You can download the plug-in here.

Step 1: Getting the plug-in ready

Create a folder and name it bs_twitter. In that folder, create a PHP file and name it the same as the folder i.e. bs_twitter. Also, in the bs_twitter folder create a folder and name it cache. This will be the main plug-in file. Now, include the SimplePie class and add the activation/deactivation hooks for the plug-in.

register_activation_hook(__FILE__, 'bs_twitter_activate');
register_deactivation_hook(__FILE__, 'bs_twitter_deactivate');
if ( file_exists(ABSPATH . WPINC . '/class-feed.php') ) {
	@require_once (ABSPATH . WPINC . '/class-feed.php');
}
function bs_twitter_activate () {
}
function bs_twitter_deactivate () {
}

Step 2: Have the widget code prepared

Starting from WordPress 2.8, creating a widget has become easier with the widget API. This code needs to be pasted to the widgets.php file:

• BS_Twitter is both the name of the class, as well as the name of the first function (the constructor). The constructor contains the code needed to setup the widget – it’s called Twitter Posts.

• form() generates the form that you see in the widget management page in WordPress.

• update() updates the options you enter in the form when the widget configuration is saved.

• widget() displays the actual output of the widget in the main site.

• The last part of the code hooks into WordPress’ widget initialization and instructs it to register your widget

class BS_Twitter extends WP_Widget {
	function BS_Twitter() {
		$widget_ops = array( 'classname' => 'twitter_widget', 'description' => 'Show your latest Tweets' );
				$this->WP_Widget( 'twitter_widget', 'Twitter Posts', $widget_ops);
	}
	function form($instance) {
	}
	function update($new_instance, $old_instance) {
	}
	function widget($args, $instance) {
	}
}
add_action( 'widgets_init', 'bs_load_widgets' );
function bs_load_widgets() {
	register_widget('BS_Twitter');
}

Step 3: Creating the form

First thing that needs to be done even before you create the form for a widget, you must determine the type of inputs you need. For this specific widget, 3 inputs are needed: title for the widget, Twitter username, and number of tweets to be displayed. If you look at the basic code above, in the form() function you will find a parameter $instance. This basically contains the current values for all inputs in the form (for example, when you save the form with certain values). Therefore, it is needed to pull out the current values of the widgdet and populate the widget input fields with them.

$instance = wp_parse_args( (array) $instance, array('title' => 'Twitter', 'number' => 5, 'twitter_username' => 'abuzz') );
$title = esc_attr($instance['title']);
$twitter_username = $instance['twitter_username'];
$number = absint($instance['number']);
?>
<p>
<label for="<?php echo $this->get_field_id('title'); ?>"> Title: </label>
<input id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" />
</p>
<p>
<label for="<?php echo $this->get_field_id('twitter_username'); ?>"> Twitter username: </label>
<input id="<?php echo $this->get_field_id('twitter_username'); ?>" name="<?php echo $this->get_field_name('twitter_username'); ?>" type="text" value="<?php echo $twitter_username; ?>" />
</p>
<p>
<label for="<?php echo $this->get_field_id('number'); ?>"> Number of twits: </label>
<input id="<?php echo $this->get_field_id('number'); ?>" name="<?php echo $this->get_field_name('number'); ?>" type="text" value="<?php echo $number; ?>" />
</p>
<?php

Maybe this seems as heavy code, but it actually is very simple. It creates a HTML form containing several changes. Instead of using id’s and name’s, you have to use get_field_id(). This needs to be done because if there are multiple instances of a widget and only one single ID, there will be errors. WordPress takes care of it for you if you use the said function. The other thing is that the value of the input fields is generated using PHP.

