The 101 on 401

Simply put, a 401 error is what happens when communication with the WordPress hosting server is attempted without proper authentication.

This error can appear in a number of different forms. The most common error messages are “Error 401” and “401 unauthorized error”. These two numerically-based errors are usually accompanied with the message “Access is denied due to invalid credentials” or “Authorization required.”

One of the most frequent causes of a 401 error is simply forgetting to enter a password when you try to access your account. But there can be more to it than that. If there’s an attack on your site, any WordPress security plugins that you use may lock down your admin area. Which will, in turn, cause a 401 error message.

Another possibility is that your hosting company may display the error when your login pages are accessed excessively or brute-forced. Normally, these messages will appear on your admin page and login page. However, the error may appear throughout your site, especially if it’s more serious.

Now that you know the basics about the error and its causes, let’s run through the various fixes. Most of these are simple, but some require more complicated procedures.

Table of Contents

1. Disable Password Protection
2. Clear Your Firewall Cache
3. Deactivate Your WordPress PlugIns
4. Switch to a Default WordPress Theme
5. Contact Your Web Hosting Provider

Solution 1: Disable Password Protection

One of the quickest and easiest fixes for a 401 error is to temporarily remove password protection on your admin page (if you have it enabled).

To do this, you’ll need to log in to your control panel (cPanel, Plesk etc.). Then, look for the icon Directory Privacy or Password Protected Directories.

When you open one of these icons, you’ll see all the files and folders on your hosting account. Find the wp-admin directory and click the name to select it.

When you do this, your control panel will display the password protection settings. If the box is checked next to “Password protect this directory,” uncheck it and click the Save button.

Once you’ve done that, scroll down and delete the username as well. Try to log in again. If you’re successful, you can create a new username and password for the directory and proceed normally.

Solution 2: Clear Your Firewall Cache

If you’re using a cloud-based WordPress firewall service like Sucuri, the 401 error may be triggered when the firewall fails in its efforts to communicate with your WordPress site.

The basic solution for this is to go to the dashboard of the firewall and find the section pertaining to cache functions.

This will be slightly different for each firewall plugin, but that’s the basic solution, and a simple implementation will often allow you to proceed unimpeded.

Solution 3: Deactivate Your WordPress PlugIns

If a WordPress plugin is configured incorrectly or isn’t working right, this too can cause a 401 error.

To fix it, visit the plugin page Plugins > Installed Plugins and deactivate all of your plugins. This will allow you to reactivate them one by one to determine which plugin is causing the problem.

If you don’t have access to the WordPress dashboard, you’ll need to use a File Transfer Protocol (FTP) like FileZilla to deactivate the plugins.

This can be done by going to the WordPress plugin folder wp-content/plugins and renaming it, designating it to be plugins-deactivated.

Once the plugins are deactivated, you can return to the admin area and try to log in. If you are successful, switch back to FTP access.

Rename the plugin folder so that the plugins are activated again, then go back to the admin area and deactivate them one at a time to see which one is causing the problem.

When you’ve isolated the problematic plugin, you can either try to get support from the plugin creator or find another option.

Solution 4: Switch to a Default WordPress Theme

If you’re using your own WordPress Theme, this can sometimes be the cause of a 401 error. To fix it, you need to temporarily switch to a default WordPress theme.

These themes are supplied by the WordPress, and they’re shipped as part of the default version that’s automatically installed if you don’t designate otherwise.

To do the switch, go to the Appearance > Themes page and try to deactivate your own theme. Then, switch to one of the default ones. (e.g. 2020, 2019, 2018, etc.).

If the error goes away once you’ve activated the default theme, that means your theme was the issue, and you either need to contact the theme developer to fix it or permanently change to a different theme.

Solution 5: Contact Your Web Hosting Provider

In some instances, the 401 error can be generated when your hosting provider detects suspicious activity. Usually, this security precaution only affects the admin area of WordPress and makes your login page inaccessible for a brief but indeterminate period of time.

After waiting, the page should return to normal. If it doesn’t or you start seeing 401 errors on all your site pages, contact your hosting provider immediately. They can help address the issue and fix the problem.

My Final Thoughts

When it comes to WordPress, most errors are easy to understand, and correcting them is generally simple as well. But there are exceptions. The 401 error is definitely one of the more confusing ones and fixing it can be tricky business.

I think the important thing to remember is that 401 errors are caused by improper authentication. If you keep this in mind when you are trying to troubleshoot your website, it will help lead you in the right direction.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Fix a WordPress Site With a 401 Error (5 Solutions) appeared first on Zuziko.

Always create strong passwords. Use a combination of letters, numbers and special characters. Your WordPress password is the first line of defense against hackers. Many users end up using short, weak passwords because they’re easier to remember. That’s not a good idea. If someone were able to guess or brute force your admin password, they will have full control of your site.

With that being said, there are three different ways you can change your WordPress password. With the first method, you will need access to the dashboard. If you don’t have access, you will need to use method two or three.

