The difference between Widgets – Plugins – Themes – Templates

/0 Comments/in ,

The Widgets

These are flexible additions to your website that you can place in specific areas such as the Sidebar (beside your content) or in the Footer (at the bottom of your website).

Some characteristics of widgets:

  1. Easy to move around by dragging them with the mouse
  2. Many popular plugins have widgets available to display information
  3. Can be used in fixed locations like the Sidebar, Footer, and sometimes the Header
  4. Widgets are designed as small components of your website

Click here to learn more about how widgets work.

The Plugins

These are additions to your website, such as a contact form or SEO tools. Plugins are developed to expand the functionality of your website and also to enhance your WordPress Dashboard.

Some characteristics of plugins:

  1. Average size between 1-2 MB
  2. Can be downloaded for both free and paid
  3. Provide WordPress with endless possibilities
  4. Sometimes the cause of a hacked website
  5. Load scripts, which can make your website slightly slower
  6. Need to be regularly updated

Click here if you want to learn about plugins.

The Themes

A theme contains the design of your pages. Sometimes it’s only for the homepage, blog pages, and subpages, but in luxury themes, it can also style your contact forms and landing pages.

Some characteristics of themes:

  1. Can be downloaded for both free and paid
  2. Determine 70% of what a visitor thinks about your website
  3. Can sometimes be vulnerable, leading to a hacked WordPress website
  4. Affect the speed and readability of your website for both visitors and Google

The Templates

These are individual pages. Think of a landing page, a contact page, or a style for blog posts or portfolio items.

Some characteristics of templates:

  1. They are easy to add to your current theme
  2. A custom template can save a lot of work if you have many pages with a specific layout
  3. By loading code specifically on one template, you ensure that other pages remain fast

Be selective with plugins & themes

Every theme and plugin adds code to your website. Among that code, there may be vulnerabilities that allow hackers and scripts to enter your website, such as placing their advertisements.
As of the writing of this article, there are 4000+ known vulnerabilities in themes and plugins that are often exploited by automated scripts (bots).

Limit the number of plugins to what you truly need and do not keep unused plugins and themes on the server, as they can also be accessed by hackers! Reduce the attack surface.

Finally, regardless of the theme or the number of plugins on your site, always use a good antivirus plugin for WordPress to limit the capabilities of hackers and scripts.

Backing up WordPress!

/0 Comments/in , ,

A backup of your WordPress website is crucial, as a lot of time and money goes into creating a good website! Think about writing content, finding the right plugins, and sourcing beautiful images.

A reliable backup is your savior in case anything happens to your website. Especially the WordPress database, where all your posts and pages are stored, is crucial not to lose.

It’s important to have a complete backup of all the data on your server and the database containing all the information.

You can download Updraftplus Premium or Free here.

Making a complete backup with just one click

We have tested several free plugins, and one of the best free plugins we have come across is Updraftplus. This plugin allows you to create a backup of all your data, including the database!

backup restore wordpress

Restoring a backup

Having a backup is important, but it gets even better: Updraftplus also allows you to restore your plugins, themes, and more from the backup!

backup-restore-wordpress

This is useful when your website gets hacked, when you accidentally delete a plugin, or when an update of a plugin causes issues with your website. This happens quite often!

More advantages of Updraftplus

Updraftplus offers many features in its free version, including:

  • Restoring only plugins and themes
  • Writing the backup to another server
  • Automating backups based on hours, days, or weeks
  • Translated into Dutch
  • The ability to count the size of plugins, themes, etc.

Cloud services

If you want to use Dropbox or another cloud service, they even offer premium add-ons to further expand the functionality of the plugin.

Plugins? Don’t!

/0 Comments/in

That plugins are vulnerabilities for hackers, we have known for a long time. Right? And that plugins are constantly being hacked is well-known among WordPress users.

No?

Then, this is a wake-up call…

5 Popular Plugins Often Hacked

  1. WP Super Cache
    Hacked 10 times in 2 years!
    Screenshot_29 Jun. 09 14.20
  2. All in one SEO pack
    Hacked 5 times in 2 years.
    Screenshot_29 Jun. 09 14.19
  3. BB-press
    Hacked every year: 2014, 2015, 2016.
    Screenshot_29 Jun. 09 14.21
  4. WooCommerce
    The list is too long to put down, hacked 21 times in a few years.
    Screenshot_30 Jun. 09 14.24
  5. Nextgen Gallery
    Who hasn’t used it for photo albums?
    Screenshot_30 Jun. 09 14.25
  6. Bonus: Jetpack
    Used by millions of websites but often found vulnerable!
    Screenshot_32 Jun. 09 14.30

And the list of hacked plugins goes on…

There are many plugins that have been hacked, see WPvulndb.com.

