FREE visual builder for Joomla! Try Quix 2 today

How To Track & Display WordPress Post Views Without Any Plugin

How To Track & Display WordPress Post Views Without Any Plugin

Hopefully, you have already seen some blogs use displaying the total view number for every post to prove their visitors engagement, and now you may want to know how it is done?

Do you want to know how many times a particular post has been viewed and as well as want to show the result to your viewers?

In this tutorial, I will show you step by step how you can display the total number of views of a particular post without using any plugin.

This is a three simple steps process and its pretty much easy to follow.

First Step:

Add this codes from the following block in your themes function.php file. It will configure your theme to enhance this functionality.

function getPostViews($postID){
    $count_key = 'post_views_count';
    $count = get_post_meta($postID, $count_key, true);
        delete_post_meta($postID, $count_key);
        add_post_meta($postID, $count_key, '0');
        return "0 View";
    return $count.' Views';
function setPostViews($postID) {
    $count_key = 'post_views_count';
    $count = get_post_meta($postID, $count_key, true);
        $count = 0;
        delete_post_meta($postID, $count_key);
        add_post_meta($postID, $count_key, '0');
        update_post_meta($postID, $count_key, $count);
// Remove issues with prefetching adding extra views
remove_action( 'wp_head', 'adjacent_posts_rel_link_wp_head', 10, 0);

The following code will count the views when someone refreshes or view the post, and it won't discriminate between visitors.

Second Step:

Now add the following line of code in your single.php file within the loop. It will track the views and set the views of each post.


Third Step:

Now at the last step use the following line of code where you want to display the view number inside the loop. It will get the post view number from the last step where you call the set function to track the post views.

echo getPostViews(get_the_ID());

The following image manifests that the code works finely on my local server:


Kudos to Wpsnipp for creating such useful snippet.


Hope you have found this article helpful. Let us know your opinion or questions if any through the comment section in below.

How to Create a List of Forbidden Words for WordPress Titles

How to Create a List of Forbidden Words for WordPress Titles

As an owner of a blog or a website, you have to manage your site and may want to avoid the using of forbidden words or phrases.

If you are the all in one of your blog then there have might not anything to be tensed to manage your site but if you are running a multi-author site, then you should think about this matter.

Because it is quite impossible to keep all the authors informed about the editorial style and policy of your site.

You can warn your authors about the policy of your blog, leave editorial comments, add notes or custom statuses, but these will not monitor all the contents.

As a result, you need to review all the contents manually which means more work for you.

Today in this short tutorial, you came to know how to create a list of forbidden words for WordPress titles.

How to Create a List of Forbidden Words for WordPress Titles

At first, add the following snippet of code to the bottommost of your theme’s functions.php file.

function tx_forbidden_title($title){
global $post;
$title = $post->post_title;

// Add forbidden words or phrases separated by a semicolon 
$forbidden_words = "word1;word2;word3";

$forbidden_words = explode(";", $forbidden_words);
foreach($forbidden_words as $forbidden_word){
    if (stristr( $title, $forbidden_word))
    wp_die( __('Error: You have used a restricted word "'. $forbidden_word .'" in the post title') );
add_action('publish_post', 'tx_forbidden_title', 10, 1);

In the line of five, insert the words or phrases which you want to ban at the "$restricted_words" variable. And must use a semicolon to separate different words and phrases.

Now save the file and refresh your site.

This snippet of code just triggers a little function. A condition has kept in the "foreach" loop that checks the post title for restricted words when an author tries to publish a post.

If it finds any restricted word in the post title, then it will show the author an error message like the following one.



That’s mainly it. I hope, by this time you have learned how to add a list of forbidden words for WordPress post titles. Have any questions?

Make a shout if you have any question regarding this article through the comment section in below.

The Beginner Guide to setup a Multivendor eCommerce Website

The Beginner Guide to setup a Multivendor eCommerce Website

In this 21st century, eCommerce has been becoming a booming industry all over the world.

You can buy and sell almost everything at your doorstep with the magic of eCommerce. It has changed our lifestyles entirely because we don’t have to spend time and money in traveling to the market.

There has been a ripple in the number of eCommerce websites popping up over the past few years, but not every eCommerce endeavor became a successful one.

Does that mean you should abandon your dream of next eCommerce business? Definitely, not.

In this tutorial, I’ve come up with the beginner guide to setup a multivendor eCommerce website.

I will go through the major issues which play a crucial role in the success of a multivendor eCommerce site.

Read on to find out the beginner guide including major factors with the detailed description of each point.

1. All about Domain Names

One of the first, most important and crucial decision you have to make when starting a new business is choosing a domain name.

A short, and memorable domain name has always been the difference between creating a successful presence online and getting lost in cyberspace, with more than half a billion domain names in existence.

Whatever sector of your eCommerce business operates in, having a strong domain name is vital to your success.

2. Choose your System carefully

At the starting time of a new business, you may be feeling a mixture of emotions such as excitement, confusion, apprehension, and impatience.

Coping with this circumstances, another crucial decision you have to make after choosing your domain name is the eCommerce platform which you should use to power your store.

And this is one of the most confusing issues to take the decision at that time.

If you are already using WordPress or plan to build your website with WordPress, here are three familiar and open source WordPress eCommerce plugins for you.


WooCommerce is the most popular WordPress eCommerce plugin comes from the developers of the famous Woothemes and acquired by Automattic in 2015.

This plugin provides a lot of features including a dashboard widget so that you can quickly check the progress of your online businesses and promises to provide robust eCommerce facilities.

It is highly customizable and comes with multiple payment options including Paypal, Cheque, Cash on delivery and many more options.

A large number of add-ons and themes with a great and passionate user and developer community behind it make this platform more demanding.


Dokan is a multivendor WordPress plugin that leveraging the power of WooCommerce.

With Dokan you can easily build a multivendor marketplace like Amazon or eBay.

Every seller of your site will get a unique URL for their store that will be useful for their branding issue. They can manage their products and orders from the frontend of your site, so they don't need to visit the WordPress admin area.

As a site owner, you will get a percentage from each sale. That the way the site owner and the seller both will earn money.

Dokan has downloaded more than 13,000 times and made more than 2000 marketplaces worldwide. It has support for PayPal, PayPal Adaptive, Stripe, Bank Cheque, and Cash on delivery.

WP ECommerce:

With over 50,000 downloads, WP eCommerce is one of the most popular eCommerce plugins for WordPress in the market now.

It can easily use with any WordPress Themes and also easy to install. It is highly customizable and provides a broad range of payment options including Manual (cheques), PayPal, etc.

3. Choose the Best Theme

A powerful, professional, good-looking and user-friendly theme for your eCommerce store is incredibly important. It is the customer's first brand experience and exposure.

Finding the perfect theme, or even selecting a designer who understands your goals, can eat up time you don't have.

Have a look our hand-picked WordPress theme, WooSome - One of the best WordPress eCommerce theme.

This theme is powered by WooCommerce and includes Visual Composer, Revolution Slider, and PSD with it that you can save total $65.

The responsive design lets your website looks good on every screen. The variations in Header, Footer and Homepage and Theme Options Panel allows you customize everything without any knowledge of coding.

65+ shortcodes and Drag & Drop page builder will make your life easier, I promise.

4. Enhance the Security of your site

Your business website is a valuable property like your others property, and you should ensure that it’s safe from thieves and intruders.

WordPress itself built with a stable and secure framework, but this doesn’t make it immune from hackers.

There have a lot of available plugins that offer protection for WordPress websites. Below are the most powerful and well-known.

5. Optimized your site for Search Engine

Search engines have become increasingly sophisticated day-by-day, but they still can't see and understand a web page the same way a human can.

That is why SEO become the most important aspect that is making a website accessible to both search engine and users to understand the site. The listed in below are the most powerful SEO plugin for WordPress.

6. Speed up your Site

According to kissmetrics report, 47% of users expect your web page to load in under two seconds, and 57% of visitors will abandon your page if it’s take 3 seconds or more time to load.

Therefore, when a visitor lands on your site for the very first time; you only have a few seconds to capture their attention to convincing them to hang around.

If your site takes too long to load, most people are gone, lost before you even had a chance.

To speed up your WordPress website use one of a plugin from below.

7. Keep attention on Online Marketing

Online marketing enables a store owner to open their business around the clock without worrying about store opening hours or overtime payments for workers.

Consumers can browse an online store at any time and place orders when it is convenient for them. Offering the products on the Internet is also convenient for them. You can use the following plugins for internet marketing.

8. Backup your Site

Suppose you have a middle-sized website with lots of contents and regular visitors. You have regular consumers and regular activity on your site.

In the course of time, the site is growing, content renewal has been attracting new visitors, and the site has established a continuous communication with them every day.

What would happen if you woke up tomorrow and your web host had accidentally deleted your website?

That is why you should backup your site every day.

Fortunately, there are plenty of excellent WordPress backup plugins available that will back up your pages, posts, product descriptions, and whatever else you have on your site.

9. Multiple Payment System

The Payment Systems is one of the most important things you should consider when building your Online Business.

Presenting your customers with a variety of payment systems will ensure the customer satisfaction from your store and also remove the probability of a consumer being lost.

By default WooCommerce provides some basic payment methods, these are Direct Bank Transfer, Cheque Payment, Cash on Delivery and PayPal.

The plugins in below let you present more payment options to your customers.

Some Last Words

Creating an eCommerce store is not a simple process to complete start-to-finish. The guidelines offered here are just some of the major steps to creating your first eCommerce store and provides a comprehensive walkthrough.

If you have any suggestions for launching an online store, please let us know through the discussion section below, we do appreciate them!

How to Identify And Fix Broken Links on Your WordPress Site

How to Identify And Fix Broken Links on Your WordPress Site

Broken links refer the links on your website that directs or points your visitors to a page or a file that no longer exists. It is also known as dead links.

How do you feel when you click on a link and end up with “404 page not found” error? In general, you become annoyed with this kind of actions.

Truly, Broken links are annoying and create the bad user experience. And the most important issue is, it's bad for your website’s SEO.

So how do you know if you have any broken links?

There are several process to check for broken links depending on which platform you are using.

Google Webmaster:

In general, Google Webmaster Tools provide a free service for all kind of platforms. It will show you the “crawl errors”, which include your broken links.

You can see exactly how many broken links you have on your website and exactly which URLs no longer existed and were generating 404 errors. Google Webmaster also provide you other useful diagnostic information for best SEO practice.

Broken Link Checker - WordPress Plugin:

If you are using WordPress platform, there are lots of plugins to help. Among them, the Broken Link Checker plugin is the most popular and is active on more than 400,000 WordPress sites.

This plugin can detect your articles, comments, and other content within your website, for redirects, broken links, and missing images and prevent search engines from following those broken links.

Methods to fix website's broken links:

After creating a list of broken links on your site, you can proceed to repair them. There are a few methods in which you can do this.

Correct the Links: If you have linked to a website with incorrect information or URL, you need to edit all the URL and replace it with the correct value.

Regenerate the Links: If you have referenced a resource that is no longer exists, or has not updated in a couple of years, just replace the referenced website with an alternative resource.

Remove the Links: You may want to remove the link permanently if it is no longer exists, or is no longer relevant.

Here I'll show you how to remove broken links using Google Webmaster Tools.

Step 1: Open your webmaster tool account and click on Crawl Errors as shown in the screenshot. Now click on download and saves these as an excel file.

Step 2: Go to Google index at left most side and then click Remove URLs. Then a new page will open which would ask you to Temporarily hide request. Click on Temporarily hide request and enter one of your broken link URL, which you had previously stored in your excel file.

Step 3: Press the button of "Submit Request".

Step 4: In this step, you will get a notification about "Your requested URL has added for removal".

After few hours, your broken links or URLs will be removed from the web and will never disappoint your organic traffic.

Finishing Words:

Which platform you are using it doesn't a big issue, but broken links on any site are not good for a website's SEO.

Hope this post will help you to fixed the broken links successfully. Let us know your experience or suggestion through the comment section.

How to Create Custom Shortcode for WordPress

How to Create Custom Shortcode for WordPress

WordPress shortcodes introduced in its early version 2.5 before about six years ago and since that time, shortcodes are used to increase the functionality of WordPress.

The shortcodes are a particular tag that you can enter into a post or a page which gets replaced with different content when visitors are viewing the post or page on the website.

You’ve probably used shortcodes before, but did you know it’s pretty easy to create your own, with no plugins necessary?

In this tutorial, I will show you how to build some simple WordPress shortcodes for the subscription that will help you to create any functionality in future as you like.

You can directly create your shortcode function in the functions.php file or build a simple plugin. I'll show you both but at first, I go through the functions.php file.

Simple Facebook Follow ShortCode

In the beginner part of this tutorial, I will create a simple shortcode that will do the similar task in every time whenever you type it in the editor.

First, you need to create the callback function that will return the message what you want to show (in shortcodes we don’t echo anything, everything returned).

Just go to your functions.php file and paste the code snippet at bottommost.

function subscribe_link(){
    return 'Follow us on <a rel="nofollow" href="">Facebook</a>';
add_shortcode('subscribe', 'subscribe_link');

Test the ShortCode

Our shortcode is ready to use. Just add the code [subscribe] to your post or page wherever you want to show it.

See the image in below; it works correctly.

How To Add Parameters in Shortcode

Usually, you need to add a dynamic functionality in your shortcode and don't want to show the same content in every time.

As I am talking about subscription, there are lots of social networking sites in today's world; you may also want to get touched with your audience through many social sites. Therefore, I will show you how to add a parameter to the shortcode to change URL of social sites.

Again, just go to your functions.php file and add the following codes in there.

function subscribe_link_att($atts) {
    $default = array(
        'link' => '#',
    $a = shortcode_atts($default, $atts);
    return 'Follow us on '.$a['link'];
add_shortcode('subscribe', 'subscribe_link_att');

Test ShortCode Parameteres

Now insert the following code to your post or page wherever you want to show it.

[subscribe link='']
[subscribe link='']

So, here is the image that shows it works correctly.

Working with Content

You have noticed that the previous example shows the direct link to social sites, but this process is not user-friendly. It looks good if it is possible to bind the links in HTML anchor tag.

Therefore, I will now show you how to working with contents within a shortcode.

It is quite same with the previous example just a tiny differences.

You need to add one extra parameter in the function and initially declare its value as null. And then call the do_shortcode function to use the contents.

See the following code.

function subscribe_link_att($atts, $content = null) {
    $default = array(
        'link' => '#',
    $a = shortcode_atts($default, $atts);
    $content = do_shortcode($content);

    return 'Follow us on <a href="/.$a['link']." style="color: red">'.$content.'</a>';
add_shortcode('subscribe', 'subscribe_link_att');

Testing Content ShortCode

Insert the following code to your post or page.

[subscribe link='']Facebook[/subscribe]
[subscribe link='']Twitter[/subscribe]

Look at the image. I have add style in the anchor tag. Hence, the link text looks red.

ShortCode with a Plugin

If you don't want to customize your functions.php file, you can create a simple plugin to utilize this shortcode functionality.

To create a plugin just go to your plugin folder and make a folder named subscriptions and create a PHP file inside it with the same name, that means the plugin folder name and PHP file name will be same.

Now add the heading details of the WordPress plugin. You may follow the example in below:

Plugin Name: Subscriptions
Plugin URI:
Description: A very basic test plugin for subscriptions
Version: 1.0
Author: ThemeXpert
Author URI:
License: GPL2

Cut the code from your functions.php file which you added a few minutes ago and now insert here in the plugin file, below the heading information of plugins file.

Now you can see your plugin in the plugins directory. Just activate the plugin and follow the same process as before.

I hope you have enjoyed this whole tutorial on creating a unique shortcode for your WordPress website. Share your opinion through the comment section.

How to Make WordPress Featured Post Carousel

How to Make WordPress Featured Post Carousel

If you look at today's blog websites, you may notice a trend in design and development. In these days, blog owners love to have a carousel for featured posts on their blog home page.

A carousel draws the attention of readers to the blog posts selected by the owner and allows the visitors to glance quickly through some of the best posts. It is a smart and ovation way to promote the blog.

Many of bloggers or site owners seek help from various plugins to achieve the slider for featured posts. However, I prefer to code it directly in the theme.

In this tutorial, I’ll create an elegantly featured post carousel for WordPress.

Look at the image in below. You can see that there is no carousel for the featured post on my blog right now.

To add a featured post carousel just follow the following steps.

Step 1: I am going to use Owl Carousel for our featured post slider. At first, Download Owl Carousel from their official site.

Step 2: Go to your cPanel and upload owl.carousel.js file in the JS folder and upload owl.carousel.css file in the CSS folder.

Step 3: Create a JS file named slider.js in your JS folder and add the following code snippet.

  var owl = $('.owl-carousel');

Step 4: Now you need to enqueue all of your style and script files. Just go to the functions.php file in the template that you are using and add the following codes at the bottommost.

function owl_carousel_style(){
  wp_enqueue_style('owl-carousel', get_template_directory_uri().'/css/owl.carousel.css', array(), '1.0');
function owl_carousel_script() {
  wp_enqueue_script('owl-carousel', get_template_directory_uri().'/js/owl.carousel.min.js', array( 'jquery' ), '1.0', true);
  wp_enqueue_script('owl-carousel', get_template_directory_uri().'/js/slider.js');
add_action('wp_enqueue_scripts', 'owl_carousel_style');
add_action('wp_enqueue_scripts', 'owl_carousel_script');

Step 5: And Finally, go to your index.php file or wherever you want to display this carousel and paste the code of below.

   // Create array of all the sticky_posts
    $stickies = get_option( 'sticky_posts' );
    // Count how many there are, if any
    $count = count( $stickies );

    // Create a set of arguments to pass
    $args = array(
        'post__in' => $stickies,
        'post_type' => 'post',
        'nopaging' => true
    $featured = new WP_Query( $args );

    // If there is one or more sticky post we create our new slider
    if ( $count > 0 ) :
<div class="featured owl-carousel" id="featured-slider">
     have_posts() ) : $featured->the_post();
    <article class="item" style="margin: 10px">  

        <p><b><a href="/&lt;?php the_permalink(); ?&gt;"> </a></b></p>     


Step 6: All are Done! Just go your dashboard and make those post to "sticky post" which you want to make the featured post and enjoy your fully functional featured post slider.

The following image shows that I am using six posts as sticky post as well as featured post.

Hope you able to create nice feature post carousel following my post. Don't forget to share your slider image which you have created.

Still you may be interested in a plugin to achieve it. I would like to share my knowledge and experience in this term.

Here, I'll talk about two most popular, useful, efficient, and free featured post slider plugin for WordPress.

#1 Meta Slider

Meta Slider supports four different kinds of sliders; these are Flexslider, Nivo Slider, Responsive Slides, and Coin Slider. All of these sliders comes with several features, transitions, and themes. So, you have many options available for slideshow styling and transition effects.

It also comes with a Pro Version and supports 15+ languages.

#2 Smooth Slider

Smooth Slider is a free Responsive jQuery horizontal carousel for WordPress including six transition effects. It allows you to embed recent posts, category specific or featured posts slider in less than 50 seconds. With the live preview on admin panel, you can customize the slider before implementation.

Hope you found this post useful! Let me know if you got any questions through the comment section.

5 Quick Ways to Optimized Your WordPress Site and Reduce Bounce Rate

5 Quick Ways to Optimized Your WordPress Site and Reduce Bounce Rate

Before we enter the details, let us first cover the definition of the term ‘Bounce Rate’.

Bounce Rate refers the measure of the percentage of visitors who leave your website after viewing their current page without checking out other pages. The sooner they move from your site, the more negative bounce rate you get.

To know your current bounce rate use Google Analytics, it helps you to track your bounce rate, page views, and so forth that determine the health of your website. 

Ideally, If your bounce rate is below 50%, this indicates that your site is safe, if your bounce rate exceeds 60%, you should get worried, and if your bounce rate is over 80%, you are in serious trouble.

Numerous factors can be responsible for raising bounce rate of your site, and there are fruitful methods which should be applied to reduce it.

Below, We’ll show you how to reduce bounce rate on your WordPress site with five practical techniques that work.

 #1 Create Useful Content for Your Audience

Without any doubt, everyone agreed that - Content is the King. Improving content should be the first and long term strategy you take towards reducing bounce rate.

When you produce useful content for your audience, you can naturally make visitors stay longer on your website. Providing poor content increase the bounce rate on your site and at the same time, you lose the confidence and trust from your users.

It is your liability to follow through and give the people what they want whether that be a must have a product, a special giveaway, helpful tips, or anything else.

#2 Interlink Your Posts

Internal links are keeping people to navigating around your website as well as boost your SEO and your page views. You can use them to reduce your bounce rate and help users find what they are looking for without searching, by interlinking relevant topics post.

Instead of linking to a previous post with an anchor text like ‘read here’ or ‘click here,’ try to use a correct anchor text, that shows a keyword phrase on your post.

Keep in mind the fact when you are interlinking your previous posts about the proper anchor text. It gives your reader some idea about the topic you are linking to, and at the same time promote them to click and read that post. 

#3 Optimize Page Loading Times

Nowadays, you could not show any excuse for a slow-loading website. Your visitors want your site should load in 2 seconds or less, otherwise, they attempt to leave your site. If you do not know the loading time of your site, you can check it by using the online tools GTmetrix or Pingdom.

Your web hosting plays the key role in term of optimizing page loads time, choose a good web hosting for best performance. You may check this post about How to Select Best Web Hosting - A Comprehensive Guideline.

There are some other ways to improve website load speed that include; caching, slicing images, using CDN (Content Delivery Network), and among others. You also find several WordPress plugins that can help you to improve this issues as well as speed up your site. Following are the best one you should use.

Achieving a good load speed on your website, drastically reduce the bounce rate of your site.  

#4 Prioritize Responsive Design

We arrive in a world, where more and more people are accessing the web via smartphones and tablets. That means, to best support their experience, your site must work well regardless of which device they use.

You should ensure you use or develop a responsive design, at the time of building your WordPress site. A responsive website means a site which constructed so that all of the content, images, layouts and structure of a website remains the same on every device.

It helps reduce bounce rate from mobile users. If you can not afford a paid responsive theme, don't need to worry. There are lots of free WordPress themes that are responsive and ready for use.

#5 External Links Should be Open in a New Tab

When you are linking to an external website, you should be careful not to lose your visitors by opening the link in the same tab or window. Make sure you have open all external links in new tabs or windows instead of redirecting the user from your site.

The best to do this is to add target="_blank" into the link’s tag.


Your Anchor Text Goes Here


Generally speaking, the lower your bounce rate will, the more successful your website will. It is not possible to reduce your bounce rate within a night. It is a consistent gradual process and applying the five tips above; you can able to reduce your bounce rate.

If there are some other ways, you have used for reducing bounce rates; Please share using the comments section below.


10 Secret Ways to Secure Your WordPress Websites

10 Secret Ways to Secure Your WordPress Websites

WordPress website security is the single and most prioritized concern, that keeps every webmaster and website owner zoned out scanning for security flaws in their website. To keep their websites away from unexpected hacking, some site owners appoint ethical hacker and some develop custom CMS. But both solutions are costlier, simultaneously time consuming, but above all risk remain unchanged.

According to Forbes, about 30,000 websites around the web are hacked every day. But the interesting fact is all of them are not WordPress websites.The number is miscellaneous in total. But what’s happened if your WordPress website is hacked or injected with the malicious code or malware. I bet it costs a lot of money, traffic and couple of unrest days to undo whole website. We had our demo server hacked last year because of a plugin created security leakage, that cost us loss of customers, time, money and traffic.

Now the question how to keep our WordPress website away from unexpected hackin? Site hacking is not confined to some countable numbers, the reason could be unknown or many. Sometime it's becomes difficult to find where to start or what works well to enhance your site security. You might be thinking WordPress is itself vulnerable, right? No, WordPress core is secured and WordPress Codex provides numerous effective tips to make a WordPress website more secured.


But on top that there are a lot more steps should be taken to improve the security of your WordPress website. It means the more you take measures to secure your WordPress websites, the more you can put strong defence against the hacking. Here are 10 steps, you should take while your WordPress site installation.

01. Use Themes and Plugins from Trusted Source

Over the web you’ll found an abundant source of WordPress themes and plugins. If you are accustomed to picking up them from random source, your site security will be at stake. Do you know why? Because anyone can make themes and plugins without having knowledge of security best practices of WordPress and ship them at your reach anytime.

Now the concern is how do we select right themes for our site, right? It’s simple, find a reliable theme provider widely appreciated by their clients around the world like ThemeXpert. We sell premium WordPress themes appreciated by about 70,000 client worldwide. If you’ve tight budget for WordPress themes & budget, you can head for WordPress themes and Plugin directory. Here can find quality FREE WordPress themes and plugins. You can use them and customize them for extensive usage.

But before downloading, look for the template update record, rating and review. otherwise let it goes. Because these themes and plugins are reviewed by volunteers. Who only check for best practices and security flaws initially, but they never check for malicious or sloppy codes again when a new update for themes or plugins is provided.

