Category Archive Wordpress Administration


Really Simple SSL

I recently needed to upgrade an existing wordpress site to SSL/https:.

This was made more complicated by the fact that it was on a shared hosting server, AND used cloudflare CDN.

This should have been simple:

  1. Generate certificate request
  2. Buy certificate
  3. Install certificate
  4. Tell WordPress to use https://
  5. Redirect http to https.

Except it didn’t work.

I couldn’t get it to reliably use https:// or redirect or

Eventually, after raising tickets with Cloudflare and The hosting company, I found a plugin called “Really Simple SSL”.

This configured wordpress to use https AND rewrote the htaccess file to do the redirects. In the end I had to manually edit the file as my htaccess file is secured, but at least they gave me the code to do that.

I left the cloudflare CDN SSL setting as “flexible”, as anything else caused problems.


WordPress post-by-email feature.

The best way to make this work is to use the Jetpack plugin, and enable the post-by-email feature.

That gives you an e-mail address where anything it receives is published as a blog post.

However, I found I couldn’t get it to work until I switched from ithemes security to wordfence. Apparently, it’s a known problem: ithemes security blocks xmlrpc, so post-by-email isn’t available..

Worth knowing.


No More Jetpack!

If it looks too good to be true, it probably is.

It was. “locked-on” to one of my JetPack-using sites, firing thousands of requests, and resulting in my hosting account getting suspended. I’ve had to remove it from ALL sites, just in case.

Not Impressed! 🙁

P.S. This happened some time ago, I’ve just realised that I hadn’t mentioned it, and I don’t want to give the impression that JetPack is working fine – it’s NOT!


Better WP Security – So Secure It Doesn’t Let ANYONE In! | Internal Server Error

Better WP Security (BWP)

I’ve been using this plugin for ages without any problems.
Until Now.

TWO of my sites went down with mysterious “Internal Server Error” messages.
Even the usual URL/license.txt routine generated the error, so it was clearly not a WordPress problem exactly.

I actually went as far as logging a support ticket with Unlimited Web Hosting, but I was already suspecting the htaccess file.. Sure enough, there was an error (a missing word) in there, caused by BWP.

I corrected this, and it’s sorted.

So, here’s how to fix this problem:

  • FTP (or file manager) into your site.
  • Open .htaccess
  • Look at the bottom end of the file.
  • There will either be a missing command (you can’t miss it – it’s obvious), or a chopped-up word. Again obvious. Insert the magic word (it’ll be the same as the line above or below it), or correct/delete the chopped-up word.
  • Save the changes.
  • Access your site.

Essential WordPress Plugins (Updated)

Why Use Plugins?

WordPress is immensely powerful straight out of the box, but it’s possible to add pretty much ANY functionality you want, and it’s usually for free.

OUR Favourites

This is a list of the TOP Plugins we use at Others may not agree.
They are in no particular order.

Right Now..

This is an UPDATED version of an updated version of an earlier post. There are SIGNIFICANT changes, as WordPress is such a moving target.

Here’s The List:


ESSENTIAL anti-spam system. Free to non-commercial users.
Filters out unwanted (spam) comments automatically, and provides stats on what it’s doing. ESSENTIAL.


We now use this in preference to All-In-One-SEO-PACK. Allows us to tailor in-post SEO far better. Also handles Sitemaps. ESSENTIAL


Plugs all the holes we could find. Also handles backups. Excellent! ESSENTIAL


Handles advertising on your site. Very comprehensive. Individual ads are created and then made into groups. You can then position the groups as widgets, in posts and on pages. Ads have start and end dates, and tracking can be switched on or off. Better than maxbannerads. ** The latest version has had features removed due to a “premium” version. Avoid this version. STRONGLY RECOMMENDED


Automatically adds relevant tags to your posts as you create them, based on post content. It’ll find tags you hadn’t thought of. STRONGLY RECOMMENDED.


Automatically sets the “Featured Image” attribute of the post, based on the content. STRONGLY RECOMMENDED


Excellent caching plugin, creates static version of all your posts and pages as they are created. Far better than SUPERCACHE. ESSENTIAL if you use a lot of plugins, or have a lot of visitors.
Get the “Clear Cache” Button plugin as well.


Some themes automatically add all pages to navigation menus. This is how to stop it. Adds a checkbox in the editor. ESSENTIAL.


Attempts to redirect 404 errors to relevant pages based on search query, and URL requested. Reduces bounce-rates. ESSENTIAL

Google Analytics (YOAST)

This adds Google Analytics tracking code to all your pages and posts, so you can keep tabs on everything. You need an analytics account. ESSENTIAL.