Table of Contents

1. Change Your Password on the Dashboard
2. Reset Your WordPress Password by Email
3. Use phpMyAdmin to Change Your Password

Method 1: Change Your Password on the Dashboard

To change your WordPress password in the dashboard you will first need to log in. Once you have logged in navigate to Users > Your Profile as shown in the image below.

Scroll down the page and you will see a section called Account Management. Here you will be able to generate a new password.

You can use the password that WordPress generates for you or create one of your own. Make sure you save this password somewhere safe, especially if you decide to use a generated one.

When you are happy with your new password, click on the Update Profile button. WordPress will send you a password change notification email to notify you of the change.

Method 2: Reset Your WordPress Password by Email

The above method works great if you can log in to WordPress. But what if you don’t remember your password and can’t log in?

Don’t worry, as long as you have access to the email associated with the user account, you can easily reset your password.

Just go to the WordPress login page (https://example.com/wp-login.php) and click on the Lost your password? link.

You will then be asked to enter your username or email address. Once you have entered the information, click the Get New Password button.

Shortly after, you should receive an email containing a password reset link. Clicking this link will allow you to create a new password.

Method 3: Use phpMyAdmin to Change Your Password

So, what if you have forgotten your WordPress password and you do not have access to the email associated with the account? If you find yourself in this situation, you will need to use this method.

Warning: Editing database tables directly in phpMyadmin could completely break your site if it’s not done correctly. If you don’t feel comfortable doing this, ask your web hosting provider.

For this method, you will need to log into your hosting control panel. Scroll down the page and look for the phpMyAdmin icon like the one shown below.

Note: In this example, I am using cPanel on Hostgator. Your control panel might look different based on which hosting company you use.

Click the phpMyadmin icon and you will be brought to a page with a list of databases. Select the database that is associated with your WordPress website.

After selecting the database, you will see a list of tables. To change your password, you will need to select the wp_users table.

Select the user that needs a password change and click the edit link.

Delete the value in the user_pass field and type in your new password. You will also need to select MD5 from the dropdown in the function column.

Once you have everything set up, click the Go button. That’s it! You have now successfully changed your password using phpMyAdmin.

My Final Thoughts

Resetting your WordPress password can be pretty simple and straightforward. However, if you do not have access to the dashboard or the email you used when signing up, things can be a bit more complicated. The good news is, as I have shown in method 3, you can always reset your WordPress password using phpMyAdmin no matter what situation you’re in.

You may also want to see our step by step tutorial on how to change your WordPress username.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Change Your WordPress Password (3 Methods) appeared first on Zuziko.

One of the primary advantages of using WordPress is that you can tap into a huge community of developers working to make your site more effective. There are literally thousands of WordPress plugins available to download today, and they all have something unique to offer.

While anyone can create and publish a WordPress plugin, not all of these free tools are as safe as they seem. Deploying one poorly made plugin could destroy your entire website, pollute the user experience, and make it impossible for your company to grow.

So, how do you make sure you’re picking the right plugins?

Table of Contents

1. Ratings and Reviews
2. Number of Active Installations
3. Updates and Compatibility
4. Support and Documentation
5. Choosing a Safe Plugin

#1 Ratings and Reviews

The first thing to do when downloading a free WordPress plugin is to see what other people think about it. You can do this by clicking on the reviews tab shown below.

Users can give a plugin listed on the repository a one to five-star rating, depending on how good they think it is. Sticking to something with an average rating of four stars or above is usually a good idea.

There’s always a chance that the ratings in the star system could be skewed. Many people give just one star, or the full five stars, even when there are problems with the plugin.

That’s why it’s essential to manually read the reviews. Reading these reviews will give you a better insight into what’s good and bad about the solution.

Try to avoid any plugin that mentions security issues.

#2 Number of Active Installations

While the popularity of a plugin won’t always guarantee its safety, the higher a plugin’s number of installations, the more likely it is trusted by the community.

The WordPress plugin repository makes it very easy to check how many people are currently using a plugin. All you need to do is check the number of active installations in the description tab.

Fewer than 1,000 active installations indicates that there’s something wrong with the plugin, or that the solution is still new.

While a new plugin isn’t necessarily dangerous, it may have had fewer chances to be tested and is therefore not as airtight as some of the other plugins available online.

#3 Updates and Compatibility

Another great thing about choosing a free WordPress plugin that’s listed in the repository is that you’ll get to see when the plugin was last updated. Under the description tab, the developer can note when the plugin last got an update.

Recent and regular updates indicate that any security issues found in the plugin will be quickly eliminated.

If you tap through into the changelog tab, you’ll also be able to see in detail what the developer has been doing since the plugin’s initial release.

While you’re checking out the performance of the plugin, make sure that you go back into the description tab to ensure that the technology is compatible with your version of WordPress, and any theme you might be using.

This will make certain that you’re not wasting time with something that won’t work for you.

#4 Support and Documentation

Finally, all of the plugins in the WordPress plugin repository have a support forum under the support tab on the WordPress site.

Regular activity within those forums is a good sign that the developer is continuously working on getting rid of any issues that might appear.

