Chris K Designs

Recently I’ve been seeing a trend in some WordPress sites that I happen to come upon, and it’s one that concerns me. People are giving a list of plugins they have installed on their WordPress sites. Even stating how many are active. A quick search over at WordPress.org/extend show there are plenty of plugins available to create a page on your WordPress site that shows a list of Active and Installed plugins you have. I understand the warm fuzzy feeling of giving credit where credit is due. The open source community is all about attribution, however there is one obvious security flaw in this practice. You are providing a list of possible attack surfaces a malicious user can exploit.
Continue reading “WordPress Security: Why you should not list what plugins you are using” »

I updated the post about how to create a custom theme for the DigitalNature Mystique theme for WordPess. It’s been updated to reflect new versions of WordPress and the Mystique theme. Let me know in the post comments if you have any other issues with this. Here’s a snapshot of what it looks like.

A Preview of the Login Screen

Visit the original post
Get the Mystique theme

Have you ever taken the time to read over the ‘license.txt’ file that comes with your WordPress installation? No? Don’t worry, you probably aren’t alone. You must be familiar with software licenses correct? Ah, there we go, something you do know a little about. Most software you need to purchased in order to legally use or own. WordPress, however is slightly different. It’s built on the GNU General Public License which means you are able to give it to whomever you want…for free! Really, it’s right there in the license:

“You may copy and distribute verbatim copies of the Program’s source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.”

The codebase for WordPress is maintained by a group of coders who are not just developers, but users of WordPress. Even you could contribute to making WordPress better by idntifying bugs in the Trac (requires a WordPress.org login). The same people who help identify bugs and issues with WordPress also are some of the same people who develop the plugins and themes you are using, myself included. Most of these plugins are free of charge and available for use under the same license as WordPress itself. You may find, however, that every now and then you will stumble upon a ‘Premium Theme’ or ‘Premium Plugin’. These are not free additions to WordPress typically and come in a wide variety of costs and functionality.

There are some open source fans that think paid content for a free platform is just not right, and there are others who welcome the idea of a paid addition to free products. I’ll give you some of the pros and cons of both of them.

Continue reading “To Pay or Not To Pay: WordPress Premium Content” »

I’ve updated the code below so that it works properly. Sorry for any confusion this code was causing, but this should all be fixed now

I’ve been using the Mystique theme by Digitalnature for my personal blog for a few months now and after many updates, it’s really becoming quite the all inclusive design. The one thing it’s missing is a great login that’s themed along with it. So I’ve taken it upon myself to create it. You will need to make  a small customization to the functions.php file for the theme but I’ll walk you through it.

Click to preview the full image

First you need to download the custom-login.zip file, unpack it, then upload the custom-login folder to your mystique folder. The directory is ‘/wp-content/themes/mystique/’.

Download custom-login.zip

Step two is modify the /wp-content/themes/mystique/functions.php’. You only need to add about 4 lines of code to the file so it’s nothing to major. Open the file you in your favorite text editor and look at the end of the file for:

add_theme_support('automatic-feed-links');

endif;
?>

Paste the following code between the add_theme_support and endif; line.

function custom_login() {
echo ' ';
}
add_action('login_head', 'custom_login');

And there you have it, a custom login screen for people using the ‘Mystique’ theme. Thanks to Pro Blog Design for the great post about ‘Custom WordPress Login Screens‘

Updated: I have modified the Code Plugin I’m using so this code should work without error now. Let me know in the comments if you have any other issues. Thanks everyone for the help!

Update 3/26 – If you are using the WordPress nightly builds for testers, this isn’t working anymore due to a CSS change in the WordPress code. I’m looking into it.