Both unknown and the most popular plugins fall victim. Hackers target popular plugins because they know that way they can affect many websites.

Note: Hackers write a script that automatically scans websites on the internet for vulnerable plugins. This happens with hundreds of websites per hour; the hacker is, of course, not manually hacking each website.

What Does This Mean for My WordPress Website?

Use as few plugins as possible and don’t leave them deactivated on the server!

Keep the plugins up-to-date or ensure good security.

Have a backup! This way, you can restore the website to a point before the hackers got in and then update or remove the plugins.

Have You Been Hacked?

If your WordPress website has been hacked, you will need to thoroughly examine WordPress and all files on the server to remove the backdoors and scripts. Then, you’ll need to work hard to secure the website.

Alternatively, you can leave it to us:
Let us restore your hacked WordPress website.

Update plugins or not update plugins?

/0 Comments/in

Updating plugins… you can do it with one click, but if your website encounters a conflict with other plugins, the theme, or WordPress, you can’t undo it with one click!

What to Do If a Plugin Update Causes an Error

  1. You can find the old release of that plugin and replace the latest plugin with the old release using an FTP program.
  2. You can restore a backup, and if you don’t have one, contact your web host. They might have a backup from a week or longer ago.
  3. You can check if there is already a topic opened about it on the official WordPress NL forum.
  4. Or follow the paths and instructions shown in the error and dive into the code to fix it. (For advanced users)

Can You Know in Advance If a Plugin Will Cause an Error?

You can only know this if you do research on Google or the WordPress forum. Type the name of the plugin and add “update error” or “update bug” after it. But that’s searching for problems. Checking if a plugin causes issues is actually a lot of work that few people want to do.

How to Identify Which Plugin Is Causing the Error?

If the plugin(s) have been updated, and you see an error on your website, you can deactivate the plugins one by one until the error disappears. Once the error is gone, you will know which plugin is causing it.

If your website shows a “white screen” without an error message, you can enable error display in the wp-config.php file by setting DEBUG MODE to TRUE

The Convenience of Having a Backup

If only you had a backup! Then you could easily restore your old plugins with a few mouse clicks. A backup is essential when you regularly update plugins. Backups can be done in various ways, manually through FTP, via Cpanel-Directadmin, or using a backup plugin.

Psst: Don’t Tell Anyone

We recommend not updating plugins every week/month when a new release is out, but rather every 4-6 weeks. Often, these releases include new features that might bring along bugs (code conflicts). Only update immediately when it’s necessary, such as with a security update.

Use your judgment and insight when updating; don’t click on the “update” link immediately when a new update appears!

Displaying your WordPress website in multiple languages

/0 Comments/in

Showing your website in multiple languages is important if you have an international business. While the Netherlands has much to offer in the business world, you may want to expand your company’s reach to broader markets like the English or American market. At the time of writing, the Netherlands has 16.8 million inhabitants, whereas the United States has 318 million people!

That’s a huge market!

Displaying Your Website in Multiple Languages with a Plugin

There are several plugins available, such as WPML, PolyLang, and Stella free.

WPML comes at a cost but is the most renowned plugin with extensive support. Many plugins are WPML certified, meaning they work well with WPML. WPML stands for WordPress MultiLangual and has been available online for some time.

You can purchase WPML here.

Below is a screenshot of the simple translation feature within pages and posts.

wpml

WPML is highly regarded but comes with a price tag.
(However, as a business, you can write off this expense.)

With WPML installed, you have various features at your disposal. The option you will use most often is the translation capability.

Click the “plus” or “pencil” icon to create or edit a page in another language.

As mentioned, the WPML plugin is flexible, allowing you to customize various aspects. It also works well with many plugins, enabling you to use “string translation” to make certain plugins multilingual.

We have installed WPML for 9 out of 10 clients, and 6 out of 10 of them either already used it or preferred it because they had experience with it elsewhere.

It’s highly recommended, but WPML is not free, and at the time of writing, it costs $39 per year for 1 website or $199 for unlimited websites a year.

A Cost-Effective Solution, Stella!

The Stella plugin, available in both Free and Premium versions, is a more affordable option at $14.99.