If the support environment is incredibly lacking, then it may indicate that the developer has given up on their plugin.

There’s always a chance that the developer could be handling plugin support externally so you can check their website too.

Look to see what kind of documentation the developer offers to help you better understand the plugin.

You can find some of this information by heading to the FAQ tab on the WordPress plugin listing.

If you can’t find any documentation, then this is usually a bad sign.

#5 Choosing a Safe WordPress Plugin

Ultimately, free WordPress plugins can be a valuable addition to your website.

The right plugins give you more functionality online and allow you to take your site to the next level without spending a fortune.

Not all plugins are created equally though. A lousy plugin could damage your website in many ways and make it very difficult for you to build the reputation that you want online.

Some criminals can use plugins as a back door to put your entire server at risk. If you notice your website slowing down, and it’s not a problem caused by a known issue, then you may have an attack on your hands.

Remember, take the time to research every plugin that you consider adding to your website, and make sure it’s safe to use.

Once you’ve got the plugins that you believe you can trust, ensure that you update them frequently. Regularly updating your plugins and your WordPress website can protect you from most issues.

My Final Thoughts

Third-party plugins are a crucial part of what makes WordPress such a fantastic CMS.

However, that doesn’t mean that every plugin on the market is trustworthy. Exposing your website to poorly-made plugins can harm your website’s speed, usability, and security.

Take the time to do your research. Making sure that you’re only downloading plugins that are safe for you and your visitors. This is crucial to long-term success online.

Don’t be afraid to consider other security measures too, such as malware protection for your site, or plugins that help to check for spyware and safety breaches.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post 5 Things to Consider Before Installing Free WP Plugins appeared first on Zuziko.

By default, WordPress sorts your posts in reverse chronological order (newest to oldest). This is okay for most people, but there are situations when you might want to change the order. For instance, you might have an old post you want to move to the front of your blog, or you might want to push a less helpful post back further out of sight. If you are using WooCommerce you might want to move a product to the top of your shopping page.

Whatever your reasons are, WordPress has no built-in feature to help you accomplish this. It would be nice to see this implemented in the future, but for now you will need to use one of the three methods I have shown below.

Table of Contents

1. Reorder Your Post by Changing the Date
2. Reorder Your Post Using a Plugin
3. Reorder Your Post With Custom Code

Method 1: Reorder Your Post by Changing the Date

In the image below, you can see that we have three different posts. “Example Post Three” is on top because it was the last post published. However, in this example, we want “Example Post One” to be on top. To do this we will need to change the publish date. Click on “Edit” under the post title in which you want to change.

On the right-hand side, there is a drop-down menu where you can select a new publish date. In this example, we will be choosing a date more recent than “Example Post Three”. Once you have selected a date, click the Update button.

Now that you have set an earlier published date on “Example Post One” it will be at the top of the list. This change will also be reflected on the frontend.

This is a fast way to change the order of your posts and works great if you only need to move a few around. If you need to do a lot at once, I recommend using one of the other methods below.

Method 2: Reorder Your Posts Using a Plugin

This is by far one of the easiest and best ways to change the order of your WordPress posts. There are several plugins out there, but I recommend “Post Types Order”. Post Types Order will allow you to reorder posts for any custom post types you have defined, including default Posts using a drag and drop interface.

It currently has over 3.2 million downloads and a near-perfect rating with over 200 reviews. Post Types Order can be downloaded from the WordPress Repository or from within your dashboard under “Add New” plugins.

After you have installed and activated the plugin, there will be a new option under the posts tab called Re-Order.

This will bring you to a page similar to the one shown below. Here you can drag and drop posts in whatever order you like.

It’s that easy! Post Types Order also has an advanced (paid) version that comes with hierarchically post types order, manual / automatic sorting, individual category order, conditionals to apply, paginations for large list, and a mobile ready interface.

Method 3: Reorder Your Post With Custom Code

Your last option of changing posts order would be to use some custom code. Below is an example of how you could sort your posts in ascending order on the front end.

function change_posts_order( $query ) {
if ( $query-is_home() && $query-is_main_query() ) {
$query-set( 'orderby', 'title' );
$query-set( 'order', 'ASC' );
}
}
add_action( 'pre_get_posts', ' change_posts_order ' );

This code will need to be added to your themes functions.php file. It’s always best practice to create a child theme before editing your functions.php file. This will allow you to revert back if problems arise. You could also use code snippets, an easy way to add custom snippets to your theme’s functions.

Conclusion

Hopefully, you now have a better understanding of WordPress posts and how you can change their order if the need arises. Even though WordPress does not have a built-in post re-ordering feature, setting up your own solution is very easy. In this post, I have shared what I think are the three best ways to accomplish this.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Change the Order of WordPress Posts (3 Methods) appeared first on Zuziko.

If you are looking for some useful tips to make your WordPress forms convert better, then you’re at the right place. In this article, we will discuss how to implement some of the best practices. This will ensure that your forms are appealing and easy to use.

