough sleep I’d have writen better, more precise. In point of fact the WP “backend” is probably better used to describe  the SQL tables and other software upon which WordPress depends.))  (i.e. the admin panels and controls made sense). made sense and worked worked fine.

Download available here. The author(s) of the theme, and the proprietors of the ZadaNews site, don’t say much about themselves.

Malware attacks on WordPress

We’ve just found some malware – or, more precisely described, links inserted into our posts which, if followed, would lead readers to sites containing malware. One of the variants is described as “Reycross [dot] com” – one of the ones which hit us leads people to the site blog [dot] campe [dot] com [dot] br.

Update: Vladimir Prelovac advises use of the plugin WordPress Exploit Scanner, by Donncha O Caoimh ((I’ve done an injustice – as English-language users often do – to the Irish transliteration of his name. There are accents and phonetic markers missing. There’s probably a way to resolve that in WP and/or HTML, but I don’t know what it is. Mr. O Caoimh, it’s my understanding, is one of the early major contributors to WordPress – and with this plugin, now having undergone a number of iterations, he’s working to keep it safe. Gives an entirely new meaning to the idiom “gift of Blarney.” ))

Riyad Kalla of the blog/website Kallasoft has written one helpful post How to Remove reycross.com WordPress Malware.

Vladimir Prelovac – always sharp, wrote about this over a year ago: Check your website for virus attack ! and in how to check WordPress sites (Readers may remember our posts about Vladimir’s exceptionally helpful Insights Plugin, which I use daily.(See the rest of his WordPress Plugins – and you’ll see what great contributions he’s made to the Wordpress toolbox)

My preliminary take on this is that by WordPress 2.8 or 2.9 – the vulnerability had been removed – so at a minimum, one can upgrade – and then manually remove the offending code. But – haven’t confirmed it – so we’ll try to update this.

Possibly related posts: (automatically generated)

• Related posts on malware
• Lavasoft Ad-Aware Pro Internet Security 2010 v8.1.2 | D&D | Deals …
• Malwarebytes Anti-Malware Review

Next Page »