Step 4: Making Sure Your Form is Saved

To make sure your form updates, you need to configure your update() function. This is very simple. By default, WordPress gives 2 parameters – the old instance, and the new instance. We basically don’t really need the old instance because the old instance is only used if there are values that you may not want to change. Paste in this code into the update() function:

$instance=$old_instance;
$instance['title'] = strip_tags($new_instance['title']);
$instance['twitter_username']=$new_instance['twitter_username'];
$instance['number']=$new_instance['number'];
return $instance;

Step 5: Output the Widget HTML

This is the final step, and it makes sure you widget displays HTML on the front end. Now that we have the user inputs set up, we can just use the inputs to communicate with the Twitter API and display tweets. The first step in the widget() function is to get the values of the user inputs. Copy and paste this code:

extract($args);
$title = apply_filters('widget_title', $instance['title']);
if ( empty($title) ) $title = false;
$twitter_username = $instance['twitter_username'];
$number = absint( $instance['number'] );
if ( empty($twitter_username) ) return;

Once this is done, paste this code:

if($title){
echo $before_title;
echo $title;
echo $after_title;
}
echo $before_widget;
if (class_exists('SimplePie')) {
$feed = new SimplePie();
$feed->set_feed_url('http://www.twitter.com/statuses/user_timeline/'.$twitter_username.'.rss');
$feed->set_cache_location(ABSPATH.'wp-content/plugins/bs_twitter/cache');
$feed->enable_cache(true); //disable caching
$feed->set_cache_duration(1800); //The number of seconds to cache for. 60 is 1 minute, 600 is 10 minutes, 900 is 15 minutes, 1800 is 30 minutes.
$feed->set_timeout(50);
$success = $feed->init();
$feed->handle_content_type();
if ($success):
echo "<ul>";
foreach ($feed->get_items(0, $number) as $item):
if ($item) {
?>
<li>
<a href="<?php echo $item->get_permalink(); ?>">
<?php echo $item->get_title() ?>
</a>
</li>
<?php
} // end if there is an item
endforeach;
echo "</ul>";
endif; //success
}
echo $after_widget;

This is a great plug-in for those who have high-traffic websites. This tutorial makes it easier to create customized Twitter widget. Options can be added and change to suite your needs.

This is just the first tutorial of the series that is coming up in the next period. We will explain how to customize this widget and adding more features such as adding the user avatar, discovering hyperlinks and hashtags and much more.

© bojan for Blog Design Studio, 2012. | Permalink

Tools to keep yourself safe from malicious websites

1. Internet security softwares – There are some amazing internet security software both paid & free that are doing a fantastic job in keeping the users safe. I personally use Comodo’s free internet security software – even though it’s free – it’s got much more features and has better detection rate than even most popular paid internet security softwares! It’s got antivirus, antimalware, firewall, sandbox technology and what not, I recommend it to everyone.

2. Secure DNS solutions – OpenDNS, Comodo’s secure DNS are some of those services that deserve all the respect in the world! By just making small changes in your internet connection’s DNS settings, you can do tons of good to yourself! These services have a database of malicious and phishing websites and will automatically block them even if you happen to click on a dangerous link. I prefer Comodo’s secure DNS.

3. Web of Trust – Web of Trust is another such service that alerts you about the site’s reputation and the dangers associated with it. Facebook partnered with them, to alert it’s users for bad & dangerous links after it was raided by “social anti-social elements”. They have a plugin for major browsers which alerts users for bad links. It’s a must have for everyone!

4. McAfee SiteAdvisor – I’d be honest, I used to love Siteadvisor like anything, I still love it as it saves me from going to unreliable links and even shows the website’s reputation in search engine and thus allowing me to avoid possibly dangerous websites (It’s very much similar to Web Of Trust). However, now McAfee also install it’s toolbar and changes the search engine – that’s something it didn’t do earlier and I loved that way. Anyway, you can disable those things – so it still has my respect. It integrates well with major browsers and can be a great savior as you can see that which link can be dangerous even before you click it.

5. Sandboxie – Even though Comodo offers sandbox technology, I prefer to use Sandboxie. It’s a free tool that runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. Check out the Sandboxie’s website to know more about this fantastic concept! Again, it’s a must have!

These tools keep my pretty much safe from most of the threats and I’m thankful to the wonderful developers who’ve made them.

Be a responsible blogger and secure your WordPress now!

As a user, I was safe however as a webmaster, the incident got me thinking that how blogs and websites can also be targeted by malware & virus makers, not that they haven’t done in the past, however – this is where I see it growing even more and a much faster rate! There is a flurry of automated comment submitting softwares in the market, any malware maker can host the malware on a website and then submit the comments with that malicious link on thousands of blogs in a matter of minutes and an ignorant blogger/webmaster can approve the comment which may result in the following -

• Infect website/blog readers’ computers.
• Reduce site’s ranking in Google – Google doesn’t like site that promote malware!
• Bad reputation of website amongst visitors.

These are some points that no blogger would like to see happening to them. I certainly wouldn’t want this happening to me either. So, I decided to find a tool that would alert me of a malicious link before I approve any comment or which scans the links in the comments & posts and gives a report so that I can take corrective measures against those links. Unfortunately, I couldn’t find one!

Then it hit me that why are security companies not making such a tool? Tools like Web of Trust, Siteadvisor, OpenDNS, Comodo’s secure DNS depend a lot on community’s feedback, they certainly are useful and keep people safe, however it takes some time before the community gets to know of a newly created malicious website, what if you visit those sites before they are marked as unsafe? Wouldn’t it be cool if the security companies made a tool, that integrates with famous content management systems like WordPress & Drupal and shows the reputation of outgoing links to the visitor before hand? Not only this will be a win-win situation for bloggers, webmasters & readers; it’ll be a win-win situation for the antivirus company as well -

• Tons of free data about links. This will only strengthen their commercial offerings! They can directly block dangerous links for their software users.
• Free marketing – If not for the data, they can at least get the free marketing about their company! If they’ll show reputation of the link then they can always show the following message below it – “Link’s safety checked by XYZ Security Tool“. As a webmaster, I wouldn’t mind such a message, as it’ll strengthen my reputation amongst my readers that I care for them!

I’d given up looking for the tool and had started hoping that some security company will come up with such a tool that’ll show me link security report and will also show the reputation of out going links to my readers. And well, then I came across BitDefender’s Antispam! It’s almost the tool that I was expecting and that too from a popular and reputed security company!

Why Bitdefender Antispam when I’ve got Akismet?

That’s the first question that came in mind when I read the plugin’s name, however I was super happy to find out that it’s almost doing the same thing that I was thinking about, it’s just that it doesn’t take the advantage of free marketing & doesn’t scan the links in the posts. Bitdefender has made this essentially an anti-spam plugin, however I think it’ll gain the edge over Akismet as it will also check if the links are malicious or are phishing sites. The plugin is in beta and doesn’t appeal in terms of usability at all, however I’m still running it for few weeks to see how well it performs in terms of detecting the spam! Of course, I’ll be sharing my experience in the next blog post. Installation instructions for Bitdefender Antispam. Will I suggest the plugin now? Like other security tools that I’ve recommended, I won’t recommend this for now – it certainly needs a face-lift! However, I’m sure by the time it’ll be out of Beta, it should be one of your anti-spam solutions.

Secure WordPress to avoid stupid hacks & avoid becoming owner of a malicious website!

There have been lot of posts written about as to how one can secure WordPress, I’ve covered this topic as much as I could. The guides that we’ve included will not be the ultimate solution for making the site un-hackable, however by following them you’ll save yourself from automated attacks and newbie hackers who try and hack websites for fun. Please follow these links to make your WordPress secure -

• WordPress Security for free
• Hardening WordPress
• WordPress Security Whitepaper
• “Security check” series on Blog Design Studio.

I hope that other security companies take inspiration from Bitdefender and well my marketing tip and come up with such powerful tools for webmasters. This way together we’ll be able to make internet a bit safe! After all, we’ll be able to block them at source itself! And I hope that if you’ve not taken steps to secure your WordPress installation, then you would do them right after you share this post on social networks ;)

© mayank for Blog Design Studio, 2011. | Permalink

Automattic team has yet again proven that why they are such a brilliant and innovative company! This time around they’ve come up JetPack, an innovative idea for a plugin that presents their hosted add-on services of WordPress.com to millions of self-hosted WordPress (wordpress.org) installs across the web.

To put it up simply, its a plugin that bridges the gap between the features offered exclusively to WordPress.com users and self-hosted WordPress installs. Here’s what Scott Berkun himself said in his announcement post -

WordPress.com has grown into one of the most amazing cloud architectures in the world. This has enabled blogs hosted here to have features unavailable on self-hosted WordPress installs. This makes us sad, since here at WordPress.com we want every WordPress install everywhere to be amazing.

Once you install JetPack on your self-hosted WordPress install, you’ll get these additional features on your own WordPress-

• Gravatar Hovercards – A Gravatar is your profile on the web, and the Hovercard is one way your information is made visible to others. It’s an easy way to help people find your blog, or access your identity on other services like twitter, facebook, or linkedin
• WordPress.com Stats – All blogs on WordPress.com get our Stats as a free feature. Every time a visitor views a URL on your blog, the visitor’s web browser loads a small smiley-face image from our stats system. The action is logged and the logs are summarized every few minutes to update the statistics, graphs, charts, and lists
• Twitter Widget – Twitter widget allows you to display Twitter feed in your blog’s sidebar or where ever widgets are supported in the theme
• Shortcodes – Shortcodes allow you to easily and safely embed media from other places in your site. With just one simple code, you can tell WordPress to embed YouTube, Flickr, and other media. Enter a shortcode directly into the Post/Page editor to embed media. For specific instructions follow the links below.Available shortcodes are: archives, audio, blip.tv, dailymotion, digg, flickr, googlevideo, scribd, slide, slideshare, soundcloud, vimeo, youtube, and polldaddy
• Shortlinks - You may already be using one of the popular URL shorteners, such as bit.ly or TinyURL, to publish links on Twitter or other services. WordPress.com has its own URL shortening feature, wp.me, so that you can quickly and easily get shortened links to your blog posts and pages and share them to the world
• Sharing – At the bottom of each post and page you can now include sharing buttons for your readers to share your content across a range of social networks/services.
• Latex – WordPress.com supports Latex, a typesetting system that’s really good at formatting mathematical formulas and equation and finally ….
• Proofreading – WordPress can check your spelling, grammar, and style using After the Deadline Proofreading technology.

At the time of the launch, above mentioned features are available and more features will be added in future. Well, these features are completely free although we can assume that it will also help Automattic to promote their freemium services like VideoPress, PollDaddy, Akismet and since it can be a single bridge between WordPress.com & millions of self hosted WordPress installs across the web, it has the power to become a very powerful & big platform only if Automattic decides to make WordPress.com anything like Facebook by combing all of its services listed on its homepage. Well, I would like to surely explain that in my next post . For now, I would insist that you should install it as soon as possible as this is one hell of plugin!

© mayank for Blog Design Studio, 2011. | Permalink

WordPress For Windows

Microsoft has always been criticized for not adhering to Open standards and not being active in Open-source community. However, it looks like Microsoft has tried a fair bit of things to ensure that their products work well with popular web applications. I personally believe that Microsoft’s web servers aren’t good enough for PHP/MySQL driven websites and moreover, the security concern is one of the biggest factors to avoid Microsoft Windows. When Linux servers aren’t safe then no doubt, it’ll be a bigger pain to manage Windows Servers for security.

Security is another topic, coming back to the point of Microsoft & WordPress, I was a bit surprised to see how Microsoft has bundled WordPress in Web Platform Installer along with various other popular web applications like Drupal, Joomla etc. Check out the list of application in the gallery. Although, I was happy to see that Microsoft has made this move, this should give confidence to those who find working with Linux web servers and web applications a bit difficult.

Microsoft & WordPress technologies shake hands!

1. WordPress on SQL Server : With the help of IIS 7, SQL Server Express and WordPress on SQL Server distribution, its possible to run WordPress easily on Windows Vista, Windows 7 etc. It’s not the simplest way to install it, however this great guide by Zach Skyles Ownes should take you home.