Increasing conversions is the dream of everyone who runs an online business. To help boost your conversions, you need to pay close attention to your forms. Making them so that they entice your readers to fill them out and submit. Below, I will go over some useful tips and tricks that you can use when building your next form.

Table of Contents

1. Keep Your Forms Simple
2. Add Tooltips and Placeholder Text
3. Use a Multi-Step Form (if needed)
4. Use Inline Validation
5. Insert Basic Information
6. Use Descriptive and Bold CTA
7. Don’t Use All Caps
8. Additional Resources
9. Use Semantic Grouping
10. Thank Your Users

#1 Keep Your Forms Simple

A form is a great place to connect with your users, but don’t go overboard. Ask as little information as possible. Don’t scare them away at the first step. Questions that ask for unnecessary information should be avoided. E.g. Instead of typing the password twice, you can have only a single field and include an option to show the password.

#2 Add Tooltips and Placeholder Text

When your users are filling out a form on your website, guide them as much you can. Add tooltips or help messages to let them know why you are asking specific questions. The more transparent you are about your intentions, the more likely they are to convert.

#3 Use a Multi-Step Form (if needed)

Single-step forms are for login and sign-up pages where all actions are completed in a short, single form. But sometimes you need a big form with a lot of fields to collect more data. In that case, don’t use a long form because it can be frustrating to your users. Instead, use a multi-step form based on information groups. It’s also a good idea to let the user know about their progress with a progress bar or steps, e.g. step 1/3.

#4 Use Inline Validation

Users sometimes make unintentional errors while they type, but you can help prevent this by setting up instant validation. The best practice is to show a warning for an invalid input when they have completed one field. Never validate during their data insertion. For example, when they have completed the email field and forgot to add the ‘@’ sign, let them know about it.

#5 Insert Basic Information

Help your users understand what the purpose of your form is. A form can be confusing without any description, but it can be easy with some useful guidelines. If your company provides services, then you can set up a dedicated support form for existing customers in addition to a general contact form. Moreover, mentioning information such as the wait time, reasons for using the form, etc. can help earn more trust.

#6 Use Descriptive and Bold CTA

Whatever you do with your form, the call to action is the most important feature. Make sure your forms look noticeable and lucrative, so that they never fail to grab the user’s attention. Other than making the call-to-action button bold and bright, you should also make the text stand out. Users should know what happens when they click the button. Submit means they’re going to submit their data whereas subscribe illustrates they will receive a newsletter. If you can make it more descriptive with text like “Show me the exclusive offer” or “I want exclusive access,” then do it.

#7 Don’t Use All Caps

What’s wrong with all caps? Human eyes are comfortable with what they see regularly. Sentence case is the most repeated things we look at when we read something, be it online or offline. That’s why all caps are difficult to scan. This gives an unpleasant experience for the user. When you write placeholder text and labels for the input fields, keep them in sentence case as well.

#8 Additional Resources

You can add a FAQ section next to your contact form which may reduce the rate of unnecessary form submission. At the same time, users can get a basic understanding of the form.

If you have documentation for products or other helpful resources like video tutorials or in-depth blog posts – include them in the contact page.

#9 Use Semantic Grouping

In general, human sight works from left to right and top to bottom (of course, there are exceptions). Semantic groups allow users to put their data in a very organized way which ensures a better conversion rate. Keep the personal info in one section, address and billing in the other. No matter how big your form is, or how much information you are going to collect, keep everything fragmented.

#10 Thank Your Users

They made some effort and spent the time to complete the form. Now it’s time to thank them. Right after they click the submit button, show a thank you message. You could take things to a new level by redirecting them to a custom page. This could be a product landing page or a simple blog page.

My Final Thoughts

Gaining attention from your users requires an overall improvement of your website. But, you can turn your forms into a conversion tool by applying the tips mentioned above. Don’t just consider your WordPress forms as a simple means to collect data. They can also play a vital role in building a loyal customer base.

Hopefully, this article has given you a better understanding of how forms work and what you can do to make them convert better. Have a question? Please feel free to leave us a comment below.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post 10 Tips to Make Your WordPress Forms Convert Better appeared first on Zuziko.

WordPress comments can be a great thing for your website. They allow people to ask questions or have a discussion about the content you have written. This will not only help build a community, but it will also give you a small boost to your SEO as search engines index comments.

So, you might be asking yourself, “why would anyone want to disable WordPress comments?” This is because comments can often be spammy, hurtful and used for self-promotional reasons. 90% of the comments we receive here at Zuziko are for these reasons. Sometimes, it is a daunting task to go through all of them and find the ones that are real.

Disabling your comments can also be a great way to speed up your website. This is because each comment that is loaded on a page requires yet another database request. These can add up and slow down the speed of your website.

Whatever your reason may be, you can easily disable comments and even remove the comment section from your WordPress site. Below, I will share 3 methods on how you can accomplish this.

