Lil Josh

A tech blog about web development with PHP, MySQL, jQuery, CSS3 and various other programming languages. You will not find anything about ColdFusion, ASP.NET, C# on this blog.

Time to update your WordPress to 4.0!

September 8, 2014

4.0 upgrade Wordpress

How to keep your WordPress site secure

July 14, 2012

In this article I will explain how to keep your WordPress site secure so that it is not vulnerable to an attack. WordPress is a popular target since many WordPress sites become outdated and hackers are aware of vulnerabilities in older WordPress versions.

Download the Latest WordPress now or visit Dashboard → Updates in your site admin to update now. For full instructions on updating WordPress see

Keeping WordPress secure is especially important on shared hosting (such as GoDaddy or HostGator), since a compromise can affect all of the sites on that server. The following are my recommendations for keeping WordPress secure so that your site is not a target for attack.

  1. Update WordPressplugins, and themes to the most current version. For instructions on updating WordPress see
  2. Locate wp-config.php on your server and update the security keys. This makes your site harder to hack by adding random elements to the password. For instructions on updating the security keys see
  3. Make wp-config.php readable by only you (chmod 600 wp-config.php). This file contains database information and security keys that would allow a hacker to gain control of your site.
  4. Don’t have plugins that you don’t need. Review your plugins and remove any that are not used.
  5. Backup your database often. There are WordPress plugins that can backup your database automatically. I recommend WP-DB-Backup
  6. Backup all of your site files before doing an update (especially wp-content/ since that contains your site themes and plugins).
  7. NEVER have world writable files or folders.
  8. Remove unused WordPress users and update passwords regularly.
  9. If you are setting up WordPress, consider using a different table prefix (other than wp_). This makes it harder to hackers to guess the table name.
  10. All of the suggestions made above are irrelevant if your computer has a keylogger installed. Be sure to keep your OS and antivirus up-to-date.

Feel free to contact me if you have any questions about these suggestions or if you’d like me to take a quick look at your site.

how-to Security Wordpress

Adding Email Subscription to WordPress

March 14, 2012

In this tutorial I will show you how to integrate an email subscription plugin in your WordPress site that will allow users to enter their email address to subscribe to new posts and emails that you send out.

  1. To get this working in your WordPress site you will first need to install the “Subscribe2″ plugin. You can search and install this from WordPress by going to Plugins -> Add new and then searching for Subscribe2
  2. Once you’ve installed Subscribe2, review the plugin settings and determine which posts categories should be sent out and how often. I also checked the Enable Subscribe2 widget option so that I could use the subscribe plugin in my sidebar (look to your left).
  3. If you are going to insert the form into a page, then edit the page and you will see S2 in the WYSIWYG. Simply click that.
  4. If you are going to insert the form into a widget (e.g. sidebar), then go to Appearance -> Widgets and drag the Subscribe2 widget to your sidebar.
  5. The rest of this tutorial assume you are using the widget method.
  6. You can configure the options, but I only changed the class from “search” to “subscribe” and also removed the ‘2’ from the title.
  7. At this point your Subscribe input field and buttons may look pretty wimpy. That’s okay we will address that now.
  8. Open your stylesheet and add two new styles for:
    1. .subscribe input[type=text] { /* these styles are for the text field */ }
    2. .subscribe input[type=submit] { /* these styles are for the buttons */ }
  9. Here is the full CSS I used to style my subscribe widget
  10. [css]
    .subscribe input[type=text] {
    width: 260px;
    height: 20px;
    padding: 10px 5px;
    float: left;
    font: bold 15px ‘lucida sans’, ‘trebuchet MS’, ‘Tahoma';
    border: 0;
    background: #eee;
    border-radius: 3px;

    .subscribe input[type=text]:focus {
    outline: 0;
    background: #fff;
    box-shadow: 0 0 2px rgba(0,0,0,.8) inset;

    .subscribe input[type=text]::-webkit-input-placeholder {
    color: #999;
    font-weight: normal;
    font-style: italic;

    .subscribe input[type=text]:-moz-placeholder {
    color: #999;
    font-weight: normal;
    font-style: italic;

    .subscribe input[type=text]:-ms-input-placeholder {
    color: #999;
    font-weight: normal;
    font-style: italic;

    .subscribe input[type=submit] {
    padding: 10px;
    -webkit-border-radius: 2px 2px;
    border: solid 1px #3079ed;
    background: -webkit-gradient(linear, 0% 0%, 0% 100%, from(#4d90fe), to(#4787ed));
    background: #4d90fe; /* Old browsers */
    background: -moz-linear-gradient(top, #4d90fe 0%, #4787ed 100%); /* FF3.6+ */
    background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#4d90fe), color-stop(100%,#4787ed)); /* Chrome,Safari4+ */
    background: -webkit-linear-gradient(top, #4d90fe 0%,#4787ed 100%); /* Chrome10+,Safari5.1+ */
    background: -o-linear-gradient(top, #4d90fe 0%,#4787ed 100%); /* Opera 11.10+ */
    background: -ms-linear-gradient(top, #4d90fe 0%,#4787ed 100%); /* IE10+ */
    background: linear-gradient(top, #4d90fe 0%,#4787ed 100%); /* W3C */
    filter: progid:DXImageTransform.Microsoft.gradient( startColorstr=’#4d90fe’, endColorstr=’#4787ed’,GradientType=0 ); /* IE6-9 */
    color: #fff;
    text-decoration: none;
    cursor: pointer;
    display: inline-block;
    text-align: center;
    font-family:Arial, Helvetica, sans-serif;
    line-height: 1;

    .subscribe input[type=submit]:hover {
    border: 1px solid #2f5bb7;
    background: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgb(221, 75, 57)), to(rgb(197, 55, 39)));
    background: #4d90fe; /* Old browsers */
    background: -moz-linear-gradient(top, #4d90fe 0%, #357ae8 100%); /* FF3.6+ */
    background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#4d90fe), color-stop(100%,#357ae8)); /* Chrome,Safari4+ */
    background: -webkit-linear-gradient(top, #4d90fe 0%,#357ae8 100%); /* Chrome10+,Safari5.1+ */
    background: -o-linear-gradient(top, #4d90fe 0%,#357ae8 100%); /* Opera 11.10+ */
    background: -ms-linear-gradient(top, #4d90fe 0%,#357ae8 100%); /* IE10+ */
    background: linear-gradient(top, #4d90fe 0%,#357ae8 100%); /* W3C */
    filter: progid:DXImageTransform.Microsoft.gradient( startColorstr=’#4d90fe’, endColorstr=’#357ae8′,GradientType=0 ); /* IE6-9 */
    -webkit-box-shadow: 0 1px 1px #333333;
    -moz-box-shadow: 0 1px 1px #333333;
    box-shadow: 0 1px 1px #333333;

email subscription integrate mailing list subscribe subscription Wordpress

Build a Custom WordPress Login Screen Tutorial

February 19, 2012

Speckyboy has a good tutorial on how to build a custom login page for WordPress.

See my login page:

custom login page login screen speckyboy tutorial Wordpress