Author Archives: Evon

The Top 30 Most Popular WordPress Plugins (Infographic)

The Top 30 Most Popular WordPress Plugins (Infographic)

One of the best things about WordPress is its capability to support hundreds of great plugins that provide multiple ways to extend your website’s functionality, without or with just a little customization required.
Courtesy of WP Template, here is an infographic about the 30 most popular WordPress plugins, based on the number of downloads.
Let’s check them out. You might just discover some useful plugins that you’ve never heard about.

Read More »
Starting Web Design Business: Money Making Tips for Beginners

Starting Web Design Business: Money Making Tips for Beginners

Web designing is one of the best ways to make money easily. Many web designers are earning huge amount of money by employing latest web designing techniques. Even you can earn money by adopting following instructions in your website.
Start a blog
Start a web designing blog to share your ideas and thoughts with web users and website owners. It is the best medium to showcase your web designing skills. You can easily get in touch with potential customers and targeted users who can bring business. If possible, write unique and high quality content on your blogs to attract visitors to your blog. Most blog readers tend to read latest and update information, so fill your blog with updated and latest web designing information to convert them from users to customers. You may create an account on freelancer websites to get web design projects.
As a web designer, your first duty is to sign a contract with client. Because contract is very important as it is vital for future references. Ask for deposit before starting the project to meet your basic financial needs.
Create High Quality Website
Creating an attractive and profitable website is first thing to remember, if you want to earn handful amount as a web designer. Create a website which is navigated easily by users and approachable to search engines. High ranking in search engines like Google, Yahoo and Bing is very important to gain potential business and lure attractive customers. Make use of latest search engine optimization techniques for top ranking in search engines.
Look for Alternative Income Sources
Besides web design, you can earn good money by designing logos, templates, themes and infographic apart from the regular web designing.
Amongst them, Logo Design is the best choice to select as it is easy and simple way to earn money.
There are many online sites such as

Graphic River to sell designed graphics, textures, themes and templates.

You can even write tutorial lessons for Photoshop websites. Creating an online portfolio is an utmost important thing to do to promote your firm in the online arena. To spread your name, make use of online web marketplaces such as Digital Point and SitePoint.
Keep Improving Skills
Update yourself with latest and newest design techniques by reading blogs and magazines related to web designing. To beat the competition you have to learn new courses. You can join in web designing coaching sessions to enhance your skills. Most companies hire creative and innovative web designers, so enhance your skills accordingly to be hired by the best company.
Make Your Customers Happy
Maintain a strong relationship with clients for future reference, if you are satisfying your client with your innovative work, he may approach you for future projects and he may recommend you to other web owners for web designing. This post is Featured
Excerpts are optional hand-crafted summaries of your content that can be used in your theme. Learn more about manual excerpts.
Send Trackbacks
Send trackbacks to:
(Separate multiple URLs with spaces)
Trackbacks are a way to notify legacy blog systems that you’ve linked to them. If you link other WordPress sites they’ll be notified automatically using pingbacks, no other action necessary.
Custom Fields
Name Value
Add New Custom Field:
Name Value
Enter new
Custom fields can be used to add extra metadata to a post that you can use in your theme.
Allow comments.
Allow trackbacks and pingbacks on this page.
25 February, 2013 @ 10:33 by Luis – WPWebHost
25 February, 2013 @ 10:32 by Luis – WPWebHost
25 February, 2013 @ 10:26 by Luis – WPWebHost
25 February, 2013 @ 10:17 by Luis – WPWebHost
25 February, 2013 @ 10:17 by Luis – WPWebHost
25 February, 2013 @ 10:14 by Luis – WPWebHost
25 February, 2013 @ 10:13 by Luis – WPWebHost
25 February, 2013 @ 8:28 by Luis – WPWebHost
13 February, 2013 @ 16:51 by Luis – WPWebHost
13 February, 2013 @ 16:50 by Luis – WPWebHost
13 February, 2013 @ 16:50 by Luis – WPWebHost
13 February, 2013 @ 16:49 by Luis – WPWebHost
To make more sales leads, you can adopt affiliate marketing strategy to allow your happy customers to refer more potential customers to you.