Table of Contents

1. Disable Comments in the Dashboard Settings
2. Disable Comments Using a Plugin
3. Disbale Comments With Code

Method 1: Disable Comments in the Dashboard Settings

When you first install WordPress, comments will be enabled by default on all post and disabled for all pages. This can be changed via the dashboard. You can enable or disable comments site wide, or for individual post and pages. You can find these options under Settings > Discussion.

Stop comments on all future posts (or pages)

On the discussion settings page, uncheck the option “allow people to post comments on articles.” This will disable all comments on future post and pages.

If you want to still allow comments on certain post and pages, you can do this by changing the discussion settings in that individual post.

Remove existing comments on all posts (or pages)

The setting we mentioned above will not remove existing comments. To do this you will need to navigate to Dashboard > Comments. This page will display every comment on your website.

Here you can select the comments you want to be trashed. Click Bulk Actions and select the comments you want to be deleted, then click the Apply button.

Stop comments on individual posts (or pages)

The easiest way to accomplish this is to go to Post > Quick Edit. From here you can quickly select each post that you would like to enable/disable comments on.

Uncheck the Allow Comments box to completely disable comments for that individual post/page.

Other Useful Settings in the WordPress Dashboard

If you don’t want to disable comments altogether, WordPress has an abundance of options you can use to make life a whole lot easier. These options are located in the Setting > Discussion panel. Let’s take a look at some of these below.

• Be Notified By Email – Having this option turned on will notify you by email when you have received a comment.
• Approve Comment Authors – If you have regulars that you trust, you can use this option to automatically approve their comments.
• Moderator Approval – With this option, a comment must be approved by a moderator before it will appear on your website.
• Blacklist IP Addresses – Sometimes you will receive spam from the same person on a daily basis. Use this option to blacklist their IP.
• Ruquire User Registration – This will require that a user be registered and logged into your website before they can leave a comment.
• Close Comments on Older Articles – You can specify the number of days at which comments will be stopped.
• Limit the Amount of Links – It’s not natural for there to be 100 links in a comment. Use this option to set a limit.

Using a combination of the options listed above, you can significantly reduce the amount of spam and self-promotional comments that you will get on a daily basis.

Method 2: Disable Comments Using a Plugin

Disable Comments is a free, easy-to-use plugin that will allow you to globally disable comments on any post, page, attachment, etc. so that these settings cannot be overridden for individual posts.

Use this plugin if you don’t want comments at all on your website (or on certain post types). Don’t use it if you want to selectively disable comments on individual posts. I have explained how to this above with the normal WordPress settings.

After you have installed and activated this plugin, navigate to Plugins > Installed Plugins and select the Settings link next to the Disable Comments plugin.

On this page, you can select where you would like comments disabled. You can select to disable comments everywhere (as shown above) or for specific post types only.

This plugin will also disable pingbacks and trackbacks. All comment fields will also be hidden from the edit/quick-edit screens of the affected post. These settings cannot be overridden for individual posts.

Method 3: Disable Comments With Code

If neither of the options above work for you or you would rather do it manually with code, you can remove the comment section from your theme files with HTML comments.

Warning: Editing the code of your theme files can break your website if not done correctly. If you don’t feel comfortable doing this, use one of the other methods I have listed on this page.

Login to your cPanel or use an FTP such as FileZilla to get access to your theme files. There are two files we will need to edit here: page.php and single.php.

Remove Comments From WordPress Pages

Open your page.php file with a text editor, and look for some code like shown below:

<?php comments_template( '', true ); ?>

Replace the code above with:

<!-- <?php comments_template( '', true ); ?> -->

This will completely remove comments from your WordPress pages.

Remove Comments From WordPress Posts

Open your single.php file with a text editor, and look for some code like shown below:

<?php comments_template(); ?>

Replace the code above with:

<!-- <?php comments_template(); ?> -->

This will completely remove comments from your WordPress posts.

Conclusion

Having comments on your WordPress website or disabling them is a personal preference. I like to keep them enabled so that I can engage with my audience and answer any questions they might have. Sure, it can be a pain to deal with the spam, but I think they are beneficial in the long run.

Hopefully, this tutorial has given you a better understanding of WordPress Comments and how you can disable them if the need arises. If you have any questions or anything to add, please let me know in the comments below.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Easily Disable WordPress Comments (3 Methods) appeared first on Zuziko.

Scalable Vector Graphics (SVG) are an XML-based vector image format for two-dimensional graphics with support for interactivity and animation.

Unlike a png or jpg image which is made up of a fixed number of pixels, a vector image uses geometric forms such as points, lines, curves and shapes (polygons) to represent different parts of the image as discrete objects.

Because of the way vector images work, they have three advantages over normal image types such as jpg, png, and gif:

1. They are crisp and clear at any resolution or size.
2. They are considerably smaller.
3. They can be animated using CSS.

SVG images sound awesome and you might be asking yourself why everyone doesn’t use them. But everything is a double-edged sword and SVG images are no exception. Below, I will go over what some of the problems are with SVG’s and why they are blocked from WordPress by default.

Why Are SVG Images Blocked by Default?

If you have ever tried to upload an SVG to WordPress you were probably met with a security error like the one shown below.