We tried the Free version, and if you simply need a plugin to translate your posts or pages, Stella is a good choice.

We purchased the premium version for the modest amount of $14.99 and were able to make some clients happy with it.

You can download Stella here.

Simple Yet Effective

The plugin displays translations on one page, making it easy to switch between languages.

wordpress vertaling

Next, let’s talk about PolyLang.

PolyLang

As you read earlier, we have WPML in use for 9 out of 10 websites, so PolyLang was something we had used a while ago. We installed the latest version to see how it works!

polylang wordpress meerdere talen

It took a little bit of figuring out, but in the settings, you can choose one or more languages after installation, and they will appear in the pages and posts overview, just like WPML.

You can download Polylang here.

Enjoy!

The above-mentioned plugins are the best ones we know and have found for making WordPress multilingual.

If you know of other plugins or have experience with WPML, PolyLang, or the Stella plugin, feel free to share your thoughts!

Is this WordPress plugin still safe?

/0 Comments/in

When adding plugins, you may sometimes see a notification stating that the plugin hasn’t been updated for more than 2 years.

Does this necessarily mean that the plugin is insecure?

Some plugins have simple functions with only a few lines of code that don’t need to be updated.
Updating a plugin is only necessary when it contains vulnerabilities that can be exploited by hackers.

How to determine if a plugin is still secure

wordpress plugin database

One way to find out if a plugin is vulnerable is through www.wpvulndb.com.
At the time of writing, this website has registered over 8000 vulnerabilities in plugins and themes.
Use the search bar to check your plugin.

If you are a programmer, you can also perform a check using WPscan.
This is a bit more complicated and requires knowledge of various software and operating systems.

search in google

Another method to check is by entering the plugin name in Google’s search engine.
Google the name of the plugin + hack, hacked, malware, injection. Do this primarily in English as you’ll have the greatest chance of getting results.

What to do if a plugin is outdated or vulnerable?

WordPress currently has more than 51,000+ plugins.
There is a good chance that you can easily find an alternative plugin that can fulfill the same role.

Above all, do not take any risks if the plugin is on the list of www.wpvulndb.com.

Automated scripts test thousands of websites daily for vulnerable plugins.
These scripts quickly find your website via Google and inject advertising or malware into your website.

Plugins, the weakest link in WordPress

/0 Comments/in ,

WordPress takes security seriously, and the company behind WordPress, “Automattic,” regularly releases security updates. Since 2007, we have been working with WordPress, and we can say that WordPress has always been one of the safest Content Management Systems, and it still is.

However, not every corner of the WordPress world is sunny. With 48,000+ free plugins created by unknown companies and developers, there are also many vulnerable plugins that become the weak link in WordPress’s watertight system.

Some Popular Plugins

Here are a few examples of popular plugins that have had security issues:

  1. All in One SEO – Improves Google rankings (2 vulnerabilities in 2016)
  2. W3 Total Cache – Speeds up the website (8 vulnerabilities in 2016)
  3. Contact Form 7 – Creates easy-to-use contact forms (last 3 vulnerabilities in 2014)
  4. Advanced Custom Fields – Enhances WordPress for advanced business websites (2 vulnerabilities since 2014)
  5. Akismet – Prevents comment spam (last vulnerability in 2015)

These are just five random plugins, but at the time of writing, there are 5194 known WordPress core, plugin, and theme vulnerabilities.

1 or 2 vulnerable plugins on my site are not a problem, right?

You might think, “Who would try those vulnerable plugins on my website?!” But here’s the bad news: at least 30,000 to 50,000 computers are actively hacking and processing 1000 requests per minute! Fully automated!

Calculation:
30,000 computers x 1000 requests = 30,000,000 x 24 hours
That’s 43,200,000,000 hacking attempts per day.

This only refers to home hackers who use programs to search the internet (Google) for injecting plugins. If we add the scripts running through servers, you wouldn’t believe how many websites are attempted and successfully hacked daily (to show advertisements).

All that effort for a little advertisement?

Indeed, once a site is hacked, the hacker will only display advertisements.

Consider what that does when a hacker can place their product on thousands of sites weekly, and some people end up buying it. The hacker exploits the trust that these sites have built with their customers. When a customer buys a product from the hacker’s webshop, the hacker earns good money. Usually, these products are expensive, and there’s uncertainty about whether they’ll arrive. In short, there’s a lot of money to be made in a short time without much effort.

Preventing Hackers from Exploiting Your Website

This antivirus plugin is specially developed for WordPress. The plugin is fully in Dutch and gives you a great advantage over hackers.

The plugin blocks injections, protects your server, and shows you who is attempting to log in to your WordPress falsely. This antivirus plugin combats hackers in over 200 ways and blocks many of their attempts.

All our sites run with this antivirus plugin because we don’t give hackers a chance!

More Tips to Protect Against Hacks

  1. Install a good antivirus for your WordPress website.
  2. Keep your WordPress up-to-date.
  3. Do not install unnecessary plugins and remove inactive plugins.
  4. Ensure your server is up-to-date.
  5. Regularly check if everything is running smoothly using Sucuri.
  6. Check the plugins you use for known vulnerabilities.

Managing the database through the WordPress admin

/0 Comments/in

The WordPress database contains a lot of important information.
Think of all the pages, users, news articles, and more!

Sometimes you need to manage the database, for example when you can’t log in anymore or when there are errors.

We regularly check our clients’ databases because hacks and unwanted advertisements can be found in the database.

If you don’t have PhpMyAdmin

If you want to manage the database, you undoubtedly use PhpMyAdmin. But on some web hosts, PhpMyAdmin is not installed at the regular address: www.yourdomainname.com/phpmyadmin

PhpMyAdmin may still be accessible through cPanel, DirectAdmin, or your web hosting control panel, but if you’re not an experienced programmer, you’ll need to search carefully and log in 2-3 times.

There is an easier way!

Use ARI Adminer Lester’s WP DB Manager to manage your database

ARI Adminer is a plugin that is no longer available, so you install (at the time of writing) the WP DB Manager, which you can install via your plugin management or manually download and install through this link. Then it’s just a matter of starting it up, and you’ll have a good reasonably functioning control panel at your disposal, where you can edit, delete, and empty database tables.
In many cases, it is not necessary to enter database credentials to use this database manager! And that saves you some searching 😉

https://nl.wordpress.org/plugins/ari-adminer/

WP-DBManager

Safety first!

Once you have made the necessary adjustments with this great plugin, it’s a good idea to remove it.
Of course, you don’t want to leave unnecessary plugins on the server that can provide extra opportunities for hackers and malware!

What are your visitors looking for?

/0 Comments/in

Discover what your visitors are searching for with Search Meter, the ideal WordPress plugin.

It often happens that you’re looking for a specific product or piece of information and end up on a website through Google where you can’t find what you’re looking for.

Many websites have a search bar that allows you to search within the website.

search within the website

But even then, you still can’t find what you’re looking for! You continue your search on Google and click away from the website.

As a website owner, you want to prevent your visitors from leaving without finding the right information. But to do that, you need to know what they were looking for and whether they could find it!

That’s where this free WordPress plugin, Search Meter, comes in.

Search Meter is a brilliant plugin that does the following:

  1. Search Meter shows you the words visitors entered in your search bar.
  2. Search Meter collects the search terms from the past week, month, and more.
  3. Search Meter shows you how many results the search queries yielded.

WordPress search

The great value of Search Meter for WordPress

You quickly see what your visitors are searching for and whether you have pages or posts that discuss those topics. This way, you can provide the information they are looking for and retain your visitors!

The plugin is easy to activate and will work through your regular WordPress search bar. No complicated programming, just a few mouse clicks.

Convenience at its best!

Download this free plugin.

Or simply search and activate it through your plugin menu in WordPress

installing WordPress plugin

Turning off comments in WordPress

/0 Comments/in

Are you tired of those comments too? They are often written in English and advertise products you will never buy!

Even if you have disabled comments on your WordPress website, the comments still appear in your admin area 🙁
Even when there are no comment forms on your pages and posts.

Follow these 4 steps and never see the comments again:

  1. Go to Plugins » Add New in your WordPress admin
  2. Type disable comments in the search bar
  3. Click on Install, and then on Activate
    reacties verwijderen

 

Don’t forget step 4!

Now that the plugin is active, you need to configure it under Settings » Disable comments.

You can choose to disable comments everywhere or specifically for each page or post.
reacties uitzetten wordpress

If you don’t want to see any comment notifications anymore, click on “everywhere.”

Yes! All those comment notifications are gone

That saves you from having to delete unwanted comments daily 😉

Did you find this tip helpful?! Many people with a WordPress website face this issue, so share this tip with your friends to help them get rid of it too!