Choice amongst cross-platform .NET IDEs – VS Code, Visual Studio for Mac, JetBrains Rider

A few years back, .NET development on a Mac was resigned to Mono and whatever text editor you knew how to exit successfully. Xamarin Studio came out in 2013 as a standalone IDE for mobile app development, but wasn’t a generalized or web development IDE. Later the OmniSharp OSS project came along and added intellisense to a half-dozen editors with its smart out of process intellisense server but these code editors with .NET specific features, not strictly IDEs.

Side Note: I’ve been writing this blog post on and off for a while. Coincidentally JetBrains Rider is sponsoring my blog this week. It’s a coincidence, but I want to be transparent about it as I don’t do sponsored/directed blog posts – rather, folks sponsor a calendar week.

Fast forward a bit and we’ve got some choices amongst cross-platform .NET development on non-Windows platforms.

Visual Studio Code

First, there’s Visual Studio Code (more of a code editor, but with a TON of plugins and extensions) that is a very competent editor for .NET on Mac or Linux. It’s also one of the best node.js editors/debuggers anywhere – nice if you’re working on multi-language projects.

Visual Studio Code

If you look in the lower-right corner there in Visual Studio Code you can see the OmniSharp flame logo in the corner, helping power the C# Extension for Visual Studio Code. For ASP.NET Core web developers, VS Code is pretty good, although its lack of support for Razor Views/Pages remains a hole. You don’t get intellisense for your C# when you open a code block like @{ } in a Razor View. That said, there are a bunch of extensions that add snippets for dozens (hundreds?) of languages, syntax highlighting for basically everything, and it’s all built on an open source base of TypeScript. VS Code supports git natively as well.

JetBrains Rider

Currently in “EAP,” that’s  Early Access Program/Preview, or beta for the rest of us, JetBrains Rider runs on Windows, Mac, and Linux and lets you manage and build .NET Framework, Mono, and .NET Core solutions. Rider supports C#, VB.NET, ASP.NET syntax, XAML, XML, JavaScript, TypeScript, JSON, HTML, CSS, and SQL within its text editor.

Rider has the smart editor and the 50+ refactorings that fans of ReSharper will appreciate, with lots of choice amongst key-binding. You can tell Rider if you prefer ReSharper, VS, Eclipse, or NetBeans key bindings. It does a ton of custom code analysis and can refactor and analyze your code while you type. It’s also got a built in decompiler for exploring libraries you don’t have the source for.

Rider also supports Git, Subversion, Mercurial, Perforce and TFS out of the box and can add more source systems via plugins.

JetBrains Rider

>

Visual Studio for Mac

VS for Mac is new and while it started as Xamarin Studio, there’s been a ton of additions to it according to Miguel de Icaza. In the feature, VS for Mac will share the exact same core editor code that Visual Studio for Windows uses for its text editors like HTML, Razor, CSS and more. One of the things I like the most about Visual Studio for Mac is that it looks like Visual Studio…FOR MAC. By that I mean it doesn’t look like Visual Studio on Windows copy-pasted onto the Mac. It has a Mac UI, Mac Icons, a Mac look and feel. Much like Office for Mac, it’s a native app that smells native because it is.

Visual Studio for Mac

The release of VS for Mac includes support for ASP.NET Core and .NET Core. Like all these IDEs and editors, it shares csproj and sln files cleanly with Visual Studio for Windows. That means that you can easily share projects and code with some folks on Mac and some on Windows.

Visual Studio for Mac is best when used for these scenarios:

  • Mobile development with Xamarin
  • Cloud development with .NET Core and ASP.NET Core, and publishing to Azure
  • Web development with ASP.NET Core and web editor tooling

For example, when you make a new Mobile app in C#, you can get an ASP.NET Core backend along with it. Then you can easily publish the backend to Azure at the same time you push your app onto Android or iPhone.

Finally, one of the coolest features for mobile developers on Visual Studio for Mac is the “Xamarin Live Player.” This allows you to pair your instance of Visual Studio with your development phone and do continuous development and testing. As you make changes in Visual Studio, the changes are immediately visible in the Live Player – no need to redeploy. That feature is in preview as of the time of this writing.

If you’re developing but you’re not on Windows, there’s never been a better time to develop cross-platform with .NET Core. Check out each of these:

Have you tried these out? What have you found?


Sponsor: Check out JetBrains Rider: a new cross-platform .NET IDE. Edit, refactor, test, build and debug ASP.NET, .NET Framework, .NET Core, or Unity applications. Learn more and get access to early builds!


© 2017 Scott Hanselman. All rights reserved.
     

A few years back, .NET development on a Mac was resigned to Mono and whatever text editor you knew how to exit successfully. Xamarin Studio came out in 2013 as a standalone IDE for mobile app development, but wasn't a generalized or web development IDE. Later the OmniSharp OSS project came along and added intellisense to a half-dozen editors with its smart out of process intellisense server but these code editors with .NET specific features, not strictly IDEs.

Side Note: I've been writing this blog post on and off for a while. Coincidentally JetBrains Rider is sponsoring my blog this week. It's a coincidence, but I want to be transparent about it as I don't do sponsored/directed blog posts - rather, folks sponsor a calendar week.

Fast forward a bit and we've got some choices amongst cross-platform .NET development on non-Windows platforms.

Visual Studio Code

First, there's Visual Studio Code (more of a code editor, but with a TON of plugins and extensions) that is a very competent editor for .NET on Mac or Linux. It's also one of the best node.js editors/debuggers anywhere - nice if you're working on multi-language projects.

Visual Studio Code

If you look in the lower-right corner there in Visual Studio Code you can see the OmniSharp flame logo in the corner, helping power the C# Extension for Visual Studio Code. For ASP.NET Core web developers, VS Code is pretty good, although its lack of support for Razor Views/Pages remains a hole. You don't get intellisense for your C# when you open a code block like @{ } in a Razor View. That said, there are a bunch of extensions that add snippets for dozens (hundreds?) of languages, syntax highlighting for basically everything, and it's all built on an open source base of TypeScript. VS Code supports git natively as well.

JetBrains Rider

Currently in "EAP," that's  Early Access Program/Preview, or beta for the rest of us, JetBrains Rider runs on Windows, Mac, and Linux and lets you manage and build .NET Framework, Mono, and .NET Core solutions. Rider supports C#, VB.NET, ASP.NET syntax, XAML, XML, JavaScript, TypeScript, JSON, HTML, CSS, and SQL within its text editor.

Rider has the smart editor and the 50+ refactorings that fans of ReSharper will appreciate, with lots of choice amongst key-binding. You can tell Rider if you prefer ReSharper, VS, Eclipse, or NetBeans key bindings. It does a ton of custom code analysis and can refactor and analyze your code while you type. It's also got a built in decompiler for exploring libraries you don't have the source for.

Rider also supports Git, Subversion, Mercurial, Perforce and TFS out of the box and can add more source systems via plugins.

JetBrains Rider >

Visual Studio for Mac

VS for Mac is new and while it started as Xamarin Studio, there's been a ton of additions to it according to Miguel de Icaza. In the feature, VS for Mac will share the exact same core editor code that Visual Studio for Windows uses for its text editors like HTML, Razor, CSS and more. One of the things I like the most about Visual Studio for Mac is that it looks like Visual Studio...FOR MAC. By that I mean it doesn't look like Visual Studio on Windows copy-pasted onto the Mac. It has a Mac UI, Mac Icons, a Mac look and feel. Much like Office for Mac, it's a native app that smells native because it is.

Visual Studio for Mac

The release of VS for Mac includes support for ASP.NET Core and .NET Core. Like all these IDEs and editors, it shares csproj and sln files cleanly with Visual Studio for Windows. That means that you can easily share projects and code with some folks on Mac and some on Windows.

Visual Studio for Mac is best when used for these scenarios:

  • Mobile development with Xamarin
  • Cloud development with .NET Core and ASP.NET Core, and publishing to Azure
  • Web development with ASP.NET Core and web editor tooling

For example, when you make a new Mobile app in C#, you can get an ASP.NET Core backend along with it. Then you can easily publish the backend to Azure at the same time you push your app onto Android or iPhone.

Finally, one of the coolest features for mobile developers on Visual Studio for Mac is the "Xamarin Live Player." This allows you to pair your instance of Visual Studio with your development phone and do continuous development and testing. As you make changes in Visual Studio, the changes are immediately visible in the Live Player - no need to redeploy. That feature is in preview as of the time of this writing.

If you're developing but you're not on Windows, there's never been a better time to develop cross-platform with .NET Core. Check out each of these:

Have you tried these out? What have you found?


Sponsor: Check out JetBrains Rider: a new cross-platform .NET IDE. Edit, refactor, test, build and debug ASP.NET, .NET Framework, .NET Core, or Unity applications. Learn more and get access to early builds!



© 2017 Scott Hanselman. All rights reserved.
     

Beginner’s Guide: How to Restore WordPress from Backup

Do you need to restore WordPress from a backup file? Backups help you restore your website in case something goes wrong. However, restoring WordPress from a backup file is not easy for beginners. In this article, we will show you how to easily restore WordPress… Read More »

The post Beginner’s Guide: How to Restore WordPress from Backup appeared first on WPBeginner.

Do you need to restore WordPress from a backup file? Backups help you restore your website in case something goes wrong. However, restoring WordPress from a backup file is not easy for beginners. In this article, we will show you how to easily restore WordPress from backup step by step.

How to Restore WordPress from Backup

Since this is a lengthy article, we have added table of contents for easier navigation.

Note: This guide is about restoring a WordPress site from backup. If you are trying to move your website to a new domain, then you should check out our guide on moving WordPress to a new domain without losing SEO.

If you are trying to move from localhost to a live web hosting account, then follow this guide on how to move WordPress from local server to live site.

Understanding Backups and Restoring WordPress

There are different ways to create backups for your WordPress site. The best way to create a backup is by using a WordPress backup plugin.

Alternately, you can also create manual backup of your WordPress database and download your WordPress files using FTP.

Restoring WordPress from backups depends entirely on how you created the backup. For example, backups created using BackupBuddy or UpdraftPlus can be restored by using the same plugin. Similarly, manual backups need to be manually restored.

A lot of WordPress users don’t backup their entire websites. Instead, they only backup their theme, uploads directory, and their WordPress database. This reduces their backup size, but increases the steps needed to restore the site.

No matter how you created your backup, the basic steps are the same.

Let’s take a look at how to restore your WordPress site from backup. Since we’re covering different restore methods, please skip to the section that applies to you.

Restoring WordPress from BackupBuddy Backup File

BackupBuddy is a popular premium WordPress backup plugin. If you used BackupBuddy to create backups, then this section is for you.

BackupBuddy offers a very convenient way to restore WordPress from a backup. You need to login to your WordPress website and go to BackupBuddy » Restore/Migrate page.

You will need to download a copy of importbuddy.php file. In the process, you will be asked to provide a password for importbuddy. This password will be used when you restore your website.

Download importbuddy

Next, you need to download a copy of your backup if you haven’t already done so. You can download it from BackupBuddy » Backups or the destination that you used to store your backups.

Once you have the backup zip file and importbuddy.php stored on your computer, connect to your website using FTP.

If you have a complete backup of your website, then delete all files and folders from your server.

However, if you have a partial backup, then you need to first download the files that you haven’t backed up. Once you are sure that you have everything backed up, proceed deleting all files and folders from your website’s root directory.

Delete old WordPress files

Next you need to upload your BackupBuddy backup and importbuddy.php files to your website’s root folder.

Once both files are uploaded to the server, visit importbuddy.php in your web browser. It is in your website’s root directory, so its URL will be something like:

http://www.example.com/importbuddy.php

ImportBuddy will now ask for the password that you created when you downloaded ImportBuddy.

importbuddy password

On the next screen, ImportBuddy will display the backup file you uploaded. In case you did not upload your backup file using FTP, then you can click on the upload tab to upload the backup file now. If you have your backups stored on iTheme’s Stash storage service, then you can connect to it by clicking on stash tab now. Once you have selected your database, click on Next Step to continue.

Select your backup file

ImportBuddy will unzip your backup file and show you a success message when it has extracted the files. Click on the next step button to continue.

On the next screen, ImportBuddy will ask you to provide site URL and database information.

If you are restoring a hacked WordPress website or trying to remove malware, then you do not want to use your old database.

You can either drop tables from your old database using phpMyAdmin, or create a new database using cPanel. Once you are done creating a new database or emptying the old one, provide your database details.

On the other hand, if you are sure your site wasn’t hacked, then you can use the same old database details.

database settings

Click on the next button to continue and importbuddy will now test your database settings and import your data. Once it is done, click next step to continue.

Now ImportBuddy will update your site URLs, paths, etc. After that, you will be asked to test your site. If everything is working fine, then you have successfully restored your website.

Review and cleanup

On the importbuddy page, click ‘Clean up and remove temporary files’ button. This will delete temporary data in database and files created during restoration.

Restoring WordPress using UpdraftPlus Backup

UpdraftPlus is another popular WordPress backup plugin. It allows you to easily backup and restore your WordPress site.

First you need to make sure that you have a complete backup of your WordPress site created by UpdraftPlus. Next, you need to download the backup files to your computer.

If your backups are stored by UpdraftPlus on a remote storage location like Dropbox, Google Drive, etc, then you can download your backup files from those locations to your computer.

Next, you need to connect to an FTP client and delete all WordPress files. After that you need to install WordPress again and login to your website.

You will need to install and activate the UpdraftPlus plugin. Upon activation, visit Settings » UpdraftPlus Backups page and click on the Restore button.

Upload your backup files

Next, you need to click on the ‘Upload backup files’ link and then uplaod the backup files you downloaded earlier.

Uploading backup files

Once your backup files are uploaded, UpdraftPlus will scan those files and will show them on the backups page.

You will need to click on the ‘Restore’ button to proceed.

Restore backup files

This will bring up a popup where you need to click on the restore button again to continue. Make sure that all available backup files such as plugins, database, themes and others are selected.

Restoring backup files

UpdraftPlus will now start extracting and restoring data from those files. Upon success, you will be redirected to the success page.

Backup restored

That’s all, you have successfully restored your WordPress site from an UpdraftPlus backup.

Restoring WordPress Database from Backup using phpMyAdmin

When restoring a manually created backup, you may come across two possible choices. You can either create a new database and import your backup into it, or you can empty your existing database and import backup.

If you are cleaning a hacked WordPress website, then it is very important to change your MySQL username and password before creating a new database or importing into existing database.

To create a new database, login to the cPanel dashboard of your WordPress hosting account and click on the MySQL Databases icon.

MySQL Databases in Cpanel

Next, you will be asked to provide a name for your database and then click on the ‘Create Database’ button.

Create new database

After creating the new database, you need a MySQL user associated with that new database. Scroll down to the MySQL users section and add a new user.

Add new database user

Next, you need to add this user to the MySQL database. Scroll down to ‘Add user to database’ section and select the user along with the database from the drop down menus and then click on the add button.

Add user to db

Now your new database is ready. You can use it to restore your WordPress database backup.

Head over to the cPanel dashboard again and then click on the phpMyAdmin icon.

Launch phpMyAdmin

Next, you need to click on your new database name and then click on the import button.

Importing your database

Click on ‘choose file’ button to select your WordPress database backup file and then click on the go button at the bottom of the page to continue.

PhpMyAdmin will now upload your backup and import it into your database.

You will see a success message upon completion.

That’s all. You have successfully imported your WordPress database. Now the next step is to install WordPress using your new database. If you have already installed WordPress, then add your new database settings into your wp-config.php file, and you will be good to go.

Restoring WordPress Database Backup using cPanel

If you manually created a WordPress database backup using the cPanel on your shared hosting, then you can also restore that database using cPanel.

Log into your cPanel account and under the files section click on Backup.

Backup in cPanel

On the backups page, scroll down to ‘Restore a MySQL database backup’.

Next, click on the choose file button and select the backup file from your hard disk. Once done, click on the upload button.

Restore database using cPanel

Manually Restoring WordPress Files using FTP

If you are restoring WordPress to clean up a hacked site, then you first need to delete all existing WordPress files and directories.

Only do this if your backup is upto date, and you have everything customized, changed, or uploaded on your website.

If you have all your uploads and customizations, then you can safely delete everything on your website using cpanel (way faster) or using FTP.

To delete all files from your website, login to the cPanel of your hosting / VPS hosting and under files section click on the file manager icon.

File manager in cPanel

Go ahead and choose Web root as your directory and proceed. File manager interface will now open in a new browser tab. You will need to select all WordPress files and delete them. This way is much faster.

You can also delete files using FTP, but it’s slower. Simply connect to your website using an FTP client and select all files in your WordPress root directory to delete them.

Delete old WordPress files

Next, you need to download a fresh copy of WordPress from WordPress.org and extract it to your hard disk.

Launch your FTP client and then upload all WordPress files to your server.

Upload WordPress files

Once you have uploaded WordPress files, you can upload wp-config.php file from your backup (only if you are sure that it is clean and not compromised).

Alternately, you can rename wp-config-sample.php file in your freshly uploaded WordPress files to wp-config.php file. After that you will need to edit wp-config.php file and enter your database information.

Don’t forget to save the file and upload it back to your website.

Next, you need to upload other files from your backup. We will recommend that you only upload your images in /wp-content/uploads/ directory.

Once you have uploaded these, visit your website to check that everything is working fine.

Next, you need to login to your WordPress admin area and start installing plugins you had on your site.