YARRP (Yet Another Related POsts Plugin)

Thsi is the best of it’s kind- Adds related posts links to your posts. Essential for internal links. ESSENTIAL


Blocks spammers from ever registering. Uses blacklists, etc so they can’t post. Nice. STRONGLY RECOMMENDED


We use this instead of FEEDWORDPRESS, due to performance issues. NOT FREE!
Strongly Recommended


Generates Likes/Tweets/etc. Not Free. Strongly Recommended.


Pops up Social Links on accessing the site. Generates Likes/Tweets/etc. Strongly Recommended.


Excellent! – Locks up content until the user tweets, likes, g+1 or whatever. STRONGLY RECOMMENDED.


WordPress Database – Bulk Delete Users

Bulk Delete Users

I had 1000 spammer registrations from the same 2 domains.
Here’s how I got rid of them all, in seconds..

From the PLESK database “Web Admin”:

Delete the users..

delete FROM wp_users
WHERE user_email LIKE ‘’

** you could use ANY criteria here – I wanted rid of two specific groups of spammers..

Now-> Delete Orphaned Usermeta


NB: you COULD try the “Bulk Delete Users” Plugin, but it tries to delete them one-by-one. On my shared hosting, it times out and is effectively useless, which is why I’m using SQL at the backend.

Please note: You should NEVER leave your tables with the default “wp_” prefix. Or have a user called “admin”, or a user with id=1. That’s just for start!
Let us secure your WordPress site for you:


WordPress Database – Delete Orphaned Posts

Delete Orphaned Posts

After manually using SQL to delete users, you can be left with (potentially a lot) of posts which now belong to users who simply don’t exist. You don’t want this, it wastes space and clogs things up.
There are two solutions to this:

  1. Delete the Orphaned Posts
  2. Assign them to another user.

I’m going to use option1, as I deleted those users for a reason – Spamming!

From PLESK or CPANEL database web admin:

Delete Orphaned Posts

FROM `wp_posts`
WHERE post_author NOT
IN (
FROM wp_users

NONE of my tables have a wp_ prefix!



Please note: You should NEVER leave your tables with the default “wp_” prefix. Or have a user called “admin”, or a user with id=1. That’s just for start!
Let us secure your WordPress site for you:


WordPress Database – Delete Orphaned Postmeta

Delete Orphaned Postmeta

After deleting posts using SQL, you will be left with (potentially a LOT) of orphaned postmeta records. You don’t want that! It wastes space and clogs up site performance. Get rid!

From PLESK or CPANEL database web admin:

FROM wp_postmeta
WHERE post_id NOT
IN (
FROM wp_posts


Please note: You should NEVER leave your tables with the default “wp_” prefix. Or have a user called “admin”, or a user with id=1. That’s just for start!
Let us secure your WordPress site for you:


WordPress Database – Delete Orphaned Usermeta

Delete Orphaned Usermeta..

After using SQL to bulk-delete users, you’ll be left with (potentially a lot) of orphaned records in the “usermeta” table. You don’t want that. It’ll just waste space and clog things up.
After deleting 1000 user records, I had 20000 orphaned usermeta records – you get the picture..

From PLESK web admin, or similar:

delete FROM wp_usermeta WHERE user_id NOT IN (
FROM wp_users


Please note: You should NEVER leave your tables with the default “wp_” prefix. Or have a user called “admin”, or a user with id=1. That’s just for start!
Let us secure your WordPress site for you:


ManageWP – Control ALL your WordPress Sites from ONE Dashboard!

We operate a number of (self-hosted) WordPress sites,  across a number of niches. Updates and maintenance was starting to become time-consuming and annoying, due to having to work on each site individually.

We also used separate uptime management and optimization tools – again time-wasting.

But then we discovered ManageWp! And suddenly all it takes is one login and a few clicks. here are some of the benefits:

  • Perform your WordPress management tasks all in one place
  • Save time by logging into one Dashboard instead of dozens or even hundreds
  • Promote a WordPress management service to your customers. Log into ManageWP, click a few buttons, and within minutes your monthly website management is complete. Bam! Now send that invoice to your client.
  • Monitor the uptime of your own sites or those for your clients and respond proactively to fix them, or let your client know something is awry with their host. You’ll be a hero!
  • Monitor and analyze the SEO performance of your sites or those for your clients. Easily let them know where they stand and offer your SEO optimization services.
  • Create additional websites easily and quickly with the ManageWP Deploy service.
  • Manage all your WordPress sites from your mobile devices with our ManageWP app for iOS.

There’s even a FREE plan to get you started- which allows you to maintain up to FIVE sites, but without uptime monitoring, backups, etc.

Sign up here: ManageWp

%d bloggers like this: