How to hide the Jetpack menu for users

To hide the Jetpack menu for subscribers and regular users, it’s enough to add the following code to the active theme functions.php file:

function ap_remove_jetpack_page( ) {
if ( class_exists( 'Jetpack' ) && !current_user_can( 'manage_options' ) ) {
remove_menu_page( 'jetpack' );
}
}
add_action( 'admin_menu', 'ap_remove_jetpack_page', 999 );

Also for this there are several plugins, but those that came across to me are quite old.

Jetpack error solution “Verification secrets not found”

I noticed some error when activating Jetpack:

The Jetpack server encountered the following client error: Verification secrets not found

The reason was found in restricted access over IP through .htaccess to the file wp-login.php, as it turned out that access to this file can not be blocked if Jetpack is used.

That’s why I found lines restricting access and commented them out by putting the # (before each line) symbol (the lines can be in the .htaccess file located in the root directory with WordPress and in the web server configuration files), for example:

#        <files wp-login.php>
#                order allow,deny
#                allow from 127.0.0.1 192.168.2.50
#        </files>

If the lines were in .htaccess, then Jetpack can already be activated, if in the configuration file of the web server, then you still need to restart it to apply the changes.

Also, an error can occur because of conflicting plugins, you can try to turn them off in turn.

Why Contact Form 7 does not work on iOS

Recently, on the WordPress site, I noticed the problem of sending messages via Contact Form 7 from devices with the iOS operating system.
If you used Google reCAPTCHA, when you clicked on the Send button, the page was updated for a very long time and reCAPTCHA reported a wait error, if you disable reCAPTCHA, then the message was sent after 1-2 minutes.

As it turned out, iOS somehow started blocking AJAX, which was used by default when updating the page.

So to solve the problem, I opened the configuration file wp-config.php and just before the line:

define('WP_DEBUG', false);

Added a line:

define ('WPCF7_LOAD_JS', false);

This line prohibits Contact Form 7 from using Javascript.
If you specify this variable at the end of the file, it will not work.

After this, the messages on iOS started to go immediately.

How to remove “Proudly powered by WordPress”

To remove the inscription «Proudly powered by WordPress», which is usually displayed at the bottom of each page, you need to edit the footer.php file of the active theme (for example, if the twentyfifteen theme is active, then /wp-content/themes/twentyfifteen/footer.php).

Namely, clear the content between the following tags:

<div class="site-info">
...clear what's here...
</div><!-- .site-info -->

Also noticed that if you use Jetpack with infinite scrolling, then it adds its footer, to open it you will open the file /wp-content/plugins/jetpack/modules/infinite-scroll/infinity.php and delete the line:

<?php echo $credits; ?>

The AMP plug-in’s footer is here – /wp-content/plugins/amp/templates/footer.php.

After updating the theme or Jetpack may have to repeat.

Done.

How to change a WordPress theme through MySQL

To change the WordPress theme via MySQL, first see what theme is specified at the moment, for this, execute the SQL query via phpMyAdmin or MySQL client:

SELECT * FROM wp_options
WHERE option_name = 'template'
OR option_name = 'stylesheet'
OR option_name = 'current_theme';

Next, see what themes are in the /wp-content/themes/ directory.

For example, to change to the standard Twenty Fifteen theme, let’s execute three SQL queries:

UPDATE wp_options SET option_value = 'twentyfifteen' WHERE option_name = 'template';
UPDATE wp_options SET option_value = 'twentyfifteen' WHERE option_name = 'stylesheet';
UPDATE wp_options SET option_value = 'Twenty Fifteen' WHERE option_name = 'current_theme';

How to disable the WordPress plug-in via MySQL

To disable all WordPress plugins via MySQL, you must:

1) Be sure to make a backup copy of the database.

2) Open the phpMyAdmin or MySQL client from the terminal:

mysql -u USER -p

3) Execute the SQL query (if necessary, specify the correct prefix wp_):

UPDATE wp_options SET option_value = '' WHERE option_name = 'active_plugins';

After that, all plug-ins will be disabled and you can activate them again one by one in the admin panel.

You can also temporarily disable the plugin by renaming the directory with its files, the plugins are in the /wp-content/plugins/ directory.

Installing and Configuring WordPress in Ubuntu

In more detail, I will describe the steps of installing WordPress manually in Ubuntu / Debian.

Install the necessary components:

sudo apt-get update
sudo apt-get install php5-gd libssh2-php apache2 php5 unzip mysql-server mysql-client

Next, you need to create a database, the user and give him full rights to this database, here is an example of how to do this using mysql-client.
Connect to mysql:

mysql -u root -p

Create a database:

CREATE DATABASE database_name;

Create user:

CREATE USER username@localhost IDENTIFIED BY 'password';

We will give him full privileges on the created database:

GRANT ALL PRIVILEGES ON database_name.* TO username@localhost;
FLUSH PRIVILEGES;

Let’s exit mysql:

exit

Let’s move to the home directory of the current Ubuntu user:

cd ~

We type wget and a link to the archive with the latest version of WordPress so that it can be downloaded, for example:

wget https://wordpress.org/latest.tar.gz

Unpack the downloaded archive:

tar xzvf latest.tar.gz

Let’s move to the directory where the archive was unpacked:

cd ~/wordpress

Make a copy of the configuration file:

cp wp-config-sample.php wp-config.php

Open the configuration file in any editor, for example nano (in the editor Ctrl+O and Enter to save the changes, Ctrl+X to exit):

nano wp-config.php

In the configuration file, change the parameters for connecting to the database:

define('DB_NAME', 'database_name');
define('DB_USER', 'username');
define('DB_PASSWORD', 'password');
define('DB_HOST', 'localhost');

Move the WordPress files to the directory where the site files will be stored:

sudo mv ~/wordpress/ /var/www/sitename

Let’s go into it:

cd /var/www/sitename/

Create a directory for user uploads if it does not exist:

mkdir wp-content/uploads

We indicate the group and the owner of the files:

sudo chown -R www-data:www-data *

Create a site configuration file using the nano editor:

sudo nano /etc/apache2/sites-available/sitename.conf

We indicate the contents:

<VirtualHost *:80>
ServerName sitename.com
ServerAlias www.sitename.com
DocumentRoot /var/www/sitename/
<Directory /var/www/sitename/>
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
ErrorLog /var/log/apache2/sitename_error.log
LogLevel warn
CustomLog /var/log/apache2/sitename_access.log combined
</VirtualHost>

Activate the site:

sudo a2ensite sitename

For the changes to take effect, restart the apache2 web server:

sudo /etc/init.d/apache2 reload

The final step is to install WordPress through the browser, by opening the link and following the instructions:
http://sitename.com/wp-admin/install.php

How to Disable Plugin Updates in WordPress

You can disable the update of a particular or all WordPress plug-ins in several ways, I’ll describe several of them:

1) Disable the update of a particular plug-in by changing its version in the code, for example to 99.9, but do not forget to comment out its real version in case you need to update.

2) To disable updates to all plug-ins, add the following line to the wp-config.php configuration file:

define( 'DISALLOW_FILE_MODS', true );

To completely disable all updates:

define( 'AUTOMATIC_UPDATER_DISABLED', true );

3) Also, you can disable all updates by installing a special plug-in, for example Disable All WordPress Updates or Update Control and others.

SQL queries for WordPress

Changing the user password:

UPDATE wp_users SET user_pass = MD5('password') WHERE user_login = 'name';
UPDATE wp_users SET user_pass = MD5('password') WHERE ID=1;

Changing the user login:

UPDATE wp_users SET user_login='name' WHERE user_login='name';

Building a list of email commenters:

SELECT DISTINCT comment_author_email FROM wp_comments;

Disable comments for all posts:

UPDATE wp_posts SET comment_status = 'closed';

Enable comments for all posts:

UPDATE wp_posts SET comment_status = 'open';

Enable comments for all posts for registered users only:

UPDATE wp_posts SET comment_status = 'registered_only';

Delete all spam comments:

DELETE FROM wp_comments WHERE comment_approved = 'spam';

Delete all unapproved comments:

DELETE FROM wp_comments WHERE comment_approved = 0;

Clear URL field values for all comments:

UPDATE wp_comments SET comment_author_url='';

Closing comments in old posts:

UPDATE wp_posts SET comment_status = 'closed'
WHERE post_date < '2014-01-01' AND post_status = 'publish';

Closing of comments in a certain category:

UPDATE wp_posts p
LEFT JOIN wp_term_relationships rel ON ( p.ID = rel.object_id )
LEFT JOIN wp_term_taxonomy tax ON ( tax.term_taxonomy_id = rel.term_taxonomy_id  )
LEFT JOIN wp_terms tm ON ( tm.term_id = tax.term_id )
SET p.comment_status = 'closed' WHERE tm.slug = 'category_name';

Removing comments in the url of the following characters:

DELETE a,b FROM wp_comments a
LEFT JOIN wp_commentmeta b ON ( a.comment_ID = b.comment_id )
WHERE a.comment_author_url LIKE '%characters%';