2. SilverLight Gallery Plugin – Microsoft has been trying hard to make SilverLight popular among developers and end users. This plugin can surely help them achieve this goal. If this plugin gets adopted by bloggers, then the end users will have to install SilverLight in order to ensure that they can view the image gallery on their browsers.

3. SilverLight Bing Maps – This plugin integrates SilverLight & Bing Maps with WordPress. This plugin lets bloggers to put their location with interactive maps like Google Maps on their blog.

4. Windows Azure Storage for WordPress – This plugin lets WordPress users to store their media files and static files on Windows Azure platform whose more popular alternatives are Amazon Web Services or Rackspace Cloud Files.

Why is Microsoft doing this?

The first question that comes in mind that why is Microsoft trying to make its technologies work with WordPress, Drupal or other PHP/MySQL driven web applications. Well, Zach has already answered this question -

I’m a PHP-bred Technical Evangelist at Microsoft, and I love the fact that PHP now runs great on Windows, SQL Server, Windows Azure and SQL Azure.  It’s exciting to see how Microsoft technology can light up WordPress, whether it’s through Silverlight image gallery plugins, Bing Maps integration or future opportunities with technologies like our information service, Dallas.

Business sense says that Microsoft is using these popular web applications to make its existing or new technologies popular amongst end users, bloggers and developers. However, the interesting part will be to see that how many bloggers & developers [the ones not sold to Microsoft's technology] will be keen in adopting these? I personally welcome this move by Microsoft, although practically I doubt that I would use any of these technologies as I’m already comfortable with the setup that I currently have. What do you think about this move from Microsoft?

© mayank for Blog Design Studio, 2010. | Permalink

From last couple of weeks, I’ve been trying to ensure that how WordPress can be secured enough to avoid any kind of malware attack. In the course, I found lot of new information about securing web applications and realized that how small and little settings can make and break things. While my struggle to know more about security was going on, I came across the launch post of VaultPress, a blog backup and protection service from Automattic.

Please note that the service has been announced in beta and is available for only few users. One can apply for the invite over here. It’ll be a premium service and while signing up you can also mention that how much are you comfortable in paying for this kind of a service. If I were to decide the price, I would keep it around $10/month. I’ve not tested the service myself, however we could gather all the information about VaultPress from the coverage it has received from the biggies like TechCrunch, ReadWriteWeb, Silicon Alley Insider, VaultPress blog and finally my favorite WordPress Tavern.

Features of VaultPress

1. Focused on WordPress.org users – WordPress.com is one of the most powerful and secure blog services around. However, same can’t be said for the users who use self hosted WordPress version on their own servers. There have been many horror stories in the past where many self hosted WordPress installs got infected from malware and much hoopla was created. VaultPress has been designed to work with self hosted WordPress to ensure that they can also get the quality backup and security service to avoid any mishap.

2. Real Time & Complete Backups – VaultPress is an all-in-one backup package. It will backup posts, categories, tags and rest of the data along with themes, files etc. Jeff @ WordPress Tavern reckons that VaultPress will face stiff competition from Backupify, BackupBuddy and other backup plugins. According to Matt, founder of WordPress, VaultPress will be able to make the backup instantly as soon as one would publish the changes on the blog or website.

3. Safeguards against Zero-Day Attacks – This is one feature that I would be most interested in as this is one feature that no one else is offering. VaultPress will be able to safeguard your blog against the Zero-Day Attacks focused towards WordPress. It will also monitor your site to alert you against any suspicious or hacking activity.

Well, keeping these features in mind. We can install few plugins that can help us achieve similar level of protection and that too free of cost. We just need to ensure that we configure the plugins in the right manner. Here’s the guide …

Get VaultPress Security Features Before Hand!