The reason WordPress has decided not to include support for SVG files is that there are many security issues that need to be addressed.

Because an SVG is an XML file, it opens it up many vulnerabilities that do not affect normal image formats. These include XML external entity attacks, Billion Laughs Attack, and XSS attacks.

To learn more about WordPress security, check out our comprehensive WordPress Security Guide.

There has been an open ticket (#24251) on WordPress.org for the last 6 years about the inclusion of SVG support in WordPress. Maybe one of these days we will see it happen but for now, you will have to bypass this security.

How Can I Safely Upload SVG Images in WordPress?

Before you can safely upload SVG images in WordPress they will need to be sanitized. When you sanitize an SVG XML file it cleans up the code. This can help you avoid the security issues related with code injection, code conflicts, and errors.

As I explained above WordPress blocks .svg files by default so we will need to bypass this by either using a plugin or adding a snippet of code to your functions.php. I will show you how to use both methods below.

Method 1: Use a Trusted Plugin

In this method, we will be using a plugin to upload SVG images. Safe SVG is a trusted plugin created by Daryll Doyle a WordPress Core Contributer and WordCamp Speaker.

Safe SVG gives you the ability to allow SVG uploads while making sure that they’re sanitized to stop SVG/XML vulnerabilities affecting your site. It also gives you the ability to preview your uploaded SVGs in the media library in all views.

This plugin has a free and premium version. The pro version allows you to restrict SVG uploads to certain users on your WordPress site. Pro users also get premium support.

All you have to do is install and activate. There are no settings for you to configure. After activating you should be able to upload and use SVG files just like any other image.

Method 2: Edit Your Themes Functions.php

If you don’t want to use a plugin, you can use this method. When editing your functions.php file it’s always best practice to create a child theme. This will allow you to revert back to the parent theme if there are any problems.

You can access your funtions.php file from the dashboard. Go to Appearance > Theme Editor and select Theme Functions on the righthand side.

Copy and paste the code below into the bottom of your functions.php file.

function cc_mime_types($mimes) {
 $mimes['svg'] = 'image/svg+xml';
 return $mimes;
}
add_filter('upload_mimes', 'cc_mime_types');

After you save the changes, you should be able to upload SVG files without any issues. However, they will not be sanitized so you will need to manually do this.

You can use the website SVG Sanitizer Test (also created by Daryll Doyle) to manually clean up SVG files. Just copy and paste the dirty code in the box and click sanitize.

Conclusion

Hopefully, this article has given you a better understanding of what SVG images are, how they work and what security issues can arise from using them.

SVG images can be a great addition to your website. They are becoming more and more popular nowadays. People mainly use them for logos, icons or any image that does not require a whole lot of detail.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Safely Allow SVG File Uploads in WordPress appeared first on Zuziko.

When you first set up your WordPress site, you created a login username and password. However, at some point you may find yourself needing to change it. There are many reasons you might want to change your WordPress username. Below, are some of the most common reasons:

• You want to change the default “admin” username.
• It sounds too similar to another username on your website.
• You made a typo when you first setup your account.
• The website or account is being transferred to another person.

Whatever your reasons are, you’ll be happy to know that your WordPress username can easily be changed despite what it says in the dashboard. There are 3 different methods you can use to change your username. Below, I will go over each one in detail.

Table of Contents

1. Use a plugin to change your username
2. Create a new user and delete the old one
3. Change your username in phpMyAdmin

Method 1: Use the Username Changer Plugin

There are a only a few plugins that can help you change your username. Username Changer is the most popular and for good reason. It’s lightweight, well reviewed, and extremely easy to use.

After you have installed and activated Username Changer, navigate to your Users > Profile page. Now, instead of saying “Usernames cannot be changed.” you will see a new option that will allow you to change your username. Click this link.

You will get an option to enter a new username. Type in your new username and click Save Username.

You should get a success message (Username successfully changed to goodusername) similar to the picture below. You will also be asked to log back in using the new username you just created. Your password will be the same as before.

That’s it! The Username changer plugin can also be used to change other users of your website. There is even a setting that will allow certain users to change their own username.

Method 2: Create a New User and Delete the Old One

For this method we are assuming that you have an administrator account. Login to your WordPress dashboard and go to Users > Add New.

Enter your new username in the box and make sure you set the role as Administrator. If you are changing another user’s username, make sure to select the correct role for their account.

When you create this new user, you will not be able to use the same email. Create a new email for the time being. After you have deleted the old account (in the next step), you can change it back to the original.

Now that we have created a new username, you will need to log out and back in with this account. After you have logged back in go to the Users tab in the dashboard and delete your old username.

On the next page, you will need to attribute all content to the new user. This will ensure that all of your existing posts and pages will now have your new username as the author.

Warning: Make sure you never select “Delete all content.” as this will delete every post and page you have ever created.

Then, click Confirm Deletion.

That’s it! Your new username should now function exactly as your old one did. You can verify this by looking at the Posts column in the Users area.