02. Use Strong Administrative Password

Having WordPress themes & plugins from trusted source is not enough to secure your WordPress websites from hackers. You site could be hacked because your weak password selection for WordPress administrative account. Now the question is - what denotes weak password.

Weak passwords refer to any password that can be easy to guess and find out. According to SplashData, the most common passwords for both 2013 and 2014 were “123456” and the runner up was “password,”

If you’ve select password like, hackers may be able to sign into your website and take complete control of it. such an hacking can easily avoided by using a strong password incorporated with both uppercase and lowercase letters, numbers and punctuation. You can also go the random string unreadable for humans.

Suppose, you’re going select a memorable password such as “My name is Ahmed Eshaan & I am working as application developer at ThemeXpert since 2014” turn it password as “MniAE&IawaadaTs2014”. Now tell me, can you guess my password without my reference given before? I guess, you won’t and probably hackers will not. My personal recommendation would be to install security plugins like Wordfence Security, Bulletproof Security, Ithemes Security and more. Because such a security application alerts you to takes effective measures to secure your site.

03. Keep your WordPress Version Updated

WordPress has immense contributor community, contributing to enhance WordPress everyday. As a result WordPress brings out newer version regularly, that packed with important security updates, new feature, fix for bugs and so on. If you forget to apply those updates into your existing WordPress site, that includes the latest security fixes, it means you are attracting hacker to hack your site.

To update your WordPress version, head over to Dashboard >> Updates, and update WordPress version, theme and plugins.

04. Change the Default Admin Username:

When you setup your WordPress website first time, you’ll find admin would have been set as username by default. If you run your website without change default username, it means hackers have only to guess your site password.

So, change the default username immediately just after your kickstart. If you do change it, it means you’ll be one step safer and hacker will be one step away from your site hacking.

05. Check your File Permission

Servers play important role to secured websites from hacking. There are various types of server out there in the market like managed server and unmanaged server. Manage server is managed by hosting provider and you don’t need worry about file permission. If you’re using unmanaged server like Linux or Unix server, you’ve manage it on your own with full access to your folder and file permission,, which either provides or limits access based on the settings you choose.

If you inadvertently make your website files and folders access level too permissive, anyone can access your site important files and documents anytime. If don’t know the details of file and folder permission of your website, here WordPress Codex created an in-depth guide on file permission.

06.Keep Regular Site backup

The possibilities of your being hacked is numerous, If you keep proper backup of your website files and databases. you can safely undo the rest of the hacked site without any hassle. The process of keeping backed of a website is simple and there are some free and premium useful WordPress plugin available in the market like VaultPress, BackBuddy, blogVault and a more. If you want to scan those backup further more, Here we have created a details guideline.

Make sure you're running your site having backup regularly. But it could be varied from site to site, and number of changes your make daily or weekly basis. It depends on you. If you’ve site like enterprise level, I not only recommend you to keep regular update but also save the multiple updated copy in different servers in different location. In your website or your couple of servers are hacked, your can recover everything without losing anything.

07. Install a Security Plugin

Even since I started using WordPress security plugins, I won’t go back to not using one. When I look at the statistics, and found; how many hundreds of times in a day my sites are hit by an unexpected attack that’re also get blocked by WordPress security plugins.

Once one of my website really gets hacked and malicious code was injected which was responsible for adding backlinks on my website to the spam sites. Even I noticed when i tried to share a blog post from Facebook and twitter, the preview would replaced with the title and content with spam contents. You might be thinking why my site get hacked in spite of security plugin being enabled there, right? I forgot my WordPress admin password, tried severl attempt to login. Consequently The security plugin blocked my IP and I couldn’t get on the site anymore. So, I login the server and removed the plugin.

I had to start fresh to redo my site from scratch and enable a WordPress security plugin. Now the question is what are the best WordPress security plugins? In my opinion choose those plugins which offer offer anti-virus, firewall and anti-malware services. Some of them can even help clean up a hacked site if you still have access to install it such as Wordfence Security, which works for both single and Multi-site installs.

Here are some other plugins that can help you amp up your security:

This is just a sampling of the many out there that you can peruse at your leisure.

8. Limit login attempts

Brute-force attack is pretty common in the today's web. Where hackers and abusive bots try to crack down you login credentials by systematically checking all your possible keys or passwords until the correct match is found. In this case you didn’t limited your site login attempt, you might endanger yourself from unexpected trouble.