Bulk editing of the commentor url:

UPDATE wp_comments SET comment_author_url = 'http://new_address'
WHERE comment_author = 'admin' AND comment_author_email = 'admin@example.com';

Another version of the massive change of url commentators:

UPDATE wp_comments
SET comment_author_url = REPLACE( comment_author_url, 'old_address', 'new_address' );

Bulk editing of the commenter name:

UPDATE wp_comments SET comment_author = REPLACE ( comment_author, 'old_name', 'new_name' );

Bulk edit email comment:

UPDATE wp_comments SET comment_author_email = REPLACE ( comment_author_email, 'old@example.com', 'new@example.com' );

Closing pings:

UPDATE wp_posts p SET p.ping_status = 'closed';

Opening pings:

UPDATE wp_posts p SET p.ping_status = 'open';

Delete all comments from pings:

DELETE FROM wp_comments WHERE comment_type = 'pingback';

Changing a specific website address or any expression in all posts to another:

UPDATE wp_posts
SET post_content = REPLACE (post_content, 'http://OLD', 'http://NEW');

Mass change of the author of records:

UPDATE wp_posts SET post_author=1 WHERE post_author=2;
UPDATE wp_posts SET post_author=1 WHERE post_author=16 AND post_modified<'2014-11-17 00:00:00';

Deleting record revisions:

DELETE a,b,c FROM wp_posts a
LEFT JOIN wp_term_relationships b ON (a.ID = b.object_id)
LEFT JOIN wp_postmeta c ON (a.ID = c.post_id)
WHERE a.post_type = 'revision';

Clearing the feed cache:

DELETE FROM `wp_options`
WHERE `option_name` LIKE ('_transient%_feed_%');

See also:
How to disable the WordPress plug-in via MySQL

How to configure SSL and HTTPS for WordPress

I recently set up SSL certificates on several WordPress sites.

The sites were hosted on a dedicated server under the control of Ubuntu, on this first thing I created a directory for certificates and switched to it:

sudo mkdir /etc/apache2/ssl
cd /etc/apache2/ssl

Enable the SSL module for Apache2 if it is not enabled:

sudo a2enmod ssl

Then I generated the certificate:

sudo openssl req -nodes -newkey rsa:2048 -keyout /etc/apache2/ssl/example.com.key -out /etc/apache2/ssl/example.com.csr

In the process of generation, several questions had to be answered:
Country Name (2 letter code) [AU]: UA (code of the country)
State or Province Name (full name) [Some-State]: Sumy
Locality Name (eg, city) []: Romny
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Private person
Organizational Unit Name (eg, section) []: (empty or the name of the department)
Common Name (e.g. server FQDN or YOUR name) []: example.com (domain name, without http and https)
Email Address []: admin@example.com

You can also sign the generated certificate (this is the contents of example.com.csr) from some kind of domain registrar.
The procedure is cheap and after it is connected will not display a message that the certificate is not signed.

Since there are several sites, the configuration files for each of them are located in the directory /etc/apache2/sites-enabled/.
I’ll choose one of them and at the very end after the standard directive:

<VirtualHost *:80> ...</VirtualHost>

we will add one more, but with 443 port and we will specify ways to certificates:

<VirtualHost *:443>
ServerAdmin admin@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/
        <Directory />
                Options -Indexes
                AllowOverride All
        </Directory>
        <Directory /var/www/example.com/>
                Options -Indexes
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/example_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/example_com.key
SSLCertificateChainFile /etc/apache2/ssl/example_com.ca-bundle
ErrorLog /var/log/apache2/example_error-ssl.log
LogLevel warn
CustomLog /var/log/apache2/example_access-ssl.log combined
</VirtualHost>

After the changes, check the configuration and restart apache2:

sudo apachectl configtest 
sudo service apache2 restart

To be able to log in to WordPress and admin on HTTPS only in wp-config.php, uncomment the following parameters:

define('FORCE_SSL_LOGIN', true);
define('FORCE_SSL_ADMIN', true);

You can also change the address of the site from http:// to https:// in the admin panel, in the “Settings” – “General”.
In robots.txt we will specify the site address with https, for example:

Host: https://ixnfo.com

Also in sitemap.xml there should be links with https.
In search engines need to apply for re-indexing the site map, in Yandex.Webmaster submit an application to the “Move the site” by ticking the “Add HTTPS”.
In Google Search Console, you need to add the same site with https, it will be indexed separately from http.

Done, now the site can be opened by https.

See also my article – Redirecting requests to SSL