Dano Manion

WordPress Notes


  • Slug: The slug is an all-lowercase version of the title with “-” (hyphen) is substituted for spaces, that is “WordPress Rules” becomes “wordpress-rules.” This is an Internet best practice that has benefits for SEO and user experience.
    • You can also create a custom URL structure, which I find to be more commonplace. I prefer to have the category name come before the post slug. In the Custom Structure field you can put /%category%/%postname%/ which will result in the same article having the following URL: http://jesserfriedman.com/wpweekend/blog/wordpress-rules (Figure 5.7). For more options available to you when customizing your permalinks please visit http://lrnwp.com/custompermalinks.
  • Spammers: are individuals attempting to take advantage of your site’s inherit public and sometimes social functionality to add backlinks, content, or even users to your site.
  • Crackers: purposively attempt to circumvent or break through security measures for their own gains.
  • Hackers: nerds who learn the shit out something and learn of the weaknesses of a system that they could, or could not use to their advantange.
  • Botnets: a collection of Internet-connected programs communicating with other similar programs in order to perform tasks. This can be as mundane as keeping control of an Internet Relay Chat (IRC) channel, or it could be used to send spam email or participate in distributed denial-of-service attacks. The word botnet is a combination of the words robot and network. The term is usually used with a negative or malicious connotation.
  • DDos: Distributed Denial od Service attacks
  • Sblogs: Spam blogs created by bots through your multisite configuration.


Starter Themes

Theme facts

  • The 2010 theme was the first theme pre-packaged in wordpress to be used as an example theme
  • 2011..2016 Themes are an updated version of this

  • Yoast - Anatomy of a theme

  • /wp-content/themes/yourThemeHere
  • style.css is required

Theme Features

  • Only availble of functions.php has them available
  • Sidebars
  • Nav Menus
  • Post Thumbnails
  • Post formats
  • Custom headers
  • Custom backgrounds
  • Widgets were originally designed to provide a simple and easy-to-use way of giving design and structure control of the WordPress Theme to the user, which is now available on properly ‘widgetized’ WordPress Themes to include the header, footer, and elsewhere in the WordPress design and structure.
  • It’s a lot like “Blocks” in Drupal, even has it’s own maintence page for it.
Post Formats
  • Post formats are similar to templates but are more specifically related to the type of content you are presenting.
  • Sounds like Node-Types

Child Themes

  • Just like sub-themes in Drupal
  • Parent themes are like starter or core themes
  • functions.php DOES NOT override, unlike most of the child theme files
Adding Scripts to a childtheme
  • Parameters
    • $handle * - Name of your script
    • $src - Path to your script, use get_template_directory_uri() for parent themes and get_stylesheet_directory_uri() for child themes.
    • $deps - Dependencies
    • $ver - Version number of script. Change this if you want to bust the cache!
    • $in_footer - Boolean true to put in footer, else it will default to false

      // Example of adding a theme to a child-theme
      wp_enqueue_script( 'custom', get_stylesheet_directory_uri() . '/js/custom.js', array('jquery'), 1, false);

Creating a Child Theme

  1. create parent-theme-child naming conventions
  2. add style.css - required. “special” header, like theme.info in Drupal, even has requirements noted.
  3. create functions.php - required. because you need to add the theme css function

Template files

The Loop
  • The Loop - is the main process of WordPress. You use The Loop in your template files to show posts to visitors. You could make templates without The Loop, but you could only display data from one post.
  • It’s the most powerfull part of your WordPress theme. It starts with a query and ends with a php “endwhile” statement
The Worlds Simplest Index Page
if (have_posts()) :
   while (have_posts()) :

Template Hierarchy

  1. Wordpress Template Hierarchy
  2. Wordpress Template Hierarchy - Older?
  • Specific templates work just like Drupal overides

    • url: /category/dolphins/ AKA /category/[ID4]/
      • looks for
        1. category-4.php
        2. category.php
        3. archive.php
        4. index.php (required)
    • Also you can
      • front-page.php
      • single-{post-type}.php like content-type in Drupal
    • url: http://example.com/blog/category/your-cat/
      • looks for, category “unicorns”
        1. category-unicorns.php
        2. category-4.php // id of cat
        3. category.php
        4. archive.php
        5. index.php (required)


  • You can add <p> tags to content using the following code for single.php. This adds a filter to convert
    to <p>. You may need this for plugins that try to insert ads into those places.

          add_filter('the_content', 'wpautop');
  • Javascript has some special needs, sorta like (drum roll) Drupal

    • Javascript Codex
    • Add a /js/ folder and place scripts in that folder, seperate folder is best practice
    • IMPORTANT Functions
      • wp_register_script - tells Wordpress we are going to be using this specific piece of Javascript
      • wp_enqueue_script - allows us to actually execute that code


  • Atleast one php file exist in the plugin
  • WP also has ‘hooks’ additionally ‘actions’ and ‘filters’
  • There are Codex Resources


  • WP Migrate DB
  • To keep posts that have been created since Dev Enviroment was created. Export posts using WP export functionality and import them into DEV/STAGE before exporting the entire DB onto Target site.
  • See: WP Kses for some filtered protection


  • Global variables exsist, but we have to declare them to access them.
    • global $variable
  • Bloginfo function can be used quite a bit for content variables
  • Checkout “short code” API, [gallery id="123" size="medium"]
  • Quicktags API lets you add buttons to the GUI editor
  • Customizer enables UI for users to change things in the theme, like logo
  • a way to change default behaviors
  • functions.php is like theme.module (Drupal) and maybe some stuff you’d find in theme.info (Drupal)
  • Functions can be added via Plugins or in Themes. If in themes, functions only work that specific theme.
  • Enable many features - almost like theme_hooks in Drupal?
  • Post and Page Functions
    • get_permalink
    • get_excerpt
    • get_page_link
    • get_page_children
  • Category & Taxonomy Functions
    • in_category
    • wp_list_categories
    • wp_generate_tag_cloud
    • get_taxonomy
  • Attachment & Feed Functions
    • wp_get_attachment_thumb_url // like image_cache
    • wp_get_attachment_image_src
    • the_excerpt_rss
    • fetch_feed

#### Resources

###### Sources

Theme Shops

There are also several places you can go to buy themes. Most range between $20 and $65. Remember the costs of having a custom-built website can go from $3,000 to $20,000.

Good Theme Shops


Wordpress has 3 content types

  1. Posts: These are your blog posts or news articles, which you add regularly.
  2. Pages: These are static pages such as your content page and “about us” page. Your home page could either be a static page or a page listing all of your latest posts.
  3. Attachments: These are images, PDFs, and other media, stored in the uploads folder. Each of them also has an entry in the database, giving WordPress metadata about them.
    • You access these via the Media menu or by uploading them to your page or post content.
  • https://learn.wordpress.com/get-published/


  • Content designed to stay put like evergreen content.


  • are what you think of when you think of a blog; they’re dated, and appear in reverse chronological order, moving down your blog as you publish new ones.

  • Your post has 3 titles
    1. The Post title itself
    2. The SEO title
    3. URL title AKA Slug
  • Spread out your posts! (Don’t post all your posts on one day)
  • Edit the dates of your posts when appropriate
  • Actually use the Categories and Tags, these help describe your websites content achritecture
  • Check your image sizes Settings > Media
  • Launch with the bare minunum


  • A category should be thought of as broad terminology used to bucket posts. In other words, if you’re running a restaurant blog, you might have categories about Events, Recipes, and Fresh Ingredients. These are broad and make it easy for you to post in each category.


  • Tags are used when you want to link posts between two categories or through a single keyword.


Multisite seems pretty cool, but certainlly seems more like something to be used as a wordpress.com or drupalgardens.org. As in, for running multiple blogs in a geocities sort of way. I don’t think it’d be worth it for the multiple blogs I’m creating. OR if I create an App that needs to be used by a handful to hundreds of customers.

Example: nixons.coffeesales.com, greenleaf.coffeesales.com, etc  
  • Menus now give you complete control of your navigation.
  • Link to more info https://codex.wordpress.org/Navigation_Menus


  • Disable ability to edit php files within the GUI.

      define('DISALLOW_FILE_MODS', true);

WordPress Checklist


Decent Recomended Payfor Themes

  • Agency - This is a more traditional theme; note the navigation, social links, and search box in the top right corner. This theme may be considered plain, but it will effectively and clearly communicate to your users.
  • California - This theme is completely untraditional but very fun. Notice once again the logo and navigation are the first elements you see when you load the site. However, as fun as this theme appears, it will require a lot of time and some money to get the graphics and marketing collateral needed to make this theme look as good for you as it does in this screenshot.
  • Mesh - Note the side navigation and brand mark. While untraditional, it can be highly effective in the right industry.
  • Volumes - This is a great theme to be used for a portfolio website. Maybe you’re a crafter, photographer, or even an event planner. Themes like this showcase your work right on the homepage and do a great job of it.
  • Flatshop - Here you can see one of the biggest Internet trends of this year. A single website with specific sections each dedicated to their own messaging. This site requires great marketing material to be produced by you.
  • Nexus - A more traditional WordPress homepage is seen here. This magazine layout features posts, widget areas and a nice slider.
  • Redux - A simple footer with a two-column widget area. This footer layout will work for a small amount of content but will also scale to incorporate bios, photos, recent posts, and more.
  • Shopo - The footer in this theme is very small and minimal. A footer like this is helpful on shopping cart sites to prevent distraction and keep the user focused on the main calls to action.
  • Divi - Another heavy footer with the ability to grow as your content needs to. With four columns users can benefit from several choices.
  • Less The old adage “less is more” definitely applies here. It has a very simple single-column layout with a nice amount of negative space. This is a great theme for a writer, author, or educator.
  • Notes - As you can see, this theme carries a default three-column layout for posts and pages. A nice layout but is all that extra content on the sides a distraction or a benefit? That’s for you to decide. http://lrnwp.com/notes
  • SimplePress I like the balance of this theme. While it still continues to use a two-column design as its default layout, it’s still very clean and simple
  • Landscape One of my favorite distraction-free themes, Landscape has space for a large header or featured image while maintaining a simple single-column content area.
  • Responsive - Here’s a perfect example of a theme you can feel good about downloading. It has over one million downloads so you know it’s been tested. There are hundreds of reviews and its average rating is 4.7 out of 5 stars. This means users are happy with what they got. Also you can see that the last update was 12/31/2013, which was only a few weeks ago (from the time of writing this book).



  • JetPack
    • BruteProtect: Protect against Bots (now part of Jetpack for security) (Paid)


  • Custom Sidebars - Allows you to create widgetized areas and custom sidebars. Replace whole sidebars or single widgets for specific posts and pages.
    • Alomst like Drupal Blocks, maybe?
  • Breadcrumb NavXT - Adds breadcrumb navigation showing the visitor’s path to their current location.
  • JQuery Mega Menu Widget - Creates a widget, which allows you to add drop down mega menus from any WordPress custom menu using jQuery.


  • Contact Form 7 - Just another contact form plugin. Simple but flexible.
    • Forms: http://www.gravityforms.com (Paid)
  • Contact Form DB - Saves submitted form data to the database. Export the data to a file or use shortcodes to display it.
  • Recent Posts Widget Extended - Provides flexible and advanced recent posts. Display it via shortcode or widget with thumbnails, post excerpt, taxonomy and more.
  • Recent Posts Widget With Thumbnails - List of your site’s most recent posts, with clickable title and thumbnails.
  • WordPress Popular Posts - A highly customizable, easy-to-use popular posts widget!
  • WordPress Related Posts - WordPress Related Posts - the plugin for related posts with thumbnails. Caching included.


  • JP Markdown
    • Curious if this works correctly with code snippets and SEO plugins.
  • There is a TinyMCE plugin too.


  • SEO Bundle
    • (This) Yoast SEO - post/page interface (where you add meta descriptions, titles, etc.)
    • (Or That) All in One SEO Pack - All in One SEO Pack Optimizes your WordPress blog for SEO (Search Engine Optimization).
  • Google XML Sitemaps - This plugin will generate a special XML sitemap which will help search engines like Google, Bing, Yahoo and Ask.com to better index your blog. With such a sitemap, it’s much easier for the crawlers to see the complete structure of your site and retrieve it more efficiently. The plugin supports all kinds of WordPress generated pages as well as custom URLs. Additionally it notifies all major search engines every time you create a post about the new content.
  • Quick Page/Post Redirect - Easily redirect pages/posts or custom post types to another page/post or external URL by specifying the redirect URL and type (301, 302, 307, meta).
  • SEO Redirection - By this plugin you can build 301,302 or 307 redirectios easily for your site, you can also monitor 404 Error Pages and redirect them.
  • WP SEO Structured Data Schema - Comprehensive JSON-LD based Structured Data solution for WordPress for adding schema for organizations, businesses, blog posts, ratings & more.
  • HTML Page Sitemap - Has some value, but not a lot, more for UX - Adds an HTML (Not XML) sitemap of your pages (not posts) by entering the shortcode [html_sitemap], perfect for those who use WordPress as a CMS.


I haven’t really been impressed with any of these plugins as they all seem to SPAMy. I’ve been tossing the GA code in the footer template.


  • Caching
    • (This) W3 Total Cache - Easy Web Performance Optimization (WPO) using caching: browser, page, object, database, minify and content delivery network support.
    • (Or That) WP Supser Cache - A very fast caching engine for WordPress that produces static html files.
  • WP Smush - Reduce image file sizes, improve performance and boost your SEO using the free WPMU DEV WordPress Smush API.
  • Simply Static -


  • WP-CLI - write scripts to maybe automate things.