Now you can move on to install your theme. If you had customized your WordPress theme or were using a child theme, then you can restore it from backup. However, make sure that those files are clean.

Lastly, go to Settings » Permalinks and adjust permalinks settings to match your site and then update permalinks.

Troubleshooting WordPress Backup Restore Issues

There are some common problems that you may come across when restoring your WordPress website. We have separate guides for each of them.

Things to do After Restoring your WordPress Site

Once you have successfully restored your website, we strongly recommend that you improve your website security.

If you haven’t done so already, please make sure that you have a regular WordPress backup with one of these WordPress backup plugins.

For securing your website, we will recommend that you immediately change your WordPress password. If you are running a multi-user website, then ask all users to update their passwords immediately.

You can also install a website firewall. At WPBeginner, we use Sucuri to monitor and strengthen security of our website. It monitors for security threats, and they also offer malware removal service with their subscription plans. See how Sucuri helped us block 450,000 attacks in 3 months.

We hope this article helped you learn how to restore WordPress from backup. You may also want to see our ultimate step by step WordPress security guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post Beginner’s Guide: How to Restore WordPress from Backup appeared first on WPBeginner.

5 Best WordPress Firewall Plugins Compared

Are you looking for the best WordPress firewall plugin for your website? WordPress firewall plugins protect your website against hacking, brute force and distributed denial of service (DDoS) attacks. In this article, we will compare the best WordPress firewall plugins, and how they stack up… Read More »

The post 5 Best WordPress Firewall Plugins Compared appeared first on WPBeginner.

Are you looking for the best WordPress firewall plugin for your website? WordPress firewall plugins protect your website against hacking, brute force and distributed denial of service (DDoS) attacks. In this article, we will compare the best WordPress firewall plugins, and how they stack up against each other.

Best WordPress firewall plugins compared

What is a WordPress Firewall Plugin?

A WordPress firewall plugin (also known as web application firewall or WAF), acts as a shield between your website and all incoming traffic. These web application firewalls monitor your website traffic and blocks many common security threats before they reach your WordPress site.

Aside from significantly improving your WordPress security, often these web application firewalls also speed up your website and boost performance.

There are two common types of WordPress firewall plugins available.

DNS Level Website Firewall – These firewall route your website traffic through their cloud proxy servers. This allows them to only send genuine traffic to your web server.

Application Level Firewall – These firewall plugins examine the traffic once it reaches your server but before loading most WordPress scripts. This method is not as efficient as DNS level firewall in reducing the server load.

We recommend using a DNS level firewall because they are exceptionally good at identifying genuine website traffic vs bad requests.

They do that by tracking thousands of websites, comparing trends, looking for botnets, known bad IPs, and blocking traffic to pages that your users would normally never request.

Not to mention, DNS level website firewalls significantly reduce the load on your WordPress hosting server which makes sure that your website does not go down.

Having said that, let’s take a look at the best WordPress firewall plugins that you can use to protect your website.

1. Sucuri

Sucuri

Sucuri is the leading website security company for WordPress. They offer DNS level firewall, intrusion and brute force prevention, as well as malware and blacklist removal services.

All your website traffic goes through their cloudproxy servers where each request is scanned. Legitimate traffic is allowed to pass through, and all malicious requests are blocked.

Sucuri also improves your website’s performance by reducing server load through caching optimization, website acceleration, and Anycast CDN (all included). It protects your website against SQL Injections, XSS, RCE, RFU and all known-attacks.

Setting up their WAF is quite easy. You will need to add a DNS A record to your domain and point them to Sucuri’s cloudproxy instead of your website.

At WPBeginner, we use Sucuri to improve our WordPress security. See how how Sucuri helped us block 450,000 WordPress attacks in 3months.

Pricing: Starting from $199.99/year billed annually.

Grade: A+

2. Cloudflare

Cloudflare

Cloudflare is best known for their free CDN service which includes basic DDoS protection as well. However, their free plan doesn’t include website application firewall. For WAF you will need to signup for their Pro plan.

Cloudflare is also a DNS level firewall which means your traffic goes through their network. This improves performance of your website and reduces downtime in case of unusually high traffic.

The Pro plan only includes DDoS protection against layer 3 attacks. For protection against advanced DDoS layer 5 and 7 attacks, you will need at least their business plan.

Cloudflare has its pros, which include CDN, caching, and a larger network of servers. The downside is that they do not offer application level security scans, malware protection, blacklist removal, security notifications and alerts. They also do not monitor your WordPress site for file changes and other common WordPress security threats.

For more details see our comparison of Sucuri vs Cloudflare.

Pricing: Starting from $20/month for Pro plan and $200/month for Business.

Grade: A

3. SiteLock

SiteLock

SiteLock is another well-known website security company offering website application firewall, DDoS protection, malware scan and removal services.

SiteLock’s WAF is a DNS level firewall with a CDN service included in all plans to improve performance of your website. They offer daily malware scans, file change monitoring, security alerts, and malware removal.

All plans include basic DDoS protection while advanced DDoS protection is available as an add-on. They also allow customers to display SiteLock trust seal on their websites.

They have also partnered with many hosting companies to offer their basic plan as an addon. If you start your WordPress blog with Bluehost then you will be shown SiteLock as an addon that you can add to your hosting package.

However, it is unclear what’s included in that addon, and how it is different than the plans offered on SiteLock’s official website.

Pricing: Accelerate Plan costs $299 / year and Prevent plan costs $499 / year.

Grade: B+

4. Wordfence Security

Wordfence

Wordfence is a popular WordPress security plugin with a built-in website application firewall. It monitors your WordPress site for malware, file changes, SQL injections, and more. It also protects your website against DDoS and brute force attacks.

Wordfence is an application level firewall which means that firewall is triggered on your server and bad traffic is blocked after it reaches your server but before loading your website.

This is not the most efficient way to block attacks. Large number of bad requests will still increase load on your server. Because it’s an application level firewall, WordPress does not come with a content delivery network (CDN).

Wordfence comes with on-demand security scans as well as scheduled scans. It also allows you to manually monitor traffic and block suspicious looking IPs directly from your WordPress admin area.

To learn more about Wordfence, see our guide on how to install and setup Wordfence security in WordPress.

To get their sophisticated application level firewall, you really need the Premium version.

Pricing Basic plugin is Free. Premium version pricing starts from $99/year for a single site license.

Grade: B

5. BulletProof Security

BulletProof Security

BulletProof security is another popular WordPress security plugin. It comes with a built-in application level firewall, login security, database backup, maintenance mode, and several security tweaks to protect your website.

BulletProof security does not offer a very good user experience and many beginners may have difficulty understanding what to do. It does come with a setup wizard that automatically updates your WordPress .htaccess files and enables firewall protection.

It does not have a file scanner to check for malicious code on your website. The paid version of the plugin offers extra features to monitor for intrusion and malicious files in your WordPress uploads folder.

Pricing: Free basic plugin. Pro version costs $59.95 for unlimited sites and lifetime support.

Grade: C

Conclusion

After careful comparison of all these popular WordPress firewall plugins, we believe that Sucuri is undoubtedly the best firewall protection you can get for your WordPress site.

It is the best DNS level firewall with the most comprehensive security features to give you complete peace of mind. On top of that, the performance boost that you get from their CDN is very impressive.

We hope this article helped you find the best WordPress firewall plugin for your website. You may also want to see our ultimate step by step WordPress security guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post 5 Best WordPress Firewall Plugins Compared appeared first on WPBeginner.

5 Best WordPress Firewall Plugins Compared

Are you looking for the best WordPress firewall plugin for your website? WordPress firewall plugins protect your website against hacking, brute force and distributed denial of service (DDoS) attacks. In this article, we will compare the best WordPress firewall plugins, and how they stack up… Read More »

The post 5 Best WordPress Firewall Plugins Compared appeared first on WPBeginner.

Are you looking for the best WordPress firewall plugin for your website? WordPress firewall plugins protect your website against hacking, brute force and distributed denial of service (DDoS) attacks. In this article, we will compare the best WordPress firewall plugins, and how they stack up against each other.

Best WordPress firewall plugins compared

What is a WordPress Firewall Plugin?

A WordPress firewall plugin (also known as web application firewall or WAF), acts as a shield between your website and all incoming traffic. These web application firewalls monitor your website traffic and blocks many common security threats before they reach your WordPress site.

Aside from significantly improving your WordPress security, often these web application firewalls also speed up your website and boost performance.

There are two common types of WordPress firewall plugins available.

DNS Level Website Firewall – These firewall route your website traffic through their cloud proxy servers. This allows them to only send genuine traffic to your web server.

Application Level Firewall – These firewall plugins examine the traffic once it reaches your server but before loading most WordPress scripts. This method is not as efficient as DNS level firewall in reducing the server load.