Read More »
6 Tips for a Safer WordPress Hosted Website

6 Tips for a Safer WordPress Hosted Website

WordPress is one of the most popular and well known website hosting locations on the web. The hosting website draws in millions of people, making the site be more willing to dish out the best features. However, it is important to remember that with more individuals and users come more of an opportunity for your WordPress website to get attacked. From hacks to stolen information, it’s important to make sure that any site you host with is protected. Today, we will go over seven, easy-to-understand, security tips that both professional and amateur WordPress bloggers and website owners can learn with.

Read More »
Introducing CrawlProtect in Securing your WordPress site

Introducing CrawlProtect in Securing your WordPress site

Security is important when managing WordPress websites. It is one of the key components for long term website success. WordPress has some security measures that can be implemented with the use of plugins. It’s not recommended to edit the WordPress core files because of security risks, so it make sense to implement the security features in terms of plugins.
One downside of plugin implementation is that it adds significant strain on the existing WordPress server resources. Some plugins that were badly written can significantly slow down your WordPress website performance.
Thus, one of the feasible recommendations to increase WordPress security while not slowing down the site is using third-party/open source security software like CrawlProtect. In this method, CrawlProtect runs independently from WordPress core and won’t slow down your site while it prevents hackers from getting into your server.
While WordPress is secure (if you continually update it), adding another wall of security using CrawlProtect can really help in hardening your site against hacking.
Recommended Requirements for Running Crawlprotect
The following are the server and software requirements before you can use Crawlprotect:
1.) Apache web server
2.) .htaccess enabled server
3.) mod rewrite enabled server
4.) Latest WordPress version (version 3.4.1 as of July 2012)
5.) MySQL database 5.0 +
6.) PHP version 5.0 +
7.) Linux/Unix operating system used by the server – CrawlProtect utilizes the Unix permissions such as CHMOD in protecting your WordPress site. It is important that your server is running the supported OS.
Other aspects although not a requirement are as follows:
1.) Disable any current security plugins you are using. This will interfere with CrawlProtect implementation and can drastically slow down your WordPress website.
2.) You have not edited any of the WordPress core files. These are the files inside your wp-admin, wp-includes and files in the root directory except the following:
a.) wp-content (your themes and plugins, etc.)
b.) robots.txt
c.) .htaccess
d.) wp-config.php
Before implementing CrawlProtect, it is highly recommended to back up your WordPress site and databases. Although in my own experience, CrawlProtect installation is straightforward, smooth and simple; it is always the best practice to backup your files and databases before implementing some major change in your site.
Download and Upload Crawlprotect to your Server
Follow the steps:
1.) The first step is to download the latest CrawlProtect version. As of July 2012, the latest release is version 3.0.0.
2.) Unzip the contents. When extracted, you should see a folder named as “crawlprotect3-0-0”. Go inside this folder. You might see two folders namely as:
a.) crawlprotect
You will only use crawlprotect folder. If you go inside the crawlprotect folder, you will exactly see the contents as follows:

3.) Before uploading the crawlprotect folder containing the above scripts as shown in the screenshot, it is important to rename this folder to something that is not obvious to your site as well as to the crawlprotect application. Supposing you will rename it as “websiteknight” (don’t use this name though, just an example).
Rename the folder from “crawlprotect” to “websiteknight”.
4.) Upload “websiteknight” to your WordPress root directory, the same path with wp-content, wp-includes and wp-admin, etc. This is how it looks like in your server after being uploaded:

Install CrawlProtect
1.) First create a MySQL database that can be used by crawlprotect. Important data will be stored in this database. Creating the database follows the exact same steps when you are creating your WordPress database.
After creating the crawlprotect MySQL database, take note of the following connection parameters, you will be needing this during installation:
a.) MySQL username
b.) MySQL password
c.) MySQL hostname
d.) MySQL database name
The database can easily created using cPanel provided by your web host.
2.) Clear all of your browser cache and enter this URL in your browser:
Since the CrawlProtect directory is now named as “websiteknight”, then it is accessible in the browser as:
3.) In the installation screen, select the language. In this tutorial, let’s use English and click OK.
4.) Click the “Install” button.
5.) Enter the database username, password, hostname and database name. Please double check the data very carefully before pressing OK.
6.) As of this step, CrawlProtect should be installed in your server without any warnings. However in some server due to permission issue you might see an error “Automatic file creation failed”. Simply follow the Crawlprotect instructions to create two files, namely “connection.php” and “cppf.php” and put that in the “include” folder of CrawlProtect.
7.) Finally the installation is complete if you see “Connection files OK” and “Tables creation OK”. Click “Go” button to start the configuration of CrawlProtect.
CrawlProtect Basic Configuration
1.) Review the website and site url. The site URL is the canonical homepage URL, for example if your site is using non-www version as the official URLs, then it will be:
Otherwise include the www if your website is using www version:
2.) Click OK, and you should be able to see the “The website has been added to the database”. Click Go.
3. ) You will be required to set up the administrator login. Enter the desired login and password. Assign a very strong password. I recommend at least 16 characters or more, you can create it using Keepass such as shown in this screenshot:

4.) Click OK and login as administrator.
5.) Click “Create or update the .htaccess”.
6.) The default proposed setting is OK, you can tweak it later. Scroll down to the bottom of the page and click “Create my .htaccess file”. The Crawlprotect rules will be integrated to your existing .htaccess, scroll down and click “Put the htaccess in place”. For most web host, the htaccess would be updated without problems. In case of permission errors, simply copy and paste the resulting .htaccess code to your existing WordPress .htaccess (don’t forget to back up your .htaccess first).
CrawlProtect Testing and Fine Tuning
Below are some tests to make sure Crawlprotect is working properly for your site:
1.) Logout from CrawlProtect administration panel.
2.) Try an injection test on the browser to see if CrawlProtect can block it, use this format:
You should be able to see the warning: “This site is protected by CrawlProtect”. If you see it, CrawlProtect is now protecting your WordPress site.
3.) Download your existing WordPress .htaccess and add the following line:
RewriteCond %{REQUEST_URI} !^(.*)wp-login(.*)$ [NC]
Add the above line, next to this:
This line would allow the administrator to access the wp-admin directory normally.
4.) Try to login to your WordPress admin. There should be no errors.
Known limitations and Workaround
There are times when CrawlProtect blocks URLs in your WordPress site if you have certain applications/plugins that uses query string variables in the URL, for example:
Or like this:
The above URL will be blocked by CrawlProtect because of the presence of query string variables (used by hackers when getting into your site). As a result, the application won’t work anymore. The solution to this problem is really simple. You only need to add the file name to the .htaccess so that it will be allowed (not blocked).
In the above two examples, below are the .htaccess lines to be added to allow the application to work normally:
RewriteCond %{REQUEST_URI} !^(.*)myplayer(.*)$ [NC]
RewriteCond %{REQUEST_URI} !^(.*)pusher(.*)$ [NC]
Add the above lines next to this:
RewriteCond %{REQUEST_URI} !^(.*)wp-login(.*)$ [NC]
This is the screenshot of the modified .htaccess with the allowed file names to be used with a query string variable:

In case, you don’t remember all of those applications in your site; you can still monitor the valid URLs that are accessed by your normal website visitors but is blocked by CrawlProtect. This is done by logging into the CrawlProtect admin panel. You will see it under “Attacks log”.
One you have CrawlProtect working for around a month, it will now have sufficient data to learn some information about your site hackers and statistics, for example:

If you are not using CrawlProtect, it is highly possible that any of those 4280 SQL injection or 389 shell type hacking attempts can get through your blog. This is a one year data from one of the medium traffic WordPress websites.
It can also summarize the IP address of attackers and the number of times they attempt to hack your site. Highly abusive IP address can be permanently blocked from accessing your site.
What you can do more?
1.) You can easily upgrade CrawlProtect by replacing all files with the new version but make sure you have a backup of connect.php and your .htaccess. You will know if there is a new version by logging as Crawlprotect admin. In the dashboard homepage; click the button “Check if a new release of CrawlProtect is available”.
2.) You can double check the CHMOD of your site folders and files. Vulnerable folders and files for hacking will use CHMOD value of 777 (allowing the public or hackers to read and write the contents). CrawlProtect recommends some value that you can use for different types of folders and files in your WordPress site.
You can browse the current CHMOD settings by clicking “Folders and Files audit” in the CrawlProtect admin dashboard.

