Category Archives: Fixer upper

Finally, a WP plugin that stops user registration spam (WangGuard)

Stop the bots!

Have you ever searched for that perfect WordPress plugin, only to install it, activate it, then promptly deactivate it because it wasn’t living up to your expectations? Worse still; you’ve tried a myriad of keyword combinations in the plugin search field, only to be presented with suggestions that are irrelevant or unhelpful.

This happened to me recently when I started up on yet another mission to eliminate user registration spam. I’m not talking about the spam that Akismet detects (i.e. in blog comments), but the relentless registration of inactive users through the use of spam bots. While they may appear no harm at first, it would only take an accidental change in settings, or an exploitation in a future update for these dormant ‘users’ to spring into action. And, as most of you would agree, it’s annoying having your blog fill with empty bot registrations anyway.

Tip: Use Google to search for plugins because WordPress tends to place high relevancy on exact word matches for the plugin name. This prevents you from knowing whether the plugin’s context deals with the features you are seeking (the devil is in the detail).


Unlike previous attempts of mine (e.g. New User Approve), this free plugin actually went further than what I was expecting. At its core is a collaborative engine where bloggers press a button to report user spam. First, it’s deleted locally along with the user and, second, the spammer’s details are disseminated to other WangGuard users, thereby automatically blocking the bot from registering or posting on their blogs.

But for me there was another beaut feature which completely stopped all spam registrations in the first place; security questions. By adding a few simple question and answer settings (e.g. some basic math questions or ‘write the number 5 in words’), my spam registrations stopped overnight. It seems the bots don’t know their math, no matter how simple the question! With this feature, uou can type in any number of security questions and the plugin adds these randomly to the WordPress registration form.

Finally, you can now turn on the ‘anyone can register’ feature of your blog and actually allow welcome visitors to register and interact with you, knowing that the bots are eliminated. And, if you operate multiple blogs, WangGuard allows you to generate multiple API keys from the single account. It really is a painless process, and it should be the first ting you do after you finish reading this post!


Move your WordPress installation to the root directory

Recently I was faced with a dilemma where my host’s cPanel did not allow me to install WordPress into the root directory (i.e. without creating a new folder). If I left the instllation URL blank, it returned the error, “You must specify an installation directory!”. This particular host was using ‘Site Software v0.9.7′ for WordPress installation, and not Softaculous which I much prefer (Softaculous allows you to leave this field blank).

In any case, I searched for a solution on the matter and it was recommended that I nominate public_html as the folder since this is where all the public files exist. This was a poor suggestion though, because the automatic installation software ended up creating and installing into that folder, rather than using the host’s root directory. In the end, however, it made no difference because I would still need to move the files, regardless of the folder’s name.

Anyway, how do you (easily) move WordPress to the root directory?

Essentially there are only three main steps:

  • Update your URL in WordPress’ general settings
  • Move files from current folder into root directory
  • Update the file path for uploaded media (see the comment below the article)

… Simple enough, but I’ll outline all the little details in between so as not to make any assumptions about your WordPress expertise. It’s important to follow these steps in the correct order. Also, please note that your site will be down during the time it takes you to move the files from one folder to the other (usually less than a minute).

  1. Back up any files in your root directory, such as index.php or your htacess file.
  2. Log in to your WordPress website and go to Settings > General (if you’ve only just installed it, this will be;’).
  3. In both the WordPress and Site Address URL fields, backspace over the folder name where WordPress is currently installed so that only your full domain name appears (e.g. ‘’).
  4. Next, don’t panic! When you click Save your site will be (temporarily) inaccessible.
  5. Go back to your cPanel, then open File Manager.
  6. Open the folder where WordPress is installed by double-clicking the folder icon.
  7. Select all files in the directory (hold down CTRL or use SHIFT while selecting).
  8. Next, click the ‘Move File’ icon from the cPanel toolbar (a dialogue box will open displaying all the files that will be moved).
  9. In the last field of the dialogue box, you want to delete the folder name so that cPanel will move the files into the root directory (i.e. into ‘/public_html’). When ready, click ‘Move File(s)’.
  10. Lastly, while still in cPanel, go back to the root directory and DELETE the folder (which should now be completely empty).
  11. Your site should now be up and running in the root directory of your domain. [Edit February 21, 2014: There is one additional step - see the comment further below.]

The reason why we use cPanel and not FTP to move the files, is that the server will be much faster to complete the process. Like your hard drive, it can perform this function in seconds, rather than hours, and it avoids unnecessary downloading and uploading of your files.

I hope this has helped. As always, you’re welcome to leave a comment if you need something clarified.

Have you accidentally deleted or overwritten wp-config.php?

If you’re anything like me, your website has multiple MySQL databases