If you have strong credential enabled for your login verification, that would be great. But your site becomes unexpectedly slow and you may lose traffic and revenue altogether while attacking. If you thinking how to limit login attempt to be away from such hassles, that is simple because nearly all security plugin come with this feature right out of the box.

Though attackers attack a website from a large number of different IP address, but security plugins still can put strong defense as an addition precautions.

9. Disable File Editing Via The Dashboard

WordPress default installation allows administrators to edit core files of a WordPress website right from dashboard navigating Appearance > Editor area. If you have put strong defence for your site security and chances of hacking pulled down to the zero. That would be great you are the safe.

But In case hackers managed to takeover your site admin access cracking down your login credentials, you would be in trouble. They can edit your site’s core files easily and execute what code they want to. If you want to be keep your site safe a bit further, add the following code in wp-config.php file.

define( ‘DISALLOW_FILE_EDIT’, true );

10. Avoid using Free WordPress themes

From ThemeXpert we never conformize quality and security best practices while shipping Free WordPress Themes. But generally our recommendation goes for not built websites on Free themes, if possible, especially when the themes aren’t built by renowned developers.

The main reason behind the such an recommendation is that an experiment was run over 8 out of 10 site reviewed offered free themes which contains base64 code meaning those themes can be used to insert malicious spam link into your site and cause unexpected problem that you never imagine.


I’ve only provided the tactics that I find helpful to secure WordPress powered websites. If you think I’ve missed of those you find helpful, please feel free to inform me via the following comment box. Looking forward for your valuable comments.

Want a Chirping WordPress Blog? Learn How To Integrate Facebook Comments Without an Extra Plugin

Want a Chirping WordPress Blog? Learn How To Integrate Facebook Comments Without an Extra Plugin

When you convert your ideas and technical excellence into an online write-up, you intuitively stick your eyes on your blog seeking people engagement, right ?

But it is true that one of the biggest obstacle bloggers face is the silent blog syndrome. You might have read tons of blogs and analyzed a couple of researches. When you evolve countless hours of work into a blog post and you find them silent. I mean when you find no one argues, no one appreciates, even no one comments on your article. I feel the frustration, you undergo frequently.

Now the question is how to incline people to comment on your blog? what is the tips, tricks and technique of persuasion that allure people to comment on your blog. I found an effective tactics is to enable Facebook comment system. So, let’s dive into the Facebook comment system integration on your WordPress website.

For your convenience I have divided the process into two steps. First we create Facebook App and later we’ll integrate in the WordPress website. Have a look below.


Step 1

When you hear the word App, you might thinking you have to code, right? No you don’t. To enble facebook comment, visit the link make sure you have logged in your facebook account. Once you there, select My Apps > Add a New App (or Add a New App, if you have an previous App there) from the top navigation. It will open up a popup window asking for a selection, choose “website” from the options. Have a look in the image below

Just after the previous process, you will be prompted to type the name for your App. Once you entered your App name along the line, click on Create New Facebook App ID for your subsequent process.  

Step 2

After that you will be asked to select category for your Facebook App, select any of your desired category from a category dropdown. Afterward facebook will provide you JavaScript snippet to enable Facebook SDK. If your only goal is to enable Facebook comment system on your blog, skip this section . Fill next following form with your web address and click Next.

Now Facebook ask you to test its components embedding on your website body tag. Again, it’s not essential, scroll a bit down to “Next Steps” section and chose the “social plugins” option.  

The previous click will open you a page in the next tab with couple of options. Now choose “comments” other from the sidebar or from the content scroll a little bit to Comments section.

Step 4

In this step, you have to configure Facebook comment box how it looks on your website. Now enter your website url where you want use the Facebook comment on, declare its width (in pixels), set the number of comments that will available on your website by default, and set the color scheme. When you've done with settings, click on Get Code button

Step 05

Now we have snippet of code. Let’s get into WordPress admin panel and we embed the first code block in header.php file. To embed the first snippet of code, click on Editor tab from the Appearance tab one the left sidebar, Open header.php file form right sidebar, and paste the first snippet just after thetag. Have a look on the beneath image.

Step 06

Now in the process of the entire setup, we will put the second snippet in single.php. Open the single.php from WordPress template root and paste the second snippet of code just where I place in the image below.

If you you others separate way to add comment in a WordPress website, let me know I will write on them to teach others.