Read More »
WordPress MultiSite Development in Ubuntu Localhost Part 2

WordPress MultiSite Development in Ubuntu Localhost Part 2

In this part, you will know how to set up your local WordPress multisite project in subdomains. As a requirement, you should have a fully working WordPress multisite platform setup in Apache localhost. The details are discussed in the first part of the tutorial.
Step1 – Define the subdomain name in hosts file
Remember in the first part of this tutorial where you have created a local server name “codex.tld”. This is the local domain name of your main/primary WordPress site.
To add sites in a multisite setup, it will be added as subdomains (since WordPress is configured to use this in the first part of the tutorial) of your primary WordPress site.
In a local development server, this should be defined first in the hosts file. This is a very important requirement before actually adding the subdomain in WordPress admin panel.
Supposing you will be naming your first site to be added as:
Below are the steps on how to define it in the hosts file:
1.) Launch the terminal and login as root:
sudo -s -H
2.) Open the hosts file in Vim editor:
vim /etc/hosts
3.) Add this line to the hosts file to define your first subdomain: project1.codex.tld
This is how your hosts file will look like:

3.) Save the changes and exit the Vim editor.
Step2 – Configure Apache to recognize the subdomain project
The next step is to edit the existing Apache configuration to recognize the subdomain. Follow the steps below:
1.) Make sure you are still logged-in as root.
2.) Enter this command in the terminal to acces inside the Apache available sites:
cd /etc/apache2/sites-available
3.) Open your main WordPress site Apache configuration in Vim. In part 1, this is named as “codex.tld”:
vim codex.tld
4.) Change the ServerName from:
ServerName codex.tld
ServerName project1.codex.tld
This is the only line to be edited on this file. The directory path and other directives stays the same.
5.) Now it is important to save this file as:
IMPORTANT: When saving the file, do not overwrite the codex.tld configuration in the /etc/apache2/sites-available instead save the edited file as:
This is a requirement. If you overwrite codex.tld configuration, the main WordPress website will not work anymore.
This is the screenshot of the project1 configuration:

6.) Exit the Vim editor and view the /etc/apache2/sites-available directory by issuing this command:
ls -l -a
You should see the two configuration file namely codex.tld (for your main WordPress site) and project1 (for your first site in your multisite network).

7.) The next step is to enable the project1 site. Enter this command in the terminal (make sure you still log-in as root):
a2ensite project1
8.) It also requires that you reload the Apache configuration:
service apache2 reload
9.) Now confirm if the site has been enabled by going to the sites enabled directory, enter this command:
cd /etc/apache2/sites-enabled
And view the files:
ls -l -a
This is how it looks like. Take note that project1 is now added, so it is enabled:

The subdomain is now ready to be used by WordPress.
Step3 – Add the subdomain to your WordPress multisite project
Finally you can now add the subdomain since the localhost server is now configured to use it. Follow the steps:
1.) Login as WordPress admin to your main site for example:
2.) Go to My Sites – Network Admin – Sites.

3.) This page will give you the complete list of sites in your network. At first, there is only one, e.g. codex.tld since this is the main site and you still have no other sites added.
This time, you will be adding your first subdomain project. Click “Add New”.
4.) In the “Site Address” field, type exactly the name of the subdomain defined in your Apache localhost, for example:
Also fill-up the “Site Title” as well as the administrator email address. This is how it looks like:

5.) Finally click “Add Site”. If you are able to see the message:
Site added. Visit Dashboard or Edit Site
The configuration is successful.
6.) Now click “Visit Dashboard” link. There should be no errors. This is the admin dashboard of project1.codex.tld. As you can see the URL of the admin panel is now change to:
7.) You can now add themes like any other WordPress site.
Step4 – Enable a theme for your first WordPress multisite subdomain
1.) Copy the theme folder to /wp-content/themes. This is the theme that you want to be used for your first project. If the theme already exist, rename the theme to something unique that you can still be able to recognize.
Since a multisite WordPress project only has one core installation, there should only be one /wp-content/themes folder that will be used by all of your sites.
All subdomains are virtual except for your main site. They only exist in WordPress database (after adding them in the WordPress admin panel). They came to life after some Apache and hosts file configuration. Therefore what you actually see in your WordPress server is only one installaton of WordPress and one wp-content.
2.) Now login back to your WordPress admin. Go to “My Sites” – “Network Admin” – “Dashboard”.
3.) Then go to “Themes” — “Installed Themes”. You should be able to see your theme that you have just copied to themes directory. Click “Network Enable” so that you can use that theme to your first WordPress multisite subdomain.
4.) Now go back to the admin dashboard of your WordPress local subdomain e.g. http://project.codex.tld/wp-admin
5.) Go to “Appearance” — “Themes”.
6.) Under “Available themes”, you should be able to see the selected theme for your project. Click “Activate” to use it.
7.) View the site in the browser by entering the URL, e.g.
The site should be loading normally such as shown below:

You have just completed adding your first subdomain in WordPress multisite project. If you like to add more subdomains, repeat the entire steps mentioned in this tutorial.

Read More »
WordPress MultiSite Development in Ubuntu Apache Localhost Part 1

WordPress MultiSite Development in Ubuntu Apache Localhost Part 1

If you are an aspiring WordPress web developer or simply a webmaster that manages a lot of WordPress websites; multisite development is a good option as you only need one WordPress core installation for all of your sites.
This two-part tutorial will illustrate how you are going to prepare your Apache localhost for WordPress multisite development. It is assumed that you already attain the following requisites:
a.) A fully working LAMPP localhost installation in Ubuntu.
b.) One fully working installation of WordPress core (using latest version 3.4.1 as of July 2012) in the LAMPP document root folder. For example,
This is where the WordPress core files are installed as a folder in your document root.
c.) To ensure compatibility of commands and features discussed in this tutorial, it is recommended that you will be using Ubuntu 12.04.
The concepts of this tutorial can also be applied for developers using XAMPP, MAMP or WAMPP although the exact details and commands is beyond the scope of this tutorial. The implementation should be fairly similar since an Apache web server will have the same configuration files/syntax regardless of development platform being used.
The strategy in multisite installation is simple. Create a server name for your main WordPress installation. Enable multisite in that WordPress installation. You can then mapped several WordPress projects as a subdomain of your main installation.
Subdomain structure is recommended as it treats your development site like a unique domain instead of a subdirectory. This is exactly the way it will be implemented in a remote server (in most cases). This makes development work easy.
This first part will talk about assigning a server name (or local domain name) to WordPress that makes it convenient to set up multisites using subdomains which will be discussed in part 2.
Mapping Server Name to your Main WordPress Installation in Apache
In Apache, a server name is mapped to a specific document root directory, for example (when you set document root to a www folder inside your home directory):
http://localhost —– > /home/username/www
Most WordPress are installed as a folder inside a localhost document root accessible as:
The document root path for this would be (example only):
To create a new local server name for your main WordPress installation, you need to edit the hosts file in Ubuntu, follow the detailed steps below:
1.) Launch terminal (press Control – ALT – T).
2.) Enter the command:
sudo -s -H
Enter your Ubuntu password. This is a requirement, you cannot edit hosts file unless login as root.
3.) It’s time to edit your hosts file using Vim editor:
vim /etc/hosts
4.) Since you already installed LAMPP and fully working, you should have this line: localhost
This means that localhost will resolve into local IP address which is the default. You will then add a new line for your main WordPress site server name. Supposing you would like to name it as:
Then this line will be added to your hosts file: codex.tld
To enter a text string in Vim editor, press “i” button in your keyboard then type the text. After entering the above code, press Esc button in your keyboard to disable text editing in Vim. This is how it looks like:

5.) Save the changes by pressing colon “:” key followed by “w” then press enter key. You can then exit the VIM editor by pressing “:” followed by “q” then press enter. Read this guide for more help in VIM.
Configure Apache to use the WordPress local server name
Now you have configured the main WordPress project site to resolve to; the next thing is to tell Apache about the changes.
1.) Make sure you are still logged-in as root.
2.) Navigate to the Apache configuration folder. Enter this command:
cd /etc/apache2/sites-available/
3.) Then open the default available website (you should have this file):
vim default
4.) Press “i” in your keyboard to enable text editing mode in VIM. You need to do four things here:
a.) Add the “ServerName” defined in hosts file next to “ServerAdmin”:
ServerName codex.tld
b.) Edit the “DocumentRoot” to point to WordPress directory, e.g.
DocumentRoot /home/codex/www/wordpress
c.) Edit also the “Directory” path to point WordPress directory:
<Directory /home/codex/www/wordpress/>
d.) Change “AllowOverride None” under the define WordPress path in “Directory” to:
AllowOverride All
This command will let you use .htaccess in your website. Leave all other things unchanged. This is the screenshot of the four changes being made (indicated inside the dotted yellow box).

