How to bulk update all WordPress pages or posts

Hello! Sometimes its necessary to perform mass or automated actions against your WordPress content. Reasons for this can vary, but in our scenario there was a bug in a plugin relating to translated content via WPML where afte a fix / plugin update was applied, resolving the content errors was as simple as re-saving an existing post (with no changes). Normally this wouldn’t be a problem but what if your site has over 1,000 pages or posts? Doing those one at a time , or even via the “Quick edit” method can be tedious and resource-taxing (both in-person and server resources!). Alternatively, what if you needed to update a byline in the post content, or standardize a title format for your posts? The reasons can vary again ,but I thought it might be helpful to include an automated process using a method called “bootstrapping” WordPress. What this really means is […]

How to transition your Toronto business online

Hello! Without a doubt, the covid-19 pandemic has caused a massive disruption to the global economy including a fundamental shift to how small, medium and large enterprise businesses can conduct their day-to-day operations. The impact of social distancing and other quarantine strategies as dictated by the various health regulatory bodies have had a staggering impact on brick-and-mortar businesses without a doubt. This shift, albeit temporary or more longer term, has put an onus of importance on establishing or improving an online presence. Many grocery stores, butchers and other essential retail businesses have transitioned to an online e-commerce ordering system to accommodate the ability to delivery grocery and goods to their customers. Having an online business can be the deciding factor as to whether you can actually continue operating as a business. Your front doors to your showroom may be closed, but your customers still will be able to browse and […]

How to sanitize and reset all WordPress user accounts with linux shell scripting and wp-cli

Hello! There are several key best practices insofar as how to deal with security intrusions, including but not limited to restoring from backups on a clean server. In this article, I will be going over how to create an automated shell script that completes the following actions across multiple WordPress sites on your linux server : 1. Sanitize user and group permissions 2. Sanitize WordPress core admin and include files 3. Update WordPress Core 4. Update All installed plugins 5. Iterate through all WordPress user accounts and reset the passwords The above actions can be implemented as part of a broader security policy when dealing with shared hosting environments where you are hosting multiple WordPress sites. I will touch on each of the above items including the shell script snippets that are required to implement each. At the bottom of this article I will share the entirety of the shell […]

How to Start an E-commerce Site in Toronto

One of the biggest roadblocks to starting a new business in Toronto is the upfront costs involved with opening a store or even securing office space. With today’s online economy, though, those expenses can be eliminated by opening an E-Commerce Site. These online sites provide you with a great virtual storefront that doesn’t come with a price-per-square-foot. It also allows you to market your products to people across Canada, North America, or even the world. You may actually be able to bring in many more customers and make a larger profit by going with an E-Commerce site instead of a traditional storefront. The biggest question most people have is simply “how to I get started with an E-Commerce site?” It may look like a large project at first, but selling online is actually pretty straightforward.   Become an Official Business It can be tempting to try to skip over registering […]

Web Design for Toronto Businesses

Hello! If you are operating a local business in Toronto, one of the most important things you need to do is maintain a web presence. Whether your business is a startup, business services or restaurant : your web presence is key to the fundamental survival and operation of your business. What does it mean to have a web presence? Well the most important aspect that reaches across any niche market or industry, especially in a local market like Toronto, is having your address and phone number indexes properly as a local Google business. We have put together a checklist of steps to ensure that your business is positioned as best as possible and as visible as possible. In a dense city like Toronto, it is more common than not to have very high competition for even basic visibility.   1. Create a Google My Business Account You need to create […]

How we created our own free content delivery network for WordPress users

Try out our Free CDN service by installing the Shift8 CDN WordPress pluginHello! We thought it would be an interesting challenge both from a DevOPS perspective as well as a web development and integration perspective to create our own fully managed content delivery network. Utilization of the network is geared specifically for WordPress users. The idea being to give users a dead simple way to leverage geographic CDN endpoints across the globe by simply installing a WordPress plugin and activating with the click of a button. You never have to leave your site to register on a 3rd party website, you never have to set up API keys by hand or troubleshoot problems. We wanted it to be simple. And to work! There are many components that need to be integrated and ultimately tied together in order for a system of this magnitude to work. I’ll try to break it […]

How to block your WordPress site from being scanned by WPScan with Nginx

Hello! First and foremost, why would you want to block WPScan from probing your site? Well we all know that security through obscurity is a bad practice. That said the risks of malicious activity on your site is undoubtedly heightened through many points of information disclosure that is freely available to parse and organize to make an accurate security risk assessment of your WordPress site. This type of information is easily attainable through automated scanners like WPScan. Tools like this scan for version tags in readme files, file size fingerprints and meta tags to determine not only the version of WordPress you are running but the version of each of the plugins you have installed. Why is information disclosure bad? Some would argue its not bad. Others would also point out that a 0-day WordPress core or plugin vulnerability could mean that minutes and hours of circumvention or lowered risk […]

How to inject advanced custom fields into your WPBakery post grid

Hello! Yes of course WPBakery / Visual Composer is bloated. Absolutely correct its more ideal to simply create your own page template with a custom WordPress query and design your own post grid from scratch. For smaller budget WordPress projects where time is money, it is sometimes ideal to go the post grid route. Why not? The customer wants the designed and customized end result but they have a restricted budget. WPBakery (aka “Visual Composer”) does save time in these scenarios, and there’s something to be said about applying customized CSS and jQuery to customize and tailor the vanilla packaged look and feel that these types of WordPress bundled solutions usually bring to the table. All that said, the point of this post is to describe how to properly inject custom ACF fields (advanced custom fields fields) into your post grids. Why would you want to do that? Well if […]

How to cache queries to admin-ajax.php in WordPress to improve performance

Hello! Working with wordpress for a while now, we noticed that many actions, whether administrative in nature or building a WordPress query on the front end, are dependent on the built-in admin-ajax.php or WordPress AJAX API. Since many 3rd party plugins depend on this Ajax API to dynamically push and pull data, it is unfortunately a common occurrence to have the performance of a site impacted when many AJAX API calls are happening. One of the tell tale signs of admin-ajax.php performance issues can be seen when inspecting the network connections of rendering a particular page on your WordPress site. If you filter “admin-ajax.php” in your network tab of the developer console in your browser, you should see clearly the admin-ajax.php POST that may be taking too long. In our experience, some post grid plugins that make it easy to render a grid of posts on your page heavily rely […]

How to protect WordPress media files and only allow the users who uploaded them to view

Hello! In the past we have written about how to protect your WordPress media files. In the past exercises we utilized a strategy to set a session cookie with encrypted details that can be read and validated at the http service (i.e. nginx) as well as application (php/wordpress) level. Since then we have refined this process to be much more secure, flexible and efficient. We have abandoned the cookie validation process for verifying the request before serving it and replaced it with a slightly more complicated but much more secure method. First before getting into the details, why would we want to protect WordPress media files? Well the answer depends on what sort of site you have and what you are trying to do, obviously. In our scenario, which isn’t necessarily unique, we have end-users that register for an account in order to check out of a Woocommerce store. We […]