Free WordPress Plug-in in My Sites - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Friday, February 19, 2021

Free WordPress Plug-in in My Sites

This post is to summarize some of my favorite free plug-ins used in my blogs and forums. All of them are free. They are used for certain purpose and it will be used based on requirements. Many of them are widely used  alredy, such as, Akismet Anti-Spam, Jetpack by WordPress.com, WP Super Cache, wpForo, Yoast SEO, Cloudflare, etc. Here, I am trying to put some of special purpose used plug-ins.  

If you found some interesting ones, let me know. I will try them out then put it here. 


My WP Plugins Page



Plugin URL: https://www.51sec.org/wp-admin/plugins.php?plugin_status=all&paged=1&s



Easy Table of Contents

It is a user friendly, featured focused plugin which allows you to insert a table of contents into your posts, pages and custom post types. Tons of features. You can find it from this link.


It gives your readers a easy way to see your article's structure and navigate to the interesting part. 


Remove Copyright Information in your theme

Not only works for default Wordpress theme, also works some of commercial plugins

  • Remove "Powered by WordPress"

All-in-One WP Migration

Issue: it will generate a large backup file to export.  If you want to check while file is taking that much space, using https://traktor.servmask.com/ to analyze it. 
I also recommend to replace it with other backup plugins:

This plugin exports your WordPress website including the database, media files, plugins and themes with no technical knowledge required. Here is plug-in link at wordpress.org. 
The free version has size limitation for 500MB, after you installed another extension "All-in-One WP Migration File Extension". It is enough for me since all of my screenshots and photos stored at CDN.
No more free version.
Here is a download link for "all-in-one-wp-migration-unlimited-extension.zip"
https://drive.google.com/file/d/1arcO4jFi0Ox_sQSI649hPCT6uRumMq_U/view
Or for fixing the limitation, 

  1. Go to Plugin editor from the left menu panel in the admin dashboard.
  2. Top right, Choose All-in-one WP Migration from the dropdown and click select.
  3. Click on constants.php file.
  4. Search for the word AI1WM_MAX_FILE_SIZE. Change it’s value, refer below code:
    define( ‘AI1WM_MAX_FILE_SIZE’, 2 << 28 );
    To
    define( ‘AI1WM_MAX_FILE_SIZE’, 536870912 * 5 );
    If you even want more than 3 GB then change value from 536870912 * 5 to 536870912 * 10( or any number).
    Don’t forget to update the file.
  5. Enjoy the new upload size 😊

If the upload size has not changed go to the .htaccess file in the server root folder (usually it is html/www folder) and add the below lines at the bottom of file.

php_value upload_max_filesize 2048M
php_value post_max_size 2048M
php_value memory_limit 512M
php_value max_execution_time 300
php_value max_input_time 300

The above code is to remove upload limit of server. No need to reboot the service or server. It will change to 2G for upload limitation

Featured Image from URL (FIFU)

This plug-in helps reduce the efforts spent on thumbnail regeneration, image optimization and never-ending imports. You can easily link your article's thumbnail to a external image or first image in your article. 

It also helps save your storage in your media folder, which also dramatically helps to reduce your backup file size. 


WP External Links

This link automatically configures your external links put some configuration around it, such as opening external links in a new tab or window, controlling "nofollow" and "noopener", setting font icon; SEO friendly.



Encrypt WordPress with a plugin

WordPress plugin- My Private Site ,  is a plugin specially used to encrypt WordPress, which can restrict access very easily.

After installing the plugin, select Settings – Private Siteheck the Private Site option to encrypt the entire WordPress site.
My Private Site

Only the logged-in user can access the website after encryption, and other people will automatically jump to the login page.

This method is highly recommended for newbies and users who use virtual hosting, it is simple and easy to use


If you use WordPress built with Pagoda Panel, then the encryption will be very simple. Pagoda Panel has a built-in website encryption function.

Open the setting options of the corresponding website in the pagoda panel and select the website directory
Turn on password access and set a strong password that only you know

Pagoda Set Website Password Access

When you visit the website again, you will see the following password box. Only enter the correct account and password before you can continue to access
Website needs to enter account password to access

This method can cooperate with the Private Site plug-in above to achieve double encryption


There are lots of other better free options than this one. 

Visual Form Builder is a plugin that allows you to build and manage all kinds of forms for your website in a single place. Building a fully functional contact form takes only a few minutes and you don’t have to write one bit of PHP, CSS, or HTML! By the way, the default 2 digits verification method helps to defeat those spammers. 

WPForms definitely will be better. But once it comes into attachment feature, it will charge you $39.50/year.





Some Plug-ins I used in MultiSite.
  • Akismet Anti-Spam
  • All in One SEO
  • AMP
  • Astra Widgets
  • Backup
  • Elementor
  • Elementor - Header, Footer & Blocks
  • FameTheme Demo Importer
  • File Upload Types
  • Jetpack by WordPress.com
  • Simple Tags
  • Starter Templates
  • UpdraftPlus - Backup/Restore
  • Visual Form Builder
  • W3 Total Cache
  • WP Mail SMTP
  • WPForms Lite








Short Code: 

[wp_sitemap_page display_category_title_wording="false"]









Short Code:
[SimpleYearlyArchive type="yearly"]

Note: You will need to add a <h3> into headline. 






Do not enable Image Accelerator. It will cause some images not showing correctly, especially my own image storage at Beckblaze B2 with Cloudflare to rewrite the domain name.




Tools -> Scheduled Actions
Database will get bigger (hundreds of MB)

wp_actionscheduler_actions & wp_actionscheduler_logs tables


DELETE FROM 'wp_actionscheduler_actions' WHERE 'status' = 'complete'
DELETE FROM 'wp_actionscheduler_actions' WHERE 'status' = 'canceled'
DELETE FROM 'wp_actionscheduler_actions' WHERE 'status' = 'failed'
DELETE FROM `wp_actionscheduler_logs`;

https://azdigi.com/blog/en/website-tutorials/wordpress-en/how-to-delete-action-scheduler-in-woocommerce/



wpsec.com


WPSec.com is an online security scanner for WordPress vulnerabilities. We keep track of all your WordPress installations and tell you as soon as they are outdated. With our solutions you are always protected against hackers or attackers who might want to penetrate your WordPress website.


References




No comments:

Post a Comment