WordPress

Common WordPress Installation Steps

Read more about Common WordPress Installation Steps

Common WordPress Installation Steps

Install WordPress
Install the Theme => Create Child theme then activate it
Protect the website by Basic Authentication while the website under construction
do all your modification
you can now change the theme name into any name 'xxx' then modify the child them to put 'xxx' as parent theme
Install some important plugins

Open WooCommerce Rest API by the browser

Read more about Open WooCommerce Rest API by the browser

It is very nice to be able to see how we can get the data by the API, in WooCommerce there is a possibility to do that

first we need

consumer_key
consumer_secret

once you get those values you can use this link to get the list of products

https://{www.example.com}/wc-api/v3/products/?consumer_key={consumer_key}&consumer_secret={&consumer_secret}

or you can use the new API

Password Protected Folder Returning 404 Error

Read more about Password Protected Folder Returning 404 Error

did you have 404 Error when you tried to use Basic Authentication to one of your directory ?

please follow this steps to solve it

Assuming the following directory structure:

How to Exclude a Category From Your WordPress Homepage

Read more about How to Exclude a Category From Your WordPress Homepage

This method requires you to add code to your WordPress files. If you haven’t done this before, then see our guide on how to copy and paste code snippets in WordPress.

You will need to add following code to your theme’s functions.php file or a site-specific plugin.

Limit Tags Cloud in Wordpress

Read more about Limit Tags Cloud in Wordpress

in order to limit the wordpress tags cloud you can use these two ways , you can choose whatever you want

open your functions.php file in your theme and add this code

Method 1

How to Disable JSON REST API and XML-RPC in WordPress by htaccess

Read more about How to Disable JSON REST API and XML-RPC in WordPress by htaccess

How to Disable JSON REST API and XML-RPC in WordPress by htaccess

Resize reCaptcha in Contact form7

Read more about Resize reCaptcha in Contact form7

Resize reCaptcha in Contact form7

to scale reCaptcha in WordPress Contact form you can add this to the css file

.anr_captcha_field iframe {
    -webkit-transform:scale(0.90);
    transform-origin:0 0;
    -webkit-transform-origin:0 0;
}

Tips to Install a Secure WordPress

Read more about Tips to Install a Secure WordPress

All of us know that WordPress is the most common CMS and it is the easiest one ever, Now I will put here some tips to install a secure WordPress

Install WordPress CMS platform Here is the link
https://wordpress.org/plugins/advanced-nocaptcha-recaptcha

Important tips:

Block wp-includes folder and files Wordpress

Read more about Block wp-includes folder and files Wordpress

To hide sensitive files in the wp-includes folder, add the following code to the .htaccess file in the root of your site:

# Block wp-includes folder and files
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteRule ^wp-admin/includes/ - [F,L]
 RewriteRule !^wp-includes/ - [S=3]
 RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
 RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
 RewriteRule ^wp-includes/theme-compat/ - [F,L]
 </IfModule>

Prevent execute PHP file in wp-content/uploads directory

Read more about Prevent execute PHP file in wp-content/uploads directory

wp-content/uploads directory

your wp–content/uploads directory should be considered a potential entry point and can be exploited for number of wordpress hacks . The biggest potential threat is the uploading of PHP files.

If you can browse /wp–content/plugins/ – the enumeration of plugins and versions becomes much easier! Exploiting this can allow an attacker to obtain sensitive information that could aid in further attacks.