Preventing a WordPress XSS Attack: Complete Guide to Validating, Sanitizing, and Escaping Data
When it comes to making your WordPress site secure as a developer, probably the most impactful thing you can do is make sure you always clean up data that your code receives from users. That means, generally, two things, validating or sanitizing it on the way into your system. And escaping it on the way out, reducing the chance of a WordPress XSS attack. WordPress Cross-site Scripting attacks are one of the most common ways people compromise sites. So today we’ll cover how they work.
WordPress Development for Beginners: “Does the User See It?”
Getting started with WordPress development can be disorienting. As I’ve written, software development (including WordPress development) is a lot like caving, and trying to do your first WordPress development project can be like waking up somewhere in the middle of a dark cave and trying to figure it out from there.
How to Create a Fresh WordPress Install from an Old Database Backup
If disaster strikes your WordPress site, your first thought should be to restore it from a backup. But can you create a fresh WordPress install from an old database backup?
How to Get Rid of Empty Lines of Code in Any Text Editor
PHP for WordPress Development: The Free Course
This free course on PHP for WordPress introduces the core topics you need to understand to practice the PHP side of WordPress development.
Should You Use a Gutenberg-Optimized Theme?
The Gutenberg block editor has done more to turn the WordPress ecosystem on its head than anything in recent memory. And it has required both web designers and website owners to do some soul-searching.
SVGs in WordPress: How to Upload Them and Why to Use Them
This article is all about SVGs: how and why to use SVGs in WordPress, including how to allow SVG file uploads in WordPress. Whether you love, fear, or simply don’t understand this image format, we’ve got you covered.
How to Disable File Editing in the Admin Area of WordPress
In this text and video Quick Guide, we describe how to disable all kinds of file editing within the WordPress admin area (also known as wp-admin).
Using the wp_footer Action Hook to Modify Your Site’s Footer (Without Theme Changes)
This week’s text and video Quick Guide shows how to use WordPress’s wp_footer action hook to make changes to your site’s footer—without editing your theme.
25 Free Time-Saving Online Tools for WordPress Developers
As Fred wrote in an earlier post, learning WordPress development is hard. It’s not just a case of being able to write code. There’s a heap of associated skills: analysis, design, SEO, copywriting, user experience, maintenance and more.