Category Archives: Wordpress

Wordpress

What is an Autoblog in WordPress?

Leave a comment

Autoblog or an automated blog is a website that automatically pulls content from other websites using RSS feeds.

Mainly the term is associated with content-scrapers and spam blogs. However, there are many perfectly good and profitable usage scenarios for autoblogging tools.

For example, an autoblog can be used to create a curated website that gathers news on specific topics and then presents them under one roof. An autoblog can also be used on company intranets and private websites.

Having said that, let’s take a look at how to create an autoblog in WordPress.

Creating an Autoblog in WordPress

First thing you need to do is install and activate WP RSS Aggregator plugin. For more details, see our step by step guide on how to install a WordPress plugin.

The basic plugin is free, but for this tutorial you will need paid addons in the Advanced Feeds Bundle.

The pricing starts from $139 for a single site license with one year of support and updates.

Once you have installed and activated all the addons, simply visit RSS Aggregator » Add New to add a new feed source.

Adding a feed source

First you need to provide this feed source a title, and then provide the RSS feed URL.

Next you need to scroll down a little to the ‘Feed to Post’ section. Here you need to select a post type for imported feed items.

Feed to post

By default, the plugin will import posts as draft. If you want, then you can change that to published.

Don’t forget to check the box next to ‘Force full content’ option. Using this option, will allow WP RSS Aggregator to fetch full text of posts.

Next, you need to set up ‘Feed to post – images’ section. This is where you set up how your autoblog will handle images.

Feed to post images

It can automatically import images from feed sources and store them in your WordPress media library. It can also fetch the first image in the content and use it as featured image. You need to set up these options to match your own needs.

The add new feed source page has many other options. You can review them and adjust them to meet your own needs.

You can use keyword filtering to import or exclude content matching certain keywords or tags. You can also add custom content before or after the source article.

Click on the Publish Feed button when you are done.

You can now visit your posts section, and you will see feed items imported into your WordPress site.

Repeat the process to add more feed sources if you need. You can check the status of your feeds by visiting RSS Aggregator » Feed Sources.

Autoblog feeds

Quickly Adding Multiple Feed Sources For Your Autoblog

Adding each feed source, and configuring them one by one can be a tedious task. Here is how you can quickly add multiple feeds at once using the same settings.

Go to RSS Aggregator » Settings and click on Feed to Post tab. Here you can configure the default settings for the feed to post addon.

These settings will be applied to all the feed sources that you add in the next step.

Feed to post settings

Next, you need to visit RSS Aggregator » Import & Export. Under the import box, you need to add name and url of your feed sources.

Separate name and feed URL with a comma and a space. Add one feed source per line.

Bulk importing content from multiple feeds

After that click on bulk import button to quickly add all the feed sources to your WordPress autoblog.

That’s all, we hope this article helped you create an Autoblog in WordPress.

Editor’s Note: Word of Warning

If you’re creating an autoblog that’s public, please do not scrape full content or images because you will be subject to copyright infringement.

The best use of an autoblog is either when it’s used inside a company intranet. If you’re creating a curated news site, then pull in summaries and link to original source for full article.

If you liked this article, then please subscribe to our YouTube Channel for

Wordpress

Make sure WordPress it’s patched to last version as ISIS it’s targeting un-patched installation

Leave a comment

Anyone running a WordPress installation needs to be mindful of security, whether they are in charge of a corporate blog or simply running a pet project from home.

The content management system, which powers around 20% of all the sites on the internet, is itself fairly robust, offering regular security patches and software updates to plug newly discovered vulnerabilities.

But users themselves are often slow to react, failing to install updates as they become available, if at all.

By the time you factor in the plethora of available plugins – developed by third parties to add additional functionality to the basic WordPress platform – there are many potential points of failure for an attacker to target.

In fact, back in 2013, we reported how over 73% of all WordPress installations were susceptible to attack, simply because they were running with known vulnerabilities that any hacker with a modicum of knowledge could detect via automated web tools.

Add in the fact that many WordPress owners have palmed administration duties off to third parties – who may not prioritise their best interests as they would if it were their own site – and you have a situation in which site visitors, potential business partners and/or customers are placed at risk.

And there is a cost associated with that – a hacked site needs to be fixed so disruption is inevitable. Not only that but the potential loss of business could be huge and the reputational damage of a breach could be a stigma impossible to ever fully repair.

That’s why we at Naked Security are reiterating a public service announcementreleased by the Federal Bureau of Investigation (FBI) yesterday.

The bureau notes how hackers affiliated with the Islamic State in the Levant (ISIL) – also known as the Islamic State of Iraq and al-Shams (ISIS) – have begun defacing WordPress-based sites:

The defacements have affected Web site operations and the communication platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Web sites.

The notice is short on technical details, failing to name any particular vulnerability, but pointing out how security holes can, and do, lead to a range of issues for both the site owner and its visitors:

Successful exploitation of the vulnerabilities could result in an attacker gaining unauthorized access, bypassing security restrictions, injecting scripts, and stealing cookies from computer systems or network servers. An attacker could install malicious software; manipulate data; or create new accounts with full user privileges for future Web site exploitation.

The FBI announcement stresses that the attackers behind such defacements are not likely to be ISIL terrorists, and are using largely unsophisticated techniques, but that doesn’t mean you shouldn’t take the threat any less seriously – after all, if an attacker can deface your site, there is every chance they could gain full access and embed malware which could then pose a threat to your valued visitors.

And if you think such defacements are only targeting large companies or organisations opposed to ISIL’s aims, think again.

The FBI notes how the attacks its seen so far are not following any type of pattern based upon the website’s name or type of business operation.

Instead, the only link between defaced sites appears to be the sharing of the same common plugin vulnerabilities, all of which are easily exploited with readily available hacking tools.

While we would like to think that you already have a fully updated core installation, running alongside a set of plugins that have all been fully patched and reviewed for any potential security issues, we are also realistic enough to know that not everyone has been so informed or efficient in protecting the integrity of their sites.

So, if you have the responsibility of running a WordPress site, take heed.

As we reported in 2013, there are a number of other ways you can keep your WordPress site secure:

  • Always run the very latest versions of your themes
  • Be conservative in your selection of plugins and themes
  • Delete the admin user and remove unused plugins, themes and users
  • Make sure every user has their own strong password
  • Enable two factor authentication for all your users
  • Force both logins and admin access to use HTTPS
  • Generate complex secret keys for your wp-config.php file
  • Consider hosting with a dedicated WordPress hosting company
  • Put a Web Application Firewall in front of your website
Database, Wordpress

Display mysql table data in a wp page

Leave a comment

My aim was to display data from a mysql table onto a wordpress page. I could do it using wpdb class as mentioned in the codex.But i didn’t know the file where i should write this php code that contains wpdb class functions to retrieve data from mysql table.

Hence i installed Exec-PHP plugin.(The Exec-PHP plugin executes PHP code in posts, pages and text widgets)

Now you are free to write your php code in the page editor and get the retrieved data on your page.

Steps to retrive data and display it on a wordpress page:
Create a table in mysql database(assumed that you create a table in the wordpress database itself.) In my case database_name: test, table_name:it_testtable contains 2 columns: id(number(3)) and name(varchar).
In wordpress, create a page and in the visual editor write the code(make sure you read the documentation of Exec-PHP plugin and do the required configuration mentioned,you will have to ‘disable the visual editor while writing’ option under Users section):

Here is the code to retrieve data from it_testtable and display it on this page.(wpdb class is used for wordpress database,hence you need not mention the connection parameters as wpdb already has it configured to the ‘test’ database with the username and password):

<?php

global $wpdb;
/* wpdb class should not be called directly.global $wpdb variable is an instantiation of the class already set up to talk to the WordPress database */

$result = $wpdb->get_results( “SELECT * FROM it_testtable “); /*mulitple row results can be pulled from the database with get_results function and outputs an object which is stored in $result */

//echo “<pre>”; print_r($result); echo “</pre>”;
/* If you require you may print and view the contents of $result object */

echo “ID”.” “.”Name”.”<br><br>”;
foreach($result as $row)
{

echo $row->id.” “.$row->name.”<br>”;

}
/* Print the contents of $result looping through each row returned in the result */

?>