WordPress makes it easy to escape untrusted input to prevent SQL-injection, XSS (cross-site scripting), and other nefarious bits of text. Here is a quick rundown of WordPress’ built-in escape functions.
During development there may be situations where you want to prevent WordPress from making URL requests to external websites. Here is a simple way to disable external URL requests during development.
Here’s how easy it use to use any of WordPress default functionality from any PHP file outside of the WordPress installation directory.
In WordPress, static home page is possible via the General Settings. Or you can choose to display your blog posts. But how do have both?
By default WordPress displays a bunch of useless widgets in the Dashboard. Here is how to disable them.
In WordPress, “kses strips evil scripts”. Here is a list of kses tricks for ninjas only.
Whenever possible, prevent access to sensitive information about your server. Here is how to prevent PHP from displaying errors and their sensitive infos.
A secure way to protect your site’s admin area is to lock it down with .htaccess.
Just a heads up for Photoshop users exporting graphics for their WordPress plugin in the WP Plugin Directory.
Here are my favorite “lesser-known” and perhaps even obscure template tags for WordPress:
Check out a live demo of a responsive, grid-based image gallery.
Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!