1. Automatic WordPress Backup – This little plugin saves all the important files including themes, plugins and database on Amazon S3. The plugin allows you to schedule the backup of the database or just files or if you want you can ask for the complete backup as well. The plugin will send you the confirmation messages over the email, so you will constantly be aware of the happenings. Amazon S3 can be used as a backup service for your blog’s important files and believe me in most of the cases this will not cost you more than $5/month. Only in case of large publishers this cost can be more than $15/month i.e. the indicative price of VaultPress. By the way, Amazon S3 can help you in improving the site load time as well, don’t forget to check our guide on how to optimize the WordPress blogs.

2. WordPress Firewall – This nifty plugin monitors changes in the files, attacks based on various Zero-day patterns. Of course, this is not the ultimate solution however, our experience has been pretty neat with this plugin. It did alert me whenever I tried to make any change in the theme files or plugin files. It didn’t allow the change until and unless I approved the change. Make sure that if you are planning to install this, then you may get lot of notifications. So keep the settings appropriate or use GMail filters for ease!

3. OSSEC – OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Of course, this is something which will not be as easy as installing WordPress plugins, however investing a little time on this can ensure that you’ll have real peace of mind in future!! There is enough documentation available for avoiding initial hiccups!

Of course, the first two plugins won’t ensure that you are getting instant and real time backups. However, a regular and weekly backup will ensure that you’ll be able to bring your blog back from a situation where nothing will look nice in the world. I hope you understand the point that i’m trying to make here! If you install OSSEC then I’m sure one could easily compare this setup with something that VaultPress will offer in future!

Isn’t it neat that you can enjoy the VaultPress like features even before you can get a hand on it or if VaultPress looks out of budget!

The success of VaultPress will depend on the following factors; 1) what will be the cost involved for end users and 2) how effective its monitoring system will be. I’m sure the takers of this service will be much more than any other similar service as it directly comes out from the makers of WordPress. However, personally I’ll be willing to test other services if they offer similar features at a competitive price. What are your initial thoughts on VaultPress.

© mayank for Blog Design Studio, 2010. | Permalink

[Image Credit - Hongkiat ]

Some of the most successful blogs that we see on Technorati Top 100 blogs are multi-authored blogs and most of them are powered by WordPress. Most of you can imagine that if running a successful single author blog can be a daunting task then how difficult it will be to manage a blog that has multiple authors. Be it advertising, blog metrics or logging activity there are various factors that a webmaster has to look into and with help of these plugins, it’ll only become easier -

Must Install Plugins for Multi-Author Blogs

1. Author Advertising Plugin – This plugin allows blog admins to create a revenue sharing program utilising one of the many advertising programs out there i.e Yahoo, Google Adsense, Amazon, Allposters etc. It can also be used as a banner manager, author photo/website widgets etc.

2. Members – Members is a plugin that extends your control over your blog. It’s a user, role, and content management plugin that was created to make WordPress a more powerful CMS. The plugin is created with a components-based system — you only have to use the features you want. The foundation of the plugin is its extensive role and capability management system. This is the backbone of all the current features and planned future features.

3. Blog Metrics – This plugin displays number of posts per month, average number of words per post and various other metrics in the dashboard. The reports are generated of overall blog statistics and is extremely useful in multi-author blogs as the reports are generated for individual authors as well.

4. Co-Authors Plus -Allows multiple authors to be assigned to a Post or Page via the search-as-you-type inputs. Co-authored posts appear on a co-author’s posts page and feed. New template tags allow listing of co-authors. Editors and Administrators may assign co-authors to a post. Additionally, co-authors may edit the posts they are associated with, and co-authors who are contributors may only edit posts if they have not been published (as is usual).

5. Author Exposed – Author Exposed is a simple WordPress plugin that allows your visitors easy and elegant way to see more details about the post author. This plugin pulls the author’s details from the profile and is linked to a hidden layer (div). By clicking on the author link the layer pop’s up with author info gathered from the profile page, plus gravatar photo, if author email is assigned with one.

6. Quick Notes On WP Dashboard – If you blog with multiple persons, you can leave a message for the others. In the plugin file, you can determine, what capabilities a user must have to read the notes, and what capabilities he must have to write/modify them. By default, Authors and higher can write, and every registered user can read. Great Add-on for true collaboration.