Finally press ESC key then press “:” then type
w codex.tld

The above command will save it as codex.tld in VIM.
b.) Press “:” again then type q to exit. This will go back to the terminal command mode.
Enter this command to view the files:
ls -l -a
You should see a new file codex.tld created. See below:

Finally if you see the file created, you should enable the site by typing this command:
a2ensite codex.tld
After that, reload Apache:
service apache2 reload
This output is normal:
*Reloading web server config
apache2: Could not reliably determine the server’s fully qualified domain name, using for ServerName
Enable Mod_Rewrite module in Apache localhost
WordPress multisite requires that mod_rewrite module should be enabled. Follow the steps:
1.) Enable rewrite module with symlink to mods-enabled folder, type this command:
ln -s /etc/apache2/mods-available/rewrite.load /etc/apache/mods-enabled/rewrite.load
2.) Enter this command to go inside mods enabled directory:
cd /etc/apache2/mods-enabled
3.) Display all the files and directories:
ls -l -a
You should be able to see rewrite.load enabled by symlink, see screenshot below:

4.) Restart Apache by entering this command:
/etc/init.d/apache2 restart
The output should be similar to reloading Apache as shown previously.
Use the Newly Assigned ServerName in WordPress
1.) Launch a web browser. Clear all browser cache.
2.) Go to Wodpress admin panel: http://localhost/wordpress/wp-admin/
3.) Login as administrator then go to “Settings” – “General”.
Change the “Wordpress adress” and “Site Address” to use the new servername, see screenshot:

4.) Click “Save Changes”.
5.) Clear again all browser cache, and access the new WordPress server name in the browser:
You should see the homepage loading fine using the new local domain, but you cannot access its pages and post (returns internal server error) since you still need to update the permalinks.
6.) Login as administrator in this URL:
7.) Go to “Settings” – > “Permalinks”. And under “Common Settings”, select any desired permalink format, you can still use your old format if you like. The most important thing is to click “Save Changes”.
8.) If you see a message “You should update your .htaccess now”. Copy and paste the provided code on the bottom on that page to your existing .htaccess file .
.htaccess is a hidden file, make sure you enable viewing of hidden files in Ubuntu. After editing the .htaccess, logout as WordPress administrator, clear the browser cache again and re-test the site.
If you don’t see the “You should update your .htaccess now”, you don’t need to update your .htaccess. WordPress automatically perform the changes for you. Go directly to clearing your cache and re-testing your site URLs.
All URLs should be working properly under the new server name “codex.tld”. Example:

Enable WordPress MultiSite Option
1.) Edit your wp-config and add this line after table prefix:
define(‘WP_ALLOW_MULTISITE’, true);
2.) Save the changes and login back to your wordpress admin. Go to Tools – Network Setup.
3.) Select the subdomain option, enter your network site name as well as your email address. Click “Install”. If you see an error relating to DNS, simply ignore it and proceed to the next step.
4.) Follow the rest of the installation details provided by WordPress. They are very easy to follow and self-explanatory. But bear in mind these important things:
a.) Backup your .htaccess and wp-config.php file before editing.
b.) You edit the files using a text editor (gedit) if you are more familiar with this method. You have full permission to your home directory if this configured as a document root to be used by Apache.
c.) The multisite installation will be completed after you have created the folder blogs.dir, updated the wp-config.php and updated the .htaccess.
Clear the browser cache again, login as WordPress admin and you should now see “My Sites” in the header navigation of the admin dashboard. If you mouse over on that, this will show the multisite menus such as this:

This will also give you the privilege to be the network admin of your multisites. If you see this, then you have correctly configured Apache and WordPress to use multisites.
Adding new subdomains for your WordPress projects using multisite as well as further configuration will be discussed in Part 2 of the tutorial.

Read More »