Method 3: Manually Change the Username in phpMyAdmin

Note: If you don’t feel comfortable editing your database in phpMyAdmin, It’s better to use the first or second method.

Before you make any changes to your database it’s always a good idea to get a backup. One wrong click or one small typo can completely break your website.

You can access phpMyAdmin by logging into your web hosting cPanel dashboard. Look for an icon similar to the one in the picture below.

How you access phpMyAdmin might vary depending on what web host you are using. If you are having trouble finding it, you should get in contact with your technical support.

Locate your database on the left hand side of the page and click it. This should bring up a page with all your WordPress tables.

Find the “wp_users” table and click it.

This will bring you to a page like the one shown below. Here you will be able to edit any user on your WordPress website.

Find the username you want to change and click Edit.

On the next screen, enter your new desired username in the “user_login” field. Then, click Go at the bottom of the page.

That’s it! You should now be able to login using the new username you have just created. Your password and email will remain the same as before.

Conclusion

While WordPress does not allow you to change usernames from your dashboard, it’s still easy to accomplish, either manually or with a plugin. Out of the three methods I have shown on this page, hopefully, one of them will work for you.

You may also want to see our step by step tutorial on how to change your WordPress password.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Change Your WordPress Username (3 Methods) appeared first on Zuziko.

Without a database, WordPress would be an empty shell. All content and settings for your posts, pages, themes, and plugins are stored in your database. For this reason, your WordPress database is a huge target. Hackers have developed SQL injections, automated scripts, and other malicious code that are specifically designed to attack your WordPress database.

When installing WordPress, most people tend to leave the database prefix at the default setting of “wp_“. This is not a good idea. Automated scripts that target the WordPress database aim for these default table names during their attacks.

Nothing is foolproof, but you can add an extra layer of protection to your website’s database by simply changing the default WordPress table prefix. Doing this will take you off the radar for automated scripts and make it very hard for a hacker to guess.

Change the Default Database Prefix While Installing WordPress

The easiest way to change the default table prefix is when you are first installing WordPress. During the installation, you will come to a page like the one pictured below. On this page, you will be given an option to change the table prefix.

In the picture above, I have named the database prefix “wp_YWfn6Z4C_“. You are free to name the prefix whatever you want. Just keep in mind, only numbers, letters and underscores are allowed. I also recommend that you end the prefix with an underscore (“_“) so the table names (e.g. users, post, options) stand out and are easily recognizable.

Change the Default Database Prefix After Installing WordPress

If you have already installed WordPress, you will need to make a small edit to your wp-config.php file and manually change the database prefixes inside phpMyAdmin. Below, I will show you step-by-step how to do this.

Step 1: Backup Your Database (Very Important)

I can’t stress enough how important this is. When you are making changes to your database one small typo could completely break your website. There are two ways you can get a backup of your database. You can manually download a backup of your database in phpMyAdmin, or you can use a plugin that backs up your database, site files, or both.

Related: Check out the Best WordPress Backup Plugins (and our top pick)

Step 2: Edit Your wp-config.php File

The wp-config.php file is located in the root directory of your website. To edit your wp-config.php you will need to login to your cPanel File Editor, or use an FTP solution like Filezilla. You will need to change the table prefix “wp_” to something random.

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wp_YWfn6Z4C_';

I have named the database prefix “wp_YWfn6Z4C_“. You are free to name the prefix whatever you want. Just keep in mind, only numbers, letters and underscores are allowed. I also recommend that you end the prefix with an underscore (“_“) so the table names (e.g. users, post, options) stand out and are easily recognizable.

Step 3: Rename All WordPress and Plugin Database Tables

In this step, you will need to rename all the table prefixes to match the one you specified in the wp-config.php file.

1. Login to your cPanel and click the phpMyAdmin icon.
2. Navigate to the database you would like to change.
3. Click the checkbox to select all tables.
4. Click the drop down list and select “Replace table prefix”.

This will bring up a box like the one shown below allowing you to change the database prefix for all selected tables.

In this picture, I have a brand new installation of WordPress and only the basic tables are shown. Chances are that you will have a lot more tables from plugins installed on your website. These will need to be changed as well.

Step 4: Edit the WordPress Options Table

Now that we have renamed the main tables, we will need to search the options table for any instances of the default prefix. You can do this manually, but it is much easier to run an SQL query like the one shown below:

SELECT * FROM `wp_YWfn6Z4C_options` WHERE `option_name` LIKE '%wp_%'

Running this SQL query will return the “wp_user_roles” and any other options that have been created by the plugins, custom scripts etc. Change the prefix of all options beginning with “wp_” to your new prefix. In our case that would be “wp_YWfn6Z4C_.”

Step 5: Edit the Usermeta Table

Similar to the previous step, you will also need to search the usermeta table for any instances of default prefix. Here is an SQL query that will help you do that:

SELECT * FROM `wp_YWfn6Z4C_usermeta` WHERE `meta_key` LIKE '%wp_%'

The number of fields that you need to change will vary depending on how many plugins you use. Just as above, change the prefix of all usermeta beginning with “wp_” to your new prefix.

Step 6: Make Sure Everything is Working

That’s it! If you followed the steps above, your website should be good to go. To double check that everything works correctly, log in to your WordPress dashboard. Then, test out the admin panel and create a test post/page. Lastly, make sure all of your widgets and plugins work as they should.

Hopefully, this tutorial has helped you change your WordPress database prefix. If you run into any problems, let me know in the comments below. I will do my best to help walk you through it.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Change the Default WordPress Database Prefix appeared first on Zuziko.

A long time ago, there was no easy way of updating WordPress themes without losing all the custom styling and changes that you had made. The WordPress team and the community decided to solve this problem by introducing the concept of parent theme and child theme.

Child themes are used when you want to customize your current WordPress theme without losing the ability to update that theme. A child theme is not a standalone theme, but instead helps you modify or add to the files of an existing parent theme. This will allow you to safely alter styles, functions, layout, templates and more.

Even though you can do so much with a child theme, it’s still a good idea to try and get a solid framework (theme) like Genesis or Generatepress to begin with. Starting out with a good framework that’s already close to what you need, will save you a lot of time and trouble. If you find yourself having to overwrite a majority of the parent theme files, you would probably be better off creating an independent custom theme instead of a child theme.

Why would you need WordPress Child Theme?

Having a WordPress child theme can save you a lot of time and trouble when you make changes to your theme. If you have ever made any changes to the files listed below, you probably need to be using a child theme.

• When you edit style.css
• When you edit functions.php
• When you edit PHP templates
• When you edit JS Files

When you make changes to any of the files listed above and you update to a newer version of your theme, all of your changes will be lost. This is the reason a child theme is so important. It allows you to make these changes without ever being replaced by an update because your files will be saved in a separate child theme folder.

WordPress theme updates are crucial to keeping your website safe and functioning properly. Having a child theme in place will allow you to get updates right away without losing all your hard work and customization. It will also allow you to switch back to the parent theme in case your modifications cause some kind of issue.

Note: You will need access to your cPanel or download an FTP solution such as FileZilla before following the tutorial below.

Step 1: Create a Child Theme Directory

The first step in creating a WordPress child theme is to create a child theme directory. This directory will need to be placed in wp-content/themes alongside the parent theme. You can name this directory whatever you like. It is recommended (though not required) that the name of your child theme directory is appended with “-child”. You will also want to make sure that there are no spaces in your child theme directory name, which will result in errors.

Zuziko uses the GeneratePress theme (check out our GeneratePress review) so in the picture above we have called our child theme “generatepress-child”, indicating that the parent theme is the Generatepress theme.

Step 2: Create a New Style.css File

In this step we will need to create your child themes stylesheet (style.css) inside your child theme directory. In this new stylesheet, we will need to create a header. Copy and paste the code below into your new style.css file.

/*
Theme Name:   Zuziko Child Theme
Theme URI:    https://zuziko.com/
Description:  WordPress Child Theme
Author:       David Green @ Zuziko
Author URI:   https://zuziko.com/
Template:     generatepress <--- Change this to your parent theme directory name.
Version:      1.0.0
License:      GNU General Public License v2 or later
License URI:  http://www.gnu.org/licenses/gpl-2.0.html
*/

Most of that stuff in this file is self-explanatory. What you really want to pay attention to is the Template: generatepress. This tells WordPress that our theme is a child theme and that our parent theme directory name is generatepress. The parent folder name is case sensitive so make sure you get it exactly right.

Step 3: Create a New functions.php File

The next thing you need to do is create a new functions.php file in your child theme directory. We will use this new file to enqueue the parent and child stylesheets.

We can do this by addiing wp_enqueue_scripts action and use wp_enqueue_style() in your child themes functions.php.

Copy and paste the code below into your new functions.php file.

<?php
add_action( 'wp_enqueue_scripts', 'my_theme_enqueue_styles' );
function my_theme_enqueue_styles() {
    wp_enqueue_style( 'parent-style', get_template_directory_uri() . '/style.css' );

}
?>

Step 4: Activate Your New Child Theme

You are now ready to activate your new child theme (yes, it’s that simple). Log in to your WordPress Control Panel and go to Appearance > Themes. You should now see your child theme listed and ready for activation.

If you have made any customization prior to following this guide, you may need to resave your menu and theme options after activating your new child theme.

From this point on any customization you make to PHP templates, CSS files, JS files or the functions.php file will need to be done in your child theme directory.

My Final Thoughts

Other than the functions.php file we just created, any file you add to your child theme folder will replace the same file in the parent theme. You can also add new custom files or templates to your child theme directory, such as custom javascript or a template for a specific page or category.

Hopefully, this tutorial has helped you create your new WordPress child theme. If you run into any problems or just have a question, let me know in the comments below.

If you enjoyed this tutorial, please be sure to follow us on Facebook and Twitter. You can also find us on Freelancer if you need some help with your WordPress website or web development issues.

The post How to Manually Create a Child Theme in WordPress appeared first on Zuziko.