7. BuddyPress – BuddyPress makes the whole WordPress as a social networking site. It literally adds Facebook like features in a WordPress install. It’s a great plugin for a blog with multiple authors.

8. WordPress to Syslog – WPsyslog2 is a global log plugin for WordPress. It keeps track of all system events and log them to syslog. It tracks events such as new posts, new profiles, new users, failed logins, logins, logouts, etc. It also tracks the latest vulnerabilities and alerts if any of them are triggered, becoming very useful when integrated with a log analysis tool, like OSSEC HIDS.

9. Future Calendar – It adds a simple month-by-month calendar that shows all the months you have future posts for (and the current month no matter what), it highlights the days you have posts for, and as an added bonus if you click a day the Post Timestamp boxes change to that day, month and year (although it doesn’t check the edit timestamp box to avoid accidental changes).

10. User Photo – Allows a user to associate a profile photo with their account through their “Your Profile” page. Admins may add a user profile photo by accessing the “Edit User” page. Uploaded images are resized to fit the dimensions specified on the options page; a thumbnail image correspondingly is also generated. User photos may be displayed within a post or a comment to help identify the author.

11. Post by Author – This plugin will show the last X posts by the current author either at the bottom of every post, or where you manually specify in each post. Using the built-in options page, you can choose the number of posts to show, set the header text, choose to show the post dates, select the format of the date, and choose whether or not to include the current post in the list.

© mayank for Blog Design Studio, 2010. | Permalink

I am sure, I don’t need to explain anything about Spam over here. Blog spam is nothing new and there have been already many articles written about it. However, I still get questions like “What is the best strategy to avoid spam comments?” Just to kick start things, I would like to mention the definition that has been given in everybody’s favorite website i.e. WikiPedia -

Spam in blogs (also called simply blog spam or comment spam) is a form of spamdexing. It is done by automatically posting random comments or promoting commercial services to blogs, wikis, guestbooks, or other publicly accessible online discussion boards. Any web application that accepts and displays hyperlinks submitted by visitors may be a target.

How to fight comment spam

There are various plugins although in my four years of experience as professional blogger, I’ve come across only handful of plugins that have done wonderful job for me. They have been shared by lots of experienced bloggers over and over again and here I am, who would like to share it with you one more time!

1. Akismet – This wonderful service from Automattic has been consistently helping thousands of bloggers in fighting blog spam. Not only it is available for WordPress, it has been extended for various other platforms like Movable Type, Drupal etc. There is no reason, why I would not suggest this plugin to any person who is using WordPress.

2. WP-Spam Free – Scott Allen has rightly described it as an Extremely Powerful Anti-Spam Plugin! Its so powerful that it literally makes your blog secure from all the comment spam. Although, this plugin is infamous for using extra resources from server. If you have a high traffic blog and get lots of spam comments, then there is no reason why you shouldn’t be using this plugin. Personally, its my favorite among all the plugins that I’m listing over here.

3. SI CAPTCHA Anti-Spam – Another wonderful plugin for fighting spam on blogs. It not only helps to fight blog comment spam. It also can be extended to fight automated registrations and automated contact form submissions. This plugin uses a familiar trick of fighting comment spam i.e. CAPTCHA verification. It has lots of configuration options and if you don’t want to rely on automatic anti-spam plugins like Akismet & WP-Spam Free then this plugin will easily serve the purpose for you. [Plugin Homepage]

[Photo Credit - ScoopDog]
4. Bad Behavior – This wonderful script has been developed to fight against spam bots. It’s not specific to WordPress and is available for other content management systems. Its pretty light on servers and has been made available on plethora of CMSes. It has done a wonderful job in keeping this blog spam free from long time and will continue to do so!

5. reCAPTCHA – reCAPTCHA is a service that is used by thousands of popular websites to fight spam bots. The service can be easily integrated in a WordPress blog with the help of this plugin. I like this service/plugin because it definitely has proven its effectiveness to fight the spam bots and also because it helps in digitizing various books. Here’s what they have to say about digitizing the books part -

While the world is in the process of digitizing books, sometimes certain words cannot be read. reCAPTCHA uses a combination of these words, further distorts them, and then constructs a CAPTCHA image. After a ceratin percentage of users solve the ‘uknown’ word the same way it is assumed that it is the correct spelling of the word. This helps digitize books, giving users a reason to solve reCAPTCHA forms.