We recommend using a DNS level firewall because they are exceptionally good at identifying genuine website traffic vs bad requests.

They do that by tracking thousands of websites, comparing trends, looking for botnets, known bad IPs, and blocking traffic to pages that your users would normally never request.

Not to mention, DNS level website firewalls significantly reduce the load on your WordPress hosting server which makes sure that your website does not go down.

Having said that, let’s take a look at the best WordPress firewall plugins that you can use to protect your website.

1. Sucuri

Sucuri

Sucuri is the leading website security company for WordPress. They offer DNS level firewall, intrusion and brute force prevention, as well as malware and blacklist removal services.

All your website traffic goes through their cloudproxy servers where each request is scanned. Legitimate traffic is allowed to pass through, and all malicious requests are blocked.

Sucuri also improves your website’s performance by reducing server load through caching optimization, website acceleration, and Anycast CDN (all included). It protects your website against SQL Injections, XSS, RCE, RFU and all known-attacks.

Setting up their WAF is quite easy. You will need to add a DNS A record to your domain and point them to Sucuri’s cloudproxy instead of your website.

At WPBeginner, we use Sucuri to improve our WordPress security. See how how Sucuri helped us block 450,000 WordPress attacks in 3months.

Pricing: Starting from $199.99/year billed annually.

Grade: A+

2. Cloudflare

Cloudflare

Cloudflare is best known for their free CDN service which includes basic DDoS protection as well. However, their free plan doesn’t include website application firewall. For WAF you will need to signup for their Pro plan.

Cloudflare is also a DNS level firewall which means your traffic goes through their network. This improves performance of your website and reduces downtime in case of unusually high traffic.

The Pro plan only includes DDoS protection against layer 3 attacks. For protection against advanced DDoS layer 5 and 7 attacks, you will need at least their business plan.

Cloudflare has its pros, which include CDN, caching, and a larger network of servers. The downside is that they do not offer application level security scans, malware protection, blacklist removal, security notifications and alerts. They also do not monitor your WordPress site for file changes and other common WordPress security threats.

For more details see our comparison of Sucuri vs Cloudflare.

Pricing: Starting from $20/month for Pro plan and $200/month for Business.

Grade: A

3. SiteLock

SiteLock

SiteLock is another well-known website security company offering website application firewall, DDoS protection, malware scan and removal services.

SiteLock’s WAF is a DNS level firewall with a CDN service included in all plans to improve performance of your website. They offer daily malware scans, file change monitoring, security alerts, and malware removal.

All plans include basic DDoS protection while advanced DDoS protection is available as an add-on. They also allow customers to display SiteLock trust seal on their websites.

They have also partnered with many hosting companies to offer their basic plan as an addon. If you start your WordPress blog with Bluehost then you will be shown SiteLock as an addon that you can add to your hosting package.

However, it is unclear what’s included in that addon, and how it is different than the plans offered on SiteLock’s official website.

Pricing: Accelerate Plan costs $299 / year and Prevent plan costs $499 / year.

Grade: B+

4. Wordfence Security

Wordfence

Wordfence is a popular WordPress security plugin with a built-in website application firewall. It monitors your WordPress site for malware, file changes, SQL injections, and more. It also protects your website against DDoS and brute force attacks.

Wordfence is an application level firewall which means that firewall is triggered on your server and bad traffic is blocked after it reaches your server but before loading your website.

This is not the most efficient way to block attacks. Large number of bad requests will still increase load on your server. Because it’s an application level firewall, WordPress does not come with a content delivery network (CDN).

Wordfence comes with on-demand security scans as well as scheduled scans. It also allows you to manually monitor traffic and block suspicious looking IPs directly from your WordPress admin area.

To learn more about Wordfence, see our guide on how to install and setup Wordfence security in WordPress.

To get their sophisticated application level firewall, you really need the Premium version.

Pricing Basic plugin is Free. Premium version pricing starts from $99/year for a single site license.

Grade: B

5. BulletProof Security

BulletProof Security

BulletProof security is another popular WordPress security plugin. It comes with a built-in application level firewall, login security, database backup, maintenance mode, and several security tweaks to protect your website.

BulletProof security does not offer a very good user experience and many beginners may have difficulty understanding what to do. It does come with a setup wizard that automatically updates your WordPress .htaccess files and enables firewall protection.

It does not have a file scanner to check for malicious code on your website. The paid version of the plugin offers extra features to monitor for intrusion and malicious files in your WordPress uploads folder.

Pricing: Free basic plugin. Pro version costs $59.95 for unlimited sites and lifetime support.

Grade: C

Conclusion

After careful comparison of all these popular WordPress firewall plugins, we believe that Sucuri is undoubtedly the best firewall protection you can get for your WordPress site.

It is the best DNS level firewall with the most comprehensive security features to give you complete peace of mind. On top of that, the performance boost that you get from their CDN is very impressive.

We hope this article helped you find the best WordPress firewall plugin for your website. You may also want to see our ultimate step by step WordPress security guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post 5 Best WordPress Firewall Plugins Compared appeared first on WPBeginner.

How to Redirect Your User’s Attention with Comment Redirect

Comments are a great way to keep your users engaged and build a strong community around your content. Tiny hacks like comment redirect help you improve user experience and stand out. In this article, we will show you how to easily redirect user’s attention with… Read More »

The post How to Redirect Your User’s Attention with Comment Redirect appeared first on WPBeginner.

Comments are a great way to keep your users engaged and build a strong community around your content. Tiny hacks like comment redirect help you improve user experience and stand out. In this article, we will show you how to easily redirect user’s attention with comment redirect in WordPress.

Redirect Your User’s attention with Comment Redirect

First thing you need to do is install and activate the Yoast Comment Hacks plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to visit Settings » Comment Hacks page to configure plugin settings.

Yoast Comment Hacks settings page

Yoast Comment Hacks plugin is a combination of many useful hacks to improve the default WordPress comment system. See our guide on how to install and setup Yoast Comment Hacks for WordPress to learn about all its features.

Right now we will focus on the comment redirect feature in the plugin.

Go ahead and click on the ‘Comment Redirect’ tab on the settings page.

Select a page where you want users to be redirected

Here you need to select a page where you want your first time commenters to be redirected to. This could be a simple thank you page with an email signup form, social media links, and your most popular posts.

You can also redirect users to a landing page, special offer, or a specific lead magnet page.

After selecting your page, don’t forget to click on the save changes button to store your settings.

To see the comment redirect in action, you will need to logout of your WordPress site first. After that go to any post on your website and leave a comment using a random name and email address.

You will be automatically redirected to your selected page when you submit the comment.

Comment redirect page example

Creating A Powerful Comment Redirect Page

Yoast Comment Hacks only redirects first time commenters. This means you only get one shot at converting those users and leaving a meaningful impression.

Here are some tips on creating a powerful comment redirect page.

You can create a beautiful custom page using a drag and drop page builder plugin. We recommend using Beaver Builder which comes with several ready to use page templates that will work perfectly for this purpose.

You also need to set a goal for your comment redirect page. This goal could be any task you would like to see the user perform. For example, buying a product, signing up for your email list, following you on social media, etc.

You can use OptinMonster to capture those leads. It is the best lead generation software that helps you convert abandoning visitors into subscribers and customers.

We hope this article helped you learn how to redirect your user’s attention with comment redirect in WordPress. You may also want to see these actionable tips to drive traffic to your WordPress site.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Redirect Your User’s Attention with Comment Redirect appeared first on WPBeginner.

25 Interesting Facts About WordPress (Infographic)

Want to know some cool WordPress facts? WordPress turn 14 years old today, so we thought what best way to celebrate the world’s most popular website building software than to create a top 25 facts about WordPress infographic. Here are 25 most interesting facts about… Read More »

The post 25 Interesting Facts About WordPress (Infographic) appeared first on WPBeginner.

Want to know some cool WordPress facts? WordPress turn 14 years old today, so we thought what best way to celebrate the world’s most popular website building software than to create a top 25 facts about WordPress infographic. Here are 25 most interesting facts about WordPress that you may not know.

You can click on the image below to view the infographic or keep reading the text version :)

25 Facts about WordPress

1. WordPress is Older Than Twitter and Facebook

WordPress.org homepage in 2003

The first version of WordPress was released on May 27, 2003. This makes WordPress older than both Facebook and Twitter.

2. The Name – WordPress

The name WordPress was suggested by Christine Selleck Tremoulet

Christine Selleck Tremoulet, a prolific blogger and a friend of Matt Mullenweg (co-founder of WordPress), suggested the name WordPress.

3. WordPress Powers Nearly 27% of All Websites

CMS usage statistics

According to W3Techs web technologies surveys, WordPress currently powers nearly 27% of all websites.

4. WordPress Dominates 76.4% of CMS Market Share

WordPress CMS markets share

According to Wappalyzer, WordPress dominates the content management software usage with 76.4% market share.

