Changing your WordPress site language (locale) dynamically

There are some fantastic multilingual plugins for WordPress, however for one client project I needed something far more flexible, as this particular client needed to cater for several countries that each spoke several languages. In short the client needed to be able to have a multisite instance that had a country and language set as…

Enforce Version Control in WordPress to Boost Security

If you have spent a long time working on your clients website, ensuring everything is in version control (such as git). Then you would be pretty gutted if your client edits a theme file, or adds a new plugin that lives outside of your version controlled workflow. Adding code that lives outside of a tightly controlled workflow means:…

Stop Clickjacking by preventing your WordPress site loading in a Frame

Clickjacking is a potential security risk caused by someone loading your website inside a frame on another website and making it appear as if the website is legitimate, however they will be hijacking interactions you make with that site, such as form submissions. I wrote about how to manage this over on my Wholesome Code…

Prevent XSS (Cross-Site Scripting) by escaping values in your WordPress templates

If you are developing a WordPress theme or plugin then it is important to make it as secure and robust as possible. One way to do this is to properly escape values that you use in your project so that XSS (Cross-Site-Scripting) is prevented. I wrote all about this over on my Wholesome Code blog.…

Custom conditional statements around your WordPress enqueued stylesheets

You may be aware that you can add conditional statements around your WordPress enqueued CSS styles (such as <!–[if gt IE 7]><link …/><![endif]–>) to load the script for certain versions of Internet Explorer. As handy as this is, it doesn’t cater for all situations. This tutorial will show you how you can expand WordPress to add any type…

Prevent users from sharing login credentials in WordPress

As any Information Governance expert will tell you, sharing usernames and passwords is bad! Fortunately we can boost your WordPress security with this tip. Although nothing is as good as educating your users as to why they shouldn’t be sharing their usernames and passwords, in WordPress we can certainly make it difficult for them to do…

How to add items to robots.txt with WordPress

If you wasn’t aware, WordPress auto-generates its own robots.txt file, and that there is a filter that you can hook into to allow you to add your own rules to the file. The filter in question is robots_txt filter. Using this information I hand crafted this handy little snippet: So there you go, a short, but handy little blog…

Contributing to WordPress Core for Absolute Beginners

This blog post details my first experience of contributing to WordPress Core, and hopefully it will provide a little help for any other budding contributors. Where to Start The WordPress.org website has a fantastic section for contributors, the section I was looking for in particular was the Make WordPress Core area of the website. It was here that…

Creating a Custom CMB2 Link Picker Control for WordPress

In this tutorial I will look at how you can create a custom control to extend the functionality of CMB2 (Custom Meta Boxes 2) by WebDevStudios. I develop websites (and web applications) with the WordPress CMS (Content Management System), and when a new project lands you can guarantee that there will be a requirement for me to develop ‘Custom…

Debug PHP with Vagrant using Xdebug and Sublime Text

Following hot on the trail of my recent post about getting started with Vagrant, I figured I would let you know how you can debug the PHP that is running on your Vagrant box with Xdebug, using your host IDE (in this case, everybody’s favourite editor Sublime Text). Xdebug will allow you to place breakpoints in…