I hope that you’ll find these plugins useful enough (just the way I have) to keep you blog spam free!

© mayank for Blog Design Studio, 2010. | Permalink

WordPress is the best blogging platform and there is no doubt about that, other than that it is also becoming the first choice CMS (content management system) for corporates too. One of the major reason for the same is that WordPress is pretty simple and even though it has got less inbuilt features, there are thousands of plugins that are available for free and extend the it to match the existing CMS. It’s simplicity attracts thousands of developers and is one of the fastest growing CMS at the moment.

Because of this simplicity offered by WordPress, there are many developers who create high quality plugins, however many plugin authors develop the plugin whose code quality is not up to the mark and thus causes issue. We at Blog Design Studio have faced many issues while integrating various plugins in our themes and we always felt the need of a repository that has listed only high quality plugins. I’m sure that the team and Incsub must have faced the same problem and thus in order to address this issue, they’ve launched an app store called WP Plugins.

WordPress plugin developers can upload their plugins on this WordPress powered site and allows them to sell them to users. Plugin authors get the option of selling the plugins for one time fee or as subscription based offer that gives users the access for support and future upgrades.

My opinion about WP Plugins

There has been a wonderful conversation going on at the TechCrunch’s post about this App Store, where there are mixed reactions for this particular service. There are some hard core fans (open-source fans) who didn’t like the idea of this App Store, however if I were to give my opinion, I would say this idea is fantastic as this particular option allows plugin developers to develop high quality plugins without worrying about marketing, selling options. Other than that, users will also be able to access high quality plugins at one single place. It definitely is a win-win situation for everyone, however, the idea will only flourish or will be helpful for users only if there will be enough plugin developers who’d sign up for this initiative and not launch their own app stores in future.

Although, I do agree that they should mention that they aren’t affiliated with WordPress! There are some people who just don’t get it by looking at the site and seeing no logo of Automattic.

© mayank for Blog Design Studio, 2009. | Permalink

The company’s name is After The DeadLine and as I said earlier that this service/plugin actually proof reads your blog posts and tells you if you’ve made spelling or grammatical mistakes or not. After The DeadLine has been already integrated in WordPress.com & is available as a free plugin for WordPress.org users.

The bad thing about it is that – I deliberately made few grammatical mistakes while writing this blog posts and it couldn’t pick up even a single one, although the good thing is that this plugin is intelligent enough and as announced by Matt – it will learn as more and more people will start using it.

I would suggest that bloggers should install this plugin and use it before publishing their posts as not only this will help bloggers like me (who don’t have English as part of their culture). Of course, proof reading of posts is possible if people use expensive software like MS Word or Apple Pages, however not everyone can afford those software, so I’m sure that this free plugin will surely help them in improving their writing style and will ensure that there will be far less errors in their blog posts.

© mayank for Blog Design Studio, 2009. | Permalink

Apart from that, Jeff Chandler posted the idea of having bbPress as WordPress plugin. I would definitely love to see a bbPress plugin for WordPress or a bbPress lite plugin with WordPress. The plugin should allow bloggers to create small forums along with the blog and should allow those forums posts to be displayed in the blog as blog posts based on the blogger’s discretion. There are few other bloggers who appreciated the idea; however, Chip Bennett and few others are not happy with the idea as this kind of plugin will make database heavier.

What are your thoughts about having bbPress Lite as a plugin for WordPress? Do you think it’ll make life easier for those who are not technically sound – I’m sure we can have many ideas floating around this topic.

Note – There is no plugin in the making and this was just an idea that came in Jeff’s mind and I just think that it’s a wonderful idea. May be Movable Type community would be interested in such kind of suggestion.

© mayank for Blog Design Studio, 2009. | Permalink