Social (Many to choose from)

  • Cresta Social Share Counter Free or Pro $10 - Share your posts and pages quickly and easily with Cresta Social Share Count showing the share count.
  • SumoMe - Free tools to grow your Email List, Social Sharing and Analytics
  • NextScripts: Social Networks Auto-Poster (SNAP) - Automatically re-publishes blogposts to Facebook, Twitter, Google+, Pinterest, LinkedIn, Blogger, Tumblr, Delicious, Plurk, etc profiles and/or pages
  • [BuddyPress] - Build your own social media website.


  • Akismet - Used by millions, Akismet is quite possibly the best way in the world to protect your blog from spam. It keeps your site protected even while you sleep. To get started: 1) Click the “Activate” link to the left of this description, 2) Sign up for an Akismet plan to get an API key, and 3) Go to your Akismet configuration page, and save your API key.
  • Really Simple CAPTCHA - Really Simple CAPTCHA is a CAPTCHA module intended to be called from other plugins. It is originally created for my Contact Form 7 plugin.
  • WM Simple Captcha - Captcha image for registration page, customize according to your theme.
  • Anti-spam - Why humans should prove that they are humans by filling captchas? Lets bots prove that they are not bots with adding javascript to their user-agents!
  • WangGuard - The most advanced protection against sploggers and spam users registration, is fully WordPress,WordPress MU ,BuddyPress and bbPress 2.0 compatible

Backup / Export


  • Ad Injection Advanced - Injects any advert (e.g. AdSense) into your WordPress posts or widget area. Restrict who sees the ads by post length, age, referrer or IP. Cache compatible.
  • Ad Injection - Injects any advert (e.g. AdSense) into your WordPress posts or widget area. Restrict who sees the ads by post length, age, referrer or IP. Cache compatible.
  • Advanced Ads- Advanced Ads is a simple ad manager made by a publisher for publishers. Based on my experience delivering millions of ads per month I built this advertising plugin as a powerful, but light weight solution to not only manage and insert banners in WordPress, but to test and optimize them as well.
    • Advanced Ads – Sticky Ads also available


  • Sucuri - The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
  • Wordfence - Secure your website with the Wordfence security plugin for WordPress. Wordfence provides free enterprise-class WordPress security, protecting your website.

Configs / Tips

Scipts / Webmaster

  • Use Google Libraries - Allows your site to use common javascript libraries from Google’s AJAX Libraries CDN, rather than from WordPress’s own copies.
  • Health Check - Checks the health of your WordPress install.
  • Simple Custom CSS (I guess if you need this sort of thing, it’s better then having clients muck up the codebase.) - Add Custom CSS to your WordPress site without any hassles.
  • Exec-PHP - The Exec-PHP plugin executes PHP code in posts, pages and text widgets.


  1. Don’t use Admin role. Change the Admin to subscriber and make sure you have your own Admin role.
    • Only do Admin things with the Admin role, don’t write as an Admin
  2. Create new user accounts for anyone who needs access to your site, never give anyone your credentials
  3. Put people in limited roles after they have done any work required by Admin
  4. Toggle off Anyone can Register and probably should use Disqus
  5. Clean House. Remove plugins and themes that are not in use.
  6. Backup!
    • VaultPress (fee)
    • BackupBuddy (free?)
  7. Setup 2-Factor Authentication (avail by Google or Clef)
    • https://getclef.com/everyone/
      • https://wordpress.org/plugins/wpclef/
  8. Cloudflare for CDN

Design Tips

  • Header:
    • A properly placed logo for brand recognition and an uber-simple navigation is what we are going to focus on if the budget doesn’t allow for more.
  • Footer:
    • Need the company address or contact information, privacy policy, search form, or social links, further if you have a CEO, featured employee, or head chef that you’d like to feature.
    • Jason’s site is one of my favorites. While not WordPress-powered, it has a prime example of a robust footer. http://lrnwp.com/jsm
  • Layout:
    • Full-Width / Single-Column layouts have become more common and prefered
      • http://www.creativebloq.com/web-design/how-create-distraction-free-reading-web-9134550


SEO Checklist

  • [ ] Is your data structured? https://search.google.com/structured-data/testing-tool/u/0/
  • [ ] Homelink should say what you are, not just ‘home’
  • [ ] Write more posts, the more posts the higher ranking
    • offer tips, offer content for each city, maybe offer content for each type service, or type of business you are reaching out to
  • [ ] Turn on Permalinks


Prefered Hosting providers

  • Bluehost for Shared-Hosting
  • WPEngine for higher traffice needs
  • Wordpress.com (limited)
    • Wordpress Network is like having your own Wordpress.com, one DB with many users for many sites accesible from one place.
    • Seems easy enough to config each site via an Admin account

Importing Other Sites

  • https://codex.wordpress.org/Importing_Content


  1. https://developer.wordpress.org/reference/functions/wp_enqueue_script/