5. WordPress is Open Source and Free

WordPress is free and open source

WordPress is released under GNU GPL license, which allows anyone in the world to download and use it. The source code is freely available for anyone to study, use, modify, and build upon.

See our article on why is WordPress free? What are the costs? What is the catch?

6. WordPress is Not Owned by Any Company

WordPress trademark is owned by WordPress Foundation

In order to protect the freedoms offered by open source, WordPress co-founder Matt Mullenweg created the WordPress Foundation. This non-profit organization owns the ‘WordPress’ trademark, and protects freedoms offered by the software’s open source license.

For more details see: who owns WordPress and how does WordPress make money.

7. WordPress Doesn’t Have a CEO

WordPress community

Since WordPress is an open source project not owned by any company, it does not have a CEO. The project is run by volunteer developers from all over the world.

There is a thorough decision making process in place which allows anyone to submit bug reports, patches, suggest features, and so on.

8. WordPress powers a Multi-Billion Dollar Economy

WordPress is a multi-million dollar industry

Hundreds of companies and thousands of professionals from all over the world sell WordPress based products, services, and solutions. WordPress provides excellent opportunities to thousands of developers, designers, and entrepreneurs to build their businesses upon WordPress.

Check out our list of 20 most influential WordPress businesses and companies.

9. 1.48 Billion Plugin Downloads

1.48 Billion plugin downloads

WordPress plugin downloads crossed 1.48 Billion total downloads in 2016. That’s 48% increase since 2015 when plugin downloads surpassed 1 Billion mark.

10. WordPress is Used by Governments All Over The World

WordPress in Government

WordPress powers thousands of government websites in all parts of the world. The list includes dozens of US Federal and State government websites, counties, small towns, high schools, etc.

11. WordPress in Education

WordPress in education

WordPress is used by thousands of universities, colleges, and schools all over the world. The open source license allow students and academia to study, modify, learn, and contribute to the development of WordPress core, plugins, and themes.

See our list of 40+ popular universities that are using WordPress

12. More than 50,000 Free Plugins

WordPress plugins

Plugins are like apps for your WordPress site. There are currently more than 50,000 free WordPress plugins available for download. From creating an online store to adding a contact form, whatever you want to do there is a good chance that you will find a plugin for that.

Take a look at our pick of 24 must have WordPress plugins for business websites.

13. More Non-English WordPress Downloads

More non-English WordPress downloads

In 2014, non-English WordPress downloads surpassed the English version. In later years, WordPress made it possible to install language packs from the WordPress admin area. In the final release of 2016, WordPress added the language switching feature for users on a WordPress site.

14. WordPress is Available in 68+ Languages

WordPress is available in 68+ languages

WordPress is fully translated into 68 languages, and it is partially translated into dozens more. Many popular WordPress plugins and themes are also available in different languages. It can also be used as multi-lingual platform with the help of plugins like WPML and Polylang.

See our guide on how to install WordPress in other languages.

15. WordCamp Events in 41 Countries

WordCamp events around the world

Official WordPress events are called WordCamps. In 2016, there were 115 WordCamp events in 41 countries attended by 36,000 WordPress users.

16. WordPress Meetups in 58 Countries

WordPress meetups around the globe

WordPress meetups are smaller events organized by local communities under the umbrella of the WordPress Foundation. In 2016, there were 3193 WordPress meetups, in 58 countries, attended by 62,566 users.

17. WordPress Cousins

WordPress sister projects

The community behind WordPress also runs sister projects like bbPress, BuddyPress, and GlotPress. They are all open source software built on top of the WordPress core and principles.

18. 11.45% of WordPress sites use SSL Encryption

HTTPS and SSL encryption for WordPress sites

In 2016, the number of WordPress sites using HTTPS was increased from 4% to 11.45%. It is expected to grow tremendously as WordPress plans to push encryption more pro-actively in 2017. See our guide on how to add free SSL in WordPress with Let’s Encrypt.

19. WordPress is Written in PHP and MySQL

WordPress is Written in PHP and MySQL

WordPress is written in PHP programming language and uses MySQL for database.

20. 20% of WordPress is Written in JavaScript

JavaScript

20% code in the WordPress core is JavaScript. This is expected to grow as WordPress becomes more and more like an application development framework.

21. Free Community Based WordPress Support

WordPress support

WordPress is a community driven project and support is widely available free of cost. There is an official WordPress support forum which gets thousands of posts every day.

There are also resource websites like WPBeginner where users can find tutorials, watch videos, and learn WordPress.

If you ever have questions about WordPress, simply reach out to us through our contact form. We also recommend looking at our guide on how to properly ask for WordPress support and get it.

22. WordPress and Jazz

WordPress and Jazz

All WordPress releases are named after Jazz artists. For example, WordPress 1.0 was named after Mike Davis and WordPress 4.6 was named after Pepper Adams.

23. WordPress has a built-in Auto Update System

WordPress updates

WordPress automatically updates itself for minor releases. It can also push plugin updates automatically if there is a severe vulneribility found that threatens millions of websites.

24. WordPress.com is Not The Same as WordPress.org

WordPress.org vs WordPress.com

WordPress is the open source software that allows you to build your website. You will need WordPress hosting to install WordPress (see our guide on how to make a website).

On the other hand, WordPress.com is a blog hosting service run by Automattic.

See our guide on the difference between WordPress.com vs WordPress.org.

25. WordPress for Multisite Networks

WordPress multisite network

WordPress has built-in multisite feature which is hidden by default. It allows you to create a network of websites using the same WordPress installation. For more on this topic, take a look at our guide on how to install and setup WordPress multisite network.

We hope this article helped you learn some new interesting facts about WordPress. You may also want to see our guide on how to choose the best blogging platform.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post 25 Interesting Facts About WordPress (Infographic) appeared first on WPBeginner.

29 Best WordPress Themes for Authors

Are you looking for a WordPress theme for authors? As an author, you want to offer a better reading experience for users while allowing them to connect with you and purchase your books. In this article, we will show you some of the best WordPress… Read More »

The post 29 Best WordPress Themes for Authors appeared first on WPBeginner.

Are you looking for a WordPress theme for authors? As an author, you want to offer a better reading experience for users while allowing them to connect with you and purchase your books. In this article, we will show you some of the best WordPress themes for authors that you can use on your website.

Best WordPress themes for Authors

Building a WordPress Site for Authors

WordPress is an ideal platform to build websites for authors and writers. It allows you the flexibility and freedom to grow your author profile and connect with readers.

First, you need to make sure that you are using the right platform. A self-hosted WordPress.org site gives you the freedom to use all WordPress features on your website.

Next, you will need a WordPress hosting account and a domain name.

We recommend using Bluehost. It is one of the largest hosting companies in the world and an official WordPress hosting partner. They’re giving our users 65% off + a free domain.

Once you have signed up for hosting, you are now ready to install WordPress. Follow the instructions in our complete step by step guide on how to start a WordPress blog and you will be up and running in no time.

After installing WordPress, it is time to choose a WordPress theme. Select a theme from our expert pick below.

Need help installing the theme? See our beginner’s guide on how to install a WordPress theme.

Having said that, let’s take a look at some of the best WordPress themes for authors. This list contains both paid and free themes and all of them are mobile responsive.

1. Creativo

Creativo

Creativo is a creative multi-purpose WordPress theme suitable for authors. It includes several readymade website layouts that can be installed with one-click. You will have to just replace the content with your own and you will be good to go.

It has built-in portfolio content type, full WooCommerce support, 7 skins, 3 design layouts, multiple header layouts, and unlimited color choices. It also comes with freebies like a page builder, slider, and a live chat plugin.

2. Modules

Modules

Modules is a beautifully designed WordPress theme perfect for authors and bloggers. It uses a modular approach to design and comes with several ready to use modules that you can drag and drop to build your layouts.

It also includes several demo websites that you can install and use as an starting point for your website. Inside the theme you will find several custom widgets, unlimited sidebars, header styles, video background support, Google Fonts, and full WooCommerce support.

3. Candid

Candid

Candid is an awesome WordPress theme for storytellers, authors, and photographers. It comes with a two column layout, large images, and graceful mobile responsive design. With its minimalist design approach Candid makes your content pop out.

It offers beautiful typography featuring Abril Display, a clean and sophisticated serif font. It makes your content more readable and enjoyable on all devices and screen sizes.

4. Wilson

Wilson

Wilson is an elegant and simple WordPress theme designed specifically for authors and content rich websites. It includes multiple layouts for your blog, homepage slider, several custom widgets, and multiple post formats.

It has several layouts for header section with different ways to display your logo, navigation menus, and social buttons. It is WooCommerce ready so you can easily add an online store to your WordPress site.

5. Binder Pro

Binder Pro

Binder Pro is a well-crafted WordPress theme designed for publishing. It is perfect for content rich websites like magazines and blogs. Inside it you will find 7 ready-made websites that can be installed with one-click and then you can easily replace content with your own.

It uses modules and allows you to just drag and drop them to build your own layouts as well. It has multiple sidebars, header styles, icon fonts, unlimited custom sidebars and full WooCommerce support.

6. The Daily Dish Pro

Daily Dish Pro

Daily Dish is a WordPress theme for authors and bloggers with a professional design. It is built on top of the powerful Genesis theme framework. The most notable features of the theme are its crisp typography and beautiful display of images.

It has a widgetized homepage layout which is quick and easy to setup. Inside you will also find multiple page templates, custom header, and full WooCommerce support.

7. Heron

Heron

Heron is a beautifully designed WordPress theme for authors, bloggers, and writers. It features beautiful typography, earth toned colors, and a minimalist clean layout. The theme uses large fully scalable featured images and videos.

It has a full screen search overlay next to the navigation menu on top. It also comes with author bio box for multi-author WordPress sites.

8. Medium

Medium

Medium is a WordPress theme for bloggers with a three column layout. It supports infinite scroll, custom colors with multiple page templates including a custom archives page.

Designed to instantly set up a professional looking blog, Medium is quick and easy to setup and looks stunning even on smaller screens.

9. Suarez

Suarez

Suarez is a stunningly beautiful WordPress blog theme for authors. It features a unique homepage style which is designed to showcase your content prominently using images and text.

It includes beautiful animations, multiple page layouts, and custom content discovery widgets. It also has hero homepage slider for your homepage and ships with a separate slider plugin to use anywhere on your site.

10. Brittany

Brittany

Brittany is a stylish WordPress blog theme with a beautiful design. The homepage features an intro section at the top followed by your most important content.

It has several layout options and templates for different pages. You will also get several custom widgets for easy social media integration and content discovery features.

11. Expose Pro

Expose

Expose Pro is a WordPress blogging and portfolio theme for authors. Created by the folks at StudioPress, it comes with a widgetized homepage with four widget areas and has multiple templates for your blog, homepage, archive, and landing pages.

It is designed to beautifully showcase your content and uses large images with elegant typography to make your content more enjoyable. It has a custom gallery post format with lightbox display of your photos. It is highly optimized for speed and performance and comes with quick and straightforward setup.

12. Presence

Presence

Presence is designed to quickly create online presence and works perfectly for bloggers and authors as well. It includes 10 demo websites that you can easily import and then just replace the content with your own to create your website instantly.

13. Remi

Remi

Remi is a simpler WordPress blog and portfolio theme for authors. It has a minimalist two column grid layout. It includes additional layout choices that you can use with several custom widgets, page templates, and multiple sidebars.

It has a sticky sidebar menu on the left followed by a widget ready area. The search feature utilizes Ajax and graceful animation to display results.

14. True North

True  North

True North is an elegant WordPress theme with beautiful design. It uses a grid layout on the home page with beautiful display of images. It has multiple layout choices and a built-in portfolio section to showcase your work.

It also supports custom background, custom header, and has several custom widgets for social media and content discovery features.

15. Elegant

Elegant

Elegant is a WordPress blog and portfolio theme. It features a beautiful layout with logo and navigation menu on top with a social menu. It has multiple layout options including a grid layout.

It has built-in portfolio content type, several custom widgets, multiple color schemes, and easy to use theme options panel. It ships with a drag and drop page builder and full WooCommerce support.

16. Libretto

Libretto

Libretto is a free WordPress blog theme with a distraction free layout which makes it an excellent choice for a blog or author’s website. It has a beautiful color scheme with gorgeous typography.

Designed in the traditional one-column blog layout with navigation menu at top. It supports custom header and background, social links menu, and footer widget area.

17. Pocket

Pocket

Pocket is a distraction free WordPress theme for bloggers, photographers, and authors. It takes the minimalist approach to the design with special focus on typography and images. Using a single column layout, with readable fonts and large featured images, Pocket makes your content pop out and offers a very engaging user experience.

It has a navigation menu at top and a social links menu at the bottom of each page. It requires very little time to set up and gets out of your way so that you can create amazing content on your blog.

18. Writee

Writee

Writee is a free WordPress theme designed for authors, writers, and bloggers. Inside you will find a full-width boxed slider allowing you to showcase your most important content at the top. It pays special attention to readability with elegant typography and a spacious layout.

It has a navigation menu and a social links menu at the top. It also adds social sharing icons below each article and excerpt so that your users can easily sharing content.

19. Baseline

Baseline

Baseline is a WordPress theme for magazine, blogs, and content rich websites. The main focus of theme is improved reading experience and a layout that is easy on eyes.

It includes a header category menu, featured content slider, multiple layout options and infinite scroll. It is easy to setup and has a getting started page to help you setup theme.

20. Relive

Relive

Relive is a modern WordPress theme for authors and storytellers. It is designed to created an immersive experience with the help of audio, video, images and text.

Ideal for long form content with beautiful scrolling effects, Relive also comes with a page builder and tons of customization options. It is easy to setup and ships with 1-click demo content installer.

21. Metro Pro

Metro Pro

Metro Pro is a powerful WordPress theme built on top of Genesis theme framework. It includes an easy to setup home page with sections for featured stories into a beautiful layout.

It also has built-in social media integration, custom menus, custom widgets, and a theme options panel. With rock solid code, Metro Pro is highly optimized for performance and speed.

22. Author

Author

Author is a free WordPress theme for authors and publishers. It focuses on improved accessibility with a beautiful design. It loads fast and the code is optimized to improve performance of your WordPress site.

It uses a simple two-column layout with a sidebar and navigation menu to the right. It is easy to setup and can be customized using live theme customizer.

23. Montblanc

Montblanc

Montblanc is a very powerful and highly customizable WordPress theme perfect for authors. It comes with flexible layout choices, multiple homepage styles, custom widgets, page templates, etc.

It can be used for a multi-author magazine website, or a single page author profile. It also includes portfolio, photo galleries, and beautiful sliders. It is WooCommerce ready and comes with a powerful page builder plugin.

24. Sanse

Sanse

Sanse is an extremely simple WordPress theme for authors and bloggers. It offers a unique design with no featured images displayed on the homepage. Making it load much faster and offer pleasant user experience for your readers.

It is designed for bloggers and is a great choice for long form content. It supports custom logo, custom header and background. It comes with a single widget ready area in the footer and does not include any sidebars.

25. Publisher

Publisher

As the name suggests, Publisher is a WordPress theme for authors, publishers, and magazine websites. It uses a masonry style layout with your content presented as blocks. It beautifully handles images, audio, video, and text.

It is very easy to setup and gets out of your way. It comes with easy customization options that can be all accessed from live theme customizer. It also includes custom headers, custom backgrounds, individual backgrounds for any articles, infinite scroll, and custom widgets.

26. Paperback

Paperback

Paperback is an elegant multipurpose WordPress theme suitable for any kind of website. It is designed to beautifully display your content and is perfect for content rich websites.

It prominently uses featured images from your articles throughout the layout. The home page includes a featured content slider which allows you to quickly get users engaged. It has great typography and looks equally great on mobile and desktop.

27. Indigo

Indigo

Indigo is a gorgeous multipurpose WordPress theme. It comes with easy to use modules that you can just drag and drop to build your homepage layout. It also includes 14 ready made websites that you can install and then just replace the content with your own. These websites include a blog, magazine, and stories theme that would work perfectly for any blog or author website.

28. Nectar

Nectar

Nectar is a beautifully designed WordPress theme. It is super flexible and easy to set up for almost any kind of website including an author website with a blog and portfolio section.

The homepage layout features a large full-width slider followed by your call to action, welcome message, and then your featured content. It also includes a custom theme options panel which allows you to just check boxes and add text to setup theme.

29. Lenscap

Lenscap

Lenscap is an ecommerce ready WordPress theme suitable for personal blogs and content rich sites. It includes a large featured content carousel and a footer category menu to add content discovery at the top.

It uses lightbox popup to display your photos and videos for an immersive viewing experience. It includes multiple ready to use color schemes. It is highly customizable and utilizes the live theme customizer for quicker setup.

That’s all for now.

We hope this article helped you find the best WordPress theme for authors and writers. You may also want to see our ultimate WordPress SEO guide and the list of must have WordPress plugins to grow your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post 29 Best WordPress Themes for Authors appeared first on WPBeginner.

How to Uninstall and Reinstall WordPress

Recently, one of our users asked us how they can uninstall and reintsall WordPress? Reinstalling WordPress can solve issues when all other troubleshootings tips fail. In this article, we will show you how to safely uninstall and reinstall WordPress without losing your data or SEO.… Read More »

The post How to Uninstall and Reinstall WordPress appeared first on WPBeginner.

Recently, one of our users asked us how they can uninstall and reintsall WordPress? Reinstalling WordPress can solve issues when all other troubleshootings tips fail. In this article, we will show you how to safely uninstall and reinstall WordPress without losing your data or SEO.

How to uninstall and reinstall WordPress

When Do You Need to Reinstall WordPress?

Reinstalling WordPress should never be the first option. Most common WordPress errors are easily fixable, and this will save you from the hassle of reinstalling WordPress.

If you cannot figure out the cause of an issue, then follow the instructions in our WordPress troubleshooting guide. It will help you pin-point the issue and find a solution.

In case of a hacked WordPress site, you can try the tips in our guide on how to clean a hacked WordPress site.

If all else fails, then uninstalling and reinstalling a fresh copy of WordPress can be used as the last resort.

Step 0. Create an Emergency Backup

Before you do anything, you should first create a complete backup of your existing WordPress site. You can use a WordPress backup plugin to do this. Make sure that you store your backup files on your computer or a cloud storage service like Google Drive or Dropbox.

We will not be using this backup to reinstall WordPress, but it’s good to have in case something goes wrong.

Step 1. Export Your WordPress Content

First thing you need to do is export your WordPress content by creating a WordPress export file. This file will contain all your posts, pages, categories, tags, and comments.

Restoring a WordPress site using this export file allows you to leave out data created by WordPress plugins.

Here is how you would create a WordPress export file.

First, sign in to your WordPress admin area and then go to Tools » Export page. Select all content and then click on ‘Download Export File’ button.

Download WordPress export file

If you have a lot of registered users on your website, then you may want to export them too. See our guide on how to easily import/export users in WordPress.

Step 2. Download wp-content Folder

All your WordPress themes, plugins, images, and uploads are stored in the /wp-content/ folder on your website.

Let’s download this content to your computer, so that you can use it later to reinstall WordPress.

Connect to your WordPress site using an FTP client or File Manager in cPanel. Once connected, select the wp-content folder and download it to your computer.

Download wp-content folder

After downloading the wp-content folder, you are ready to uninstall WordPress.

Step 3. Properly Uninstall WordPress

To uninstall WordPress, you need to connect to your WordPress site using a FTP client or File Manager in cPanel. Then you need to delete all WordPress files.

You don’t really need to delete your WordPress database. Most WordPress hosting companies allow you to create as many databases and usernames as you need.

Instead of deleting the existing database, you can create a new one with a new username and password.

To create new database, you need to login to your cPanel account and click on MySQL Databases icon.

MySQL Databases

This will bring you to the add new database page.

First, you need to enter a name for your new database and click on create database button.

Create a new database

After that, scroll down to add ‘MySQL Users’ section and add a new user. You will need to enter a username and password, and then click on ‘Create User’ button.

Add New MySQL user

Now you need to add the user to the database you created earlier. Scroll down to ‘Add user to database’ section and then select the username and database you created earlier.

Add user to database

Click on the ‘Add’ button to continue.

Your new database is ready to be used when you reinstall WordPress.

Now that you have successfully uninstalled WordPress, let’s see how to reinstall it and restore your website.

Step 4. Fresh Install WordPress

You need to download a fresh copy of WordPress from WordPress.org website.

Download WordPress

After downloading WordPress, you need to unzip the download file.

You will find a WordPress folder inside it. Open the WordPress folder, and you will see all the WordPress files.

Now, you need to upload these files to your website using an FTP client.

Upload WordPress files

After uploading the WordPress files, go ahead and visit your website. WordPress will now ask you to enter your database information.

Add database info

You need to enter the name of database, username, and password you created earlier. Your host information will most likely be localhost.

Once you are done filling out the information, click on the submit button to continue.

WordPress will now attempt to connect to your database. Upon successful connection, it will show you a success message. You can now click on the ‘Run Install’ button to continue.

Run WordPress installation

In the next step, WordPress will ask you to provide your site information like site title, description, admin email address and password.

Site information

After filling out the information, click on ‘Install WordPress’ button to continue.

WordPress will now finish the installation. Go ahead and log into the WordPress admin area using the username and password you entered earlier.

Once you are logged into WordPress, you need to delete the default content.

Head over to Posts and delete the ‘Hello World’ post. Visit the ‘Comments’ section and delete the default comment. Lastly, go to Pages and delete the sample page.

You have successfully reinstalled a fresh copy of WordPress.

Now let’s move on to restoring your content.

Step 5. Restore Uploads, Images, and Theme

First, you will need to restore your uploads, images, and theme located inside the wp-content folder you downloaded earlier.

To do that, you need to connect to your website using an FTP client and go to /wp-content/ folder.

Next, you need to select the /wp-content/uploads/ folder from your computer and upload it to your website.

Upload the uploads folder

If you have made changes to your WordPress theme or child theme files, then you can upload them now. Your theme folders are located in the /wp-content/themes/ folder.

Step 6. Import Content

Now let’s import your posts, pages, categories, tags, and other content.

First, you need to go to Tools » Import page and then click on ‘Install Now’ link under WordPress.

Install WordPress importer

WordPress will now download and install the WordPress importer. After that you need to click on the ‘Run Importer’ link.

This will bring you to WordPress importer page where you need to click on the ‘Choose File’ button and then select the XML file you downloaded during our step 1.

Importing WordPress XML file

Click on ‘Upload file and import’ button to continue.

WordPress will ask you if you want to create new authors and assign the posts to them or if you would like to assign all posts to your current user account.

Import settings

If it is a single author WordPress site, then you can assign all posts to yourself. Otherwise, do nothing and WordPress will import the authors.

You also need to make sure that you check the box under ‘Import Attachments’. This will allow WordPress to properly import the images in your /wp-content/uploads/ folder to the WordPress media library.

Go ahead and click on the Submit button to continue.

WordPress will now start importing content from the XML file to your fresh WordPress install.

Once finished, you will be able to see your content by visiting your website.

Step 7. Install WordPress Plugins (One by One)

After successfully importing content to your reinstalled WordPress site, you can move on to installing plugins.

You will need to install all plugins one by one and then activate them. You may need to manually setup plugins to adjust their settings.

That’s all, you have successfully uninstalled and reinstalled WordPress. You can now review your website and setup things as they were before like your navigation menus, sidebar widgets, contact form, and more.

We hope this article helped you learn how to uninstall and reinstall WordPress. You may also want to see our ultimate step by step WordPress security guide.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Uninstall and Reinstall WordPress appeared first on WPBeginner.

How to Create a Custom WordPress Widget

Do you want to create your own custom widgets in WordPress? Widgets allow you to drag and drop elements into any sidebar or widget ready area of your website. In this article, we will show you how to easily create a custom WordPress widget. What… Read More »

The post How to Create a Custom WordPress Widget appeared first on WPBeginner.

Do you want to create your own custom widgets in WordPress? Widgets allow you to drag and drop elements into any sidebar or widget ready area of your website. In this article, we will show you how to easily create a custom WordPress widget.

Creating a custom WordPress widget

What is a WordPress Widget?

WordPress widgets contain pieces of code that you can add to your website’s sidebars or widget ready areas. Think of them as modules that you can use to add different elements by using a simple drag and drop interface.

By default, WordPress comes with a standard set of widgets that you can use with any WordPress theme. See our beginner’s guide on how to add and use widgets in WordPress.

WordPress widgets

WordPress also allows developers to create their own custom widgets. Many WordPress themes and plugins come with their own custom widgets that you can add to your sidebars.

For example, you can add a contact form, a custom login form, or a photo gallery to a sidebar without writing any code.

Having said that, let’s see how to easily create your own custom widgets in WordPress.

Creating a Custom Widget in WordPress

Before we get started, it would be best if you create a site-specific plugin where you will be pasting the widget code from this tutorial.

You can also paste the code in your theme’s functions.php file. However, it will only be available when that particular theme is active.

In this tutorial, we will create a simple widget that just greets visitors. Take a look at this code and then paste it in your site-specific plugin to see it in action.

// Register and load the widget
function wpb_load_widget() {
	register_widget( 'wpb_widget' );
}
add_action( 'widgets_init', 'wpb_load_widget' );

// Creating the widget 
class wpb_widget extends WP_Widget {

function __construct() {
parent::__construct(

// Base ID of your widget
'wpb_widget', 

// Widget name will appear in UI
__('WPBeginner Widget', 'wpb_widget_domain'), 

// Widget description
array( 'description' => __( 'Sample widget based on WPBeginner Tutorial', 'wpb_widget_domain' ), ) 
);
}

// Creating widget front-end

public function widget( $args, $instance ) {
$title = apply_filters( 'widget_title', $instance['title'] );

// before and after widget arguments are defined by themes
echo $args['before_widget'];
if ( ! empty( $title ) )
echo $args['before_title'] . $title . $args['after_title'];

// This is where you run the code and display the output
echo __( 'Hello, World!', 'wpb_widget_domain' );
echo $args['after_widget'];
}
		
// Widget Backend 
public function form( $instance ) {
if ( isset( $instance[ 'title' ] ) ) {
$title = $instance[ 'title' ];
}
else {
$title = __( 'New title', 'wpb_widget_domain' );
}
// Widget admin form
?>
<p>
<label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label> 
<input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" />
</p>
<?php 
}
	
// Updating widget replacing old instances with new
public function update( $new_instance, $old_instance ) {
$instance = array();
$instance['title'] = ( ! empty( $new_instance['title'] ) ) ? strip_tags( $new_instance['title'] ) : '';
return $instance;
}
} // Class wpb_widget ends here

After adding the code you need to head over to Appearance » Widgets page. You will notice the new WPBeginner Widget in the list of available widgets. You need to drag and drop this widget to a sidebar.

Custom WordPress widget added to a sidebar

Now you can visit your website to see it in action.

Previewing your custom widget

Now let’s study the code again.

First we registered the ‘wpb_widget’ and loaded our custom widget. After that we defined what that widget does, and how to display the widget back-end.

Lastly, we defined how to handle changes made to the widget.

Now there are a few things that you might want to ask. For example, what’s the purpose wpb_text_domain?

WordPress uses gettext to handle translation and localization. This wpb_text_domain and __e tells gettext to make a string available for translation. See how you can find translation ready WordPress themes.

If you are creating a custom widget for your theme, then you can replace wpb_text_domain with your theme’s text domain.

We hope this article helped you learn how to easily create a custom WordPress widget. You may also want to see our list of the most useful WordPress widgets for your site.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Create a Custom WordPress Widget appeared first on WPBeginner.

12 Most Useful .htaccess Tricks for WordPress

Are you looking for some useful .htaccess tricks for your WordPress site. The .htaccess file is a powerful configuration file which allows you to do a lot of neat things on your website. In this article, we will show you some of the most useful… Read More »

The post 12 Most Useful .htaccess Tricks for WordPress appeared first on WPBeginner.

Are you looking for some useful .htaccess tricks for your WordPress site. The .htaccess file is a powerful configuration file which allows you to do a lot of neat things on your website. In this article, we will show you some of the most useful .htaccess tricks for WordPress that you can try right away.

Most Useful .htaccess Tricks for WordPress

What is .htaccess File and How to Edit it?

The .htaccess file is a server configuration file. It allows you to define rules for your server to follow for your website.

WordPress uses .htaccess file to generate SEO friendly URL structure. However, this file can do a lot more.

The .htaccess file is located in your WordPress site’s root folder. You will need to connect to your website using an FTP client to edit it.

.htaccess file on a WordPress site

If you cannot find your .htaccess file, then see our guide on how to find .htaccess file in WordPress.

Before editing your .htaccess file, it is important to download a copy of it to your computer as backup. You can use that file in case anything goes wrong.

Having said that, let’s take a look at some useful .htaccess tricks for WordPress that you can try.

1. Protect Your WordPress Admin Area

You can use .htaccess to protect your WordPress admin area by limiting the access to selected IP addresses only. Simply copy and paste this code into your .htaccess file:

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "WordPress Admin Access Control"
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
# whitelist Syed's IP address
allow from xx.xx.xx.xxx
# whitelist David's IP address
allow from xx.xx.xx.xxx
</LIMIT>

Don’t forget to replace xx values with your own IP address. If you use more than one IP address to access the internet, then make sure you add them as well.

For detailed instructions, see our guide on how to limit access to WordPress admin using .htaccess.

2. Password Protect WordPress Admin Folder

Password protect WordPress admin directory

If you access your WordPress site from multiple locations including public internet spots, then limiting access to specific IP addresses may not work for you.

You can use .htaccess file to add an additional password protection to your WordPress admin area.

First, you need to generate a .htpasswds file. You can easily create one by using this online generator.

Upload this .htpasswds file outside your publicly accessible web directory or /public_html/ folder. A good path would be:

/home/user/.htpasswds/public_html/wp-admin/passwd/

Next, create a .htaccess file and upload it in /wp-admin/ directory and then add the following codes in there:

AuthName "Admins Only"
AuthUserFile /home/yourdirectory/.htpasswds/public_html/wp-admin/passwd
AuthGroupFile /dev/null
AuthType basic
require user putyourusernamehere
<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any 
</Files>

Important: Don’t forget to replace AuthUserFile path with the file path of your .htpasswds file and add your own username.

For detailed instructions, see our guide on how to password protect WordPress admin folder.

3. Disable Directory Browsing

Disable directory browsing

Many WordPress security experts recommend disabling directory browsing. With directory browsing enabled, hackers can look into your site’s directory and file structure to find a vulnerable file.

To disable directory browsing on your website, you need to add the following line to your .htaccess file.

Options -Indexes

For more on this topic, see our guide on how to disable directory browsing in WordPress.

4. Disable PHP Execution in Some WordPress Directories

Sometimes hackers break into a WordPress site and install a backdoor. These backdoor files are often disguised as core WordPress files and are placed in /wp-includes/ or /wp-content/uploads/ folders.

An easier way to improve your WordPress security is by disabling PHP execution for some WordPress directories.

You will need to create a blank .htaccess file on your computer and then paste the following code inside it.

<Files *.php>
deny from all
</Files>

Save the file and then upload it to your /wp-content/uploads/ and /wp-includes/ directories. For more information check out our tutorial on how to disable PHP execution in certain WordPress directories.

5. Protect Your WordPress Configuration wp-config.php File

Probably the most important file in your WordPress website’s root directory is wp-config.php file. It contains information about your WordPress database and how to connect to it.

To protect your wp-config.php file from unathorized access, simply add this code to your .htaccess file:

<files wp-config.php>
order allow,deny
deny from all
</files>

6. Setting up 301 Redirects Through .htaccess File

Using 301 redirects is the most SEO friendly way to tell your users that a content has moved to a new location. If you want to properly manage your 301 redirects on posts per post basis, then check out our guide on how to setup redirects in WordPress.

On the other hand, if you want to quickly setup redirects, then all you need to do is paste this code in your .htaccess file.

Redirect 301 /oldurl/ http://www.example.com/newurl
Redirect 301 /category/television/ http://www.example.com/category/tv/

7. Ban Suspicious IP Addresses

Are you seeing unusually high requests to your website from a specific IP address? You can easily block those requests by blocking the IP address in your .htaccess file.

Add the following code to your .htaccess file:

<Limit GET POST>
order allow,deny
deny from xxx.xxx.xx.x
allow from all
</Limit>

Don’t forget to replace xx with the IP address you want to block.

8. Disable Image Hotlinking in WordPress Using .htaccess

Other websites directly hotlinking images from your site can make your WordPress site slow and exceed your bandwidth limit. This isn’t a big issue for most smaller websites. However, if you run a popular website or a website with lots of photos, then this could become a serious concern.

You can prevent image hotlinking by adding this code to your .htaccess file:

#disable hotlinking of images with forbidden or custom image option
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?wpbeginner.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L] 

This code only allows images to be displayed if the request is originating from wpbeginner.com or Google.com. Don’t forget to replace wpbeginner.com with your own domain name.

For more ways to protect your images see our guide on ways to prevent image theft in WordPress.

9. Protect .htaccess From Unauthorized Access

As you have seen that there are so many things that can be done using the .htaccess file. Due to the power and control it has on your web server, it is important to protect it from unauthorized access by hackers. Simply add following code to your .htaccess file:

<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>

10. Increase File Upload Size in WordPress

There are different ways to increase the file upload size limit in WordPress. However, for users on shared hosting some of these methods do not work.

One of the methods that has worked for many users is by adding following code to their .htaccess file:

php_value upload_max_filesize 64M
php_value post_max_size 64M
php_value max_execution_time 300
php_value max_input_time 300

This code simply tells your web server to use these values to increase file upload size as well as maximum execution time in WordPress.

11. Disable Access to XML-RPC File Using .htaccess

Each WordPress install comes with a file called xmlrpc.php. This file allows third-party apps to connect to your WordPress site. Most WordPress security experts advise that if you are not using any third party apps, then you should disable this feature.

There are multiple ways to do that, one of them is by adding the following code to your .htaccess file:

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

For more information, see our guide on how to disable XML-RPC in WordPress.

12. Blocking Author Scans in WordPress

A common technique used in brute force attacks is to run author scans on a WordPress site and then attempt to crack passwords for those usernames.

You can block such scans by adding the following code to your .htaccess file:

# BEGIN block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]
# END block author scans 

For more information, see our article on how to discourage brute force attacks by blocking author scans in WordPress.

We hope this article helped you learn the most useful .htaccess tricks for WordPress. You may also want to see our ultimate step by step WordPress security guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post 12 Most Useful .htaccess Tricks for WordPress appeared first on WPBeginner.