How to bulk update all WordPress pages or posts

Hello! Sometimes its necessary to perform mass or automated actions against your WordPress content. Reasons for this can vary, but in our scenario there was a bug in a plugin relating to translated content via WPML where afte a fix / plugin update was applied, resolving the content errors was as simple as re-saving an existing post (with no changes). Normally this wouldn’t be a problem but what if your site has over 1,000 pages or posts? Doing those one at a time , or even via the “Quick edit” method can be tedious and resource-taxing (both in-person and server resources!). Alternatively, what if you needed to update a byline in the post content, or standardize a title format for your posts? The reasons can vary again ,but I thought it might be helpful to include an automated process using a method called “bootstrapping” WordPress. What this really means is […]

How to sanitize and reset all WordPress user accounts with linux shell scripting and wp-cli

Hello! There are several key best practices insofar as how to deal with security intrusions, including but not limited to restoring from backups on a clean server. In this article, I will be going over how to create an automated shell script that completes the following actions across multiple WordPress sites on your linux server : 1. Sanitize user and group permissions 2. Sanitize WordPress core admin and include files 3. Update WordPress Core 4. Update All installed plugins 5. Iterate through all WordPress user accounts and reset the passwords The above actions can be implemented as part of a broader security policy when dealing with shared hosting environments where you are hosting multiple WordPress sites. I will touch on each of the above items including the shell script snippets that are required to implement each. At the bottom of this article I will share the entirety of the shell […]

How we created our own free content delivery network for WordPress users

Try out our Free CDN service by installing the Shift8 CDN WordPress pluginHello! We thought it would be an interesting challenge both from a DevOPS perspective as well as a web development and integration perspective to create our own fully managed content delivery network. Utilization of the network is geared specifically for WordPress users. The idea being to give users a dead simple way to leverage geographic CDN endpoints across the globe by simply installing a WordPress plugin and activating with the click of a button. You never have to leave your site to register on a 3rd party website, you never have to set up API keys by hand or troubleshoot problems. We wanted it to be simple. And to work! There are many components that need to be integrated and ultimately tied together in order for a system of this magnitude to work. I’ll try to break it […]

How to protect WordPress media files and only allow the users who uploaded them to view

Hello! In the past we have written about how to protect your WordPress media files. In the past exercises we utilized a strategy to set a session cookie with encrypted details that can be read and validated at the http service (i.e. nginx) as well as application (php/wordpress) level. Since then we have refined this process to be much more secure, flexible and efficient. We have abandoned the cookie validation process for verifying the request before serving it and replaced it with a slightly more complicated but much more secure method. First before getting into the details, why would we want to protect WordPress media files? Well the answer depends on what sort of site you have and what you are trying to do, obviously. In our scenario, which isn’t necessarily unique, we have end-users that register for an account in order to check out of a Woocommerce store. We […]

How to implement a government ID verification system with Woocommerce and WordPress

  Need this implemented on your site? Click here and fill out our quote form!   Hello! There are many reasons why your Woocommerce store may need a system to accommodate verifying the identity of your customers. Depending on what your selling and the local or federal laws that are in place, having the identity of your consumer verified may be needed for liability or compliance reasons. Additionally under certain conditions within your Woocommerce store (such as orders over a certain amount of money), validating the identity can dramatically reduce the risk of fraud and fraudulent transactions on your site. I’m going to go into details with how to implement a system into your Woocommerce store that will accommodate the following : Provide a section within the Woocommerce “my account” area for end-users to upload a digital image of their ID Add a new field for the user details to […]

How to make bulk changes to WordPress Woocommerce product attributes with PHP

Hello! Sometimes its necessary to make site-wide changes to WordPress posts in order to save time and programmatically propagate changes without having to edit each post one at a time. For bulk manipulation of WordPress data, it is sometimes effective to write a command line PHP script to hook into your WordPress environment and execute changes. One of the main advantages with executing these types of functions on the command line as opposed to a web based interaction is you are not subject to the same execution and other timeout restrictions for web based requests. This means that a command line PHP solution can run longer, which is sometimes needed for complicated efforts. In our example, we will break down the PHP Command line script, how to safely and securely hook into WordPress to take advantage of all the built in functions, and update all the products in our WordPress […]

#DeleteFacebook : How to poison, obfuscate and purge your facebook data before deleting your account

* Update : Thank you Vice for writing an article about my script! Unfortunately it seems as though facebook is actually blocking the ability for anyone to share the article. I wonder why? * Update 2 : Facebook is now allowing the Vice article to be shared, only after about 24 hours of blocking the ability. Hello! Through the course of web design and development, whether it be interacting with frameworks such as Laravel or WordPress, it is sometimes necessary to develop unit, load or stress tests with certain aspects of the user interface. A great set of tools to simulate real world interactions with websites in an automated way is the PhantomJS Webkit. PhantomJS is a “headless” (meaning no actual browser is required) kit that allows you to interact with elements of a rendered webpage. This will allow you to simulate Ajax calls, form submissions and essentially everything that […]

WordPress plugin to remotely manage and automate multiple WordPress sites

Hello! Being a Toronto based web design and development agency means that we interact with a significant number of WordPress sites. This tends to happen when a project starts (obviously), but often continues after a site is launched. This is something that we offer along the lines of “post launch maintenance”. By no means once a site is launched is our job done, and I’m sure a lot of other people in the industry can relate. If you follow the WP Vulnerability database notifications (if you don’t, you should), then you will see many notifications per day with various plugin or core vulnerability announcements. For this reason, among many others, we found ourselves struggling to automate and streamline the management of many client websites. We’re a fan of automation and have published articles on our efforts to integrate WordPress with Jenkins. With that particular plugin, we were able to automate […]

How to use Jenkins and Git to automate code pushes for your Laravel project

Hello! Recently we published guides how to push WordPress sites with Jenkins or how to push WordPress sites with a simple shell script. We thought it might be useful to give an overview of how to streamline your code integration process with Jenkins , GitHub and Bash shell scripting. The script I will outline below is definitely a starting point. There are of course efficiencies that could be made within this script, or perhaps that could be found with porting the logic within the script to Python. The idea behind this process is to automate and streamline code integration across your local development environment and potentially to a “staging” server where unit and other tests can be performed. Lastly a “production” push is included in this script. The strategy is to create a separate git branch for staging and production and to either push code directly or create a pull […]

WordPress plugin to get geolocation coordinates from a visitors IP address

Hello! We recently had a requirement from a client to generate content on a page specifically based on the geolocation coordinates of the visitor’s IP address. Now this sort of mechanism isn’t totally new, however we decided to develop a WordPress plugin called Shift8 GeoIP that would obtain this information and set it into an encrypted cookie. The reason why we wanted a plugin to set your coordinates in a cookie was because the mechanism to obtain the geolocation coordinates would never need to change. We could then develop the custom content generation (i.e. finding a “store” nearest to your location) could be done directly in the WordPress theme for the particular page in question. Furthermore, we decided to ensure that the cookie data was encrypted using OpenSSL in PHP to ensure that this geolocation data could not be obtained by third parties by simply reading the cookie data. Below […]