StudioPress Premium WordPress Themes: Foodie Pro Theme

Tips And Tricks

  • What’s New in WordPress 4.0

    Finally the much anticipated, WordPress 4.0 arrived today. It is a major release, packed with lots of improvements and some new features. At WPBeginner, we closely followed the development and wrote about what’s coming in WordPress 4.0. There are many new things that we are particularly excited about. In this article, we will show you what’s new in WordPress 4.0 and what cool new features you should try out after updating your sites.

    Please note that WordPress 4.0 is a major release, so it will not get automatically updated. You will have to initiate the update.

    Also note that 4.0 is just a version number. WordPress has a release cycle and 4.0 comes after 3.9, there is no such thing as WordPress 4 or WordPress 3.

    Improved Internationalization Support

    WordPress is used around the world and powers websites in many different languages. Previously, if a user wanted to use WordPress in other languages, then they had to either install a localized version of WordPress or manually upload translation files.

    As of WordPress 4.0 the first step in the WordPress installation is to choose a language.

    Choosing a language during WordPress installation

    When writing about what’s coming in WordPress 4.0, we assumed that users will be able to switch languages from the Settings screen. But this is not the case, users can only switch languages already installed in their /wp-content/languages/ directory.

    Manage Your Media With Style

    WordPress 4.0 comes with a new and improved media library. Users will now be able to see their uploads in a nice grid layout with infinite scroll. This new layout is much faster and allows you to quickly search, browse, and edit media files.

    New Media Library in WordPress 4.0

    Clicking on an item in the media library opens it in a popup window where you can add image caption, alt text, title, and description. Users can also use arrow keys on their keyboards to browse images or use esc key to close the popup.

    Media popup in WordPress  4.0

    Embed Previews in Post Editor

    Users can now see their embeds right inside visual post editor. This means that when you paste a YouTube video URL in the visual editor it will automatically become visible right inside the editor. Same goes for Tweets and other oEmbed supported embeds.

    Visual embeds in WordPress 4.0

    Improved Post Editor

    WordPress 4.0 brings some very important improvements in the post editor, which we believe will greatly improve writing experience for most users.

    First improvement is the removal of scroll bar in the post editor. Multiple scrollbars on a page made it a little difficult to work on long articles. Now the post editor will automatically adjust itself as you write.

    Improved post editor in WordPress 4.0

    The second improvement is the sticky menu bar in the post editor. This means that the menu bar and the add media button will remain visible on user’s screen and you will not have to scroll to click on a button.

    Plugin Search and Install Experience

    Another most anticipated feature of WordPress 4.0 is the new plugin install screen. Search results now appear in boxes and show more useful information than before. Searching for plugins is way faster and you can quickly switch between featured, favorites, and popular plugin tabs.

    New plugin install experience in WordPress 4.0

    Clicking on more details opens the plugin’s page in a popup window. This window is now styled to match with rest of the WordPress admin area. Also notice that it load’s the plugin’s complete readme file at once so switching between tabs on the details popup is very faster.

    Theme Customizer Panels

    Widgets were added to Theme customizer in WordPress 3.9. The are now moved to their own panel in customizer, making it easier to easily add and manage widgets from customizer screen.

    Widgets in Theme Customizer

    For Developers

    A whole new API for user controls in customizer is introduced. Just like Widgets are grouped into their own panel, theme and plugin developers can now group options on panels. Customizer now supports contexts, panels, and a whole new set of controls which you can use in your themes and plugins.

    In other under the hood improvements, query ordering will now give developers more ways to use ORDER BY clauses in WP_Query. TinyMCE, jQuery, and MediaElement libraries are updated.

    We hope this article provided an overview of what’s new in WordPress 4.0. We are particularly, delighted with the new post editor and how it adjusts itself. Let us know which features you liked the most and what you would like to see in future releases?

    Read more »
  • 9 Most Useful .htaccess Tricks for WordPress

    Many WordPress users come across .htaccess file when fixing their permalinks. However you can do so much more. The .htaccess file is a powerful configuration file that allows you to improve your site’s security and performance. In this article, we will show you 9 most useful .htaccess tricks for WordPress that you can try on your site right away.

    Getting Started

    Before you make any changes, you need to backup your existing .htaccess file. Connect to your website using an FTP client and simply download the .htaccess file to your computer. If something goes wrong, then you can upload the backup file.

    If you cannot see the .htaccess file, then make sure your FTP client is configured to show hidden files. Read our guide on why you can’t find .htaccess file on your WordPress site for more details.

    If you do not have a .htaccess file in your website’s root folder, then you need to create one. Simply create a blank text file and save it as .htaccess. Make sure that the file name is .htaccess and not htaccess. Lastly, you need to upload the file to your website’s root folder.

    1. Protect Your WordPress Admin Area

    You can use .htaccess to protect your WordPress admin area by limiting the access to selected IP addresses only. Simply copy and paste this code into your .htaccess file:

    01 AuthUserFile /dev/null
    02 AuthGroupFile /dev/null
    03 AuthName "WordPress Admin Access Control"
    04 AuthType Basic
    06 order deny,allow
    07 deny from all
    08 # whitelist Syed's IP address
    09 allow from xx.xx.xx.xxx
    10 # whitelist David's IP address
    11 allow from xx.xx.xx.xxx
    12 # whitelist Amanda's IP address
    13 allow from xx.xx.xx.xxx
    14 # whitelist Muhammad's IP address
    15 allow from xx.xx.xx.xxx
    16 # whitelist Work IP address
    17 allow from xx.xx.xx.xxx

    Replace xx.xx.xx.xxx with your own IP addresses. If you use more than one IP address to access the internet, then make sure you add them as well. See our guide on how to protect your admin folder in WordPress using .htaccess

    2. Password Protect WordPress Admin Folder

    Password protect your WordPress admin directory using .htaccess file

    First you need to create a .htpasswds file. You can easily create one by using thisonline generator.

    Upload this .htpasswds file outside your publicly accessible web directory or /public_html/ folder. A good path would be:


    Now you need to create a new .htaccess file and add this code:

    01 AuthName "Admins Only"
    02 AuthUserFile /home/yourdirectory/.htpasswds/public_html/wp-admin/passwd
    03 AuthGroupFile /dev/null
    04 AuthType basic
    05 require user putyourusernamehere
    07 Order allow,deny
    08 Allow from all
    09 Satisfy any

    Important: Don’t forget to replace AuthUserFile path with the file path of your .htpasswds file and add your own username.

    Upload this .htaccess file to your wp-admin folder. That’s all, your WordPress admin folder is now password protected and only you or the users you allow will be able to access it. For detailed instructions, take a look at how to password protect your WordPress admin (wp-admin) directory.

    3. Disable Directory Browsing in WordPress

    Many WordPress security experts recommend disabling directory browsing. With directory browsing enabled, hackers can look into your site’s directory and file structure to find a vulnerable file. Learn more about why and how to disable directory browsing in WordPress.

    Disable directory browsing using .htaccess file in WordPress

    To disable directory browsing in WordPress all you need to do is add this single line in your .htaccess file:

    1 Options -Indexes

    4. Disable PHP Execution in Some WordPress Directories

    Sometimes hacked WordPress sites usually have backdoor files. These backdoor files are often disguised as core WordPress files and are placed in /wp-includes/ or /wp-content/uploads/ folders. An easier way to improve your WordPress security is by disabling PHP execution for some WordPress directories.

    Create a blank .htaccess file and paste this code inside it:

    2 deny from all

    Now upload this file to your /wp-content/uploads/ and /wp-includes/ directories. For more information check out this tutorial on how to disable PHP execution in certain WordPress directories.

    5. Protect Your WordPress Configuration wp-config.php File

    Probably the most important file in your WordPress website’s root directory is wp-config.php file. It contains information about your WordPress database and how to connect to it. To protect your wp-config.php file from unathorized access, simply add this code to your .htaccess file:

    2 order allow,deny
    3 deny from all

    6. Setting up 301 Redirects Through .htaccess File

    Using 301 redirects is the most SEO friendly way to tell your users that a content has moved to a new location. If you want to properly manage your 301 Redirects on posts per post basis then check out how to do 301 redirects in WordPress with Quick Page/Post Redirect.

    On the other hand if you just quickly want to redirect users from one URL to another, then all you need to do is paste this code in your .htaccess file

    1 Redirect 301 /oldurl/ http://www.example.com/newurl
    2 Redirect 301 /category/television/http://www.example.com/category/tv/

    7. Ban Suspicious IP Addresses

    Seeing unusual requests from an IP address? Want to block an IP address from accessing your website? Add this code to your .htaccess file:

    2 order allow,deny
    3 deny from xxx.xxx.xx.x
    4 allow from all

    Replace xxx with the IP address you want to block.

    8. Disable Image Hotlinking in WordPress Using .htaccess

    Other people can slow down your website and steal your bandwidth by hotlinking images from your website. Normally, this doesn’t concern most users. However, if you run a popular site with lots of images and photos, then hotlinking can become a serious issue. You can prevent image hotlinking by adding this code in your .htaccess file:

    1 #disable hotlinking of images with forbidden or custom image option
    2 RewriteEngine on
    3 RewriteCond %{HTTP_REFERER} !^$
    4 RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?wpbeginner.com [NC]
    5 RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?google.com [NC]
    6 RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?feeds2.feedburner.com/wpbeginner [NC]
    7 RewriteRule .(jpg|jpeg|png|gif)$ – [NC,F,L]

    Don’t forget to replace wpbeginner.com with your own domain name.

    9. Protect .htaccess From Unauthorized Access

    As you have seen that there are so many things that can be done using .htaccess file. Due to the power and control it has on your web server, it is important that you protect it from unauthorized access by hackers. Simply add this code to your .htaccess file:

    2 order allow,deny
    3 deny from all
    4 satisfy all

    We hope this article helped you learn some of the most useful .htaccess tricks for WordPress.

    Read more »
StudioPress Premium WordPress Themes: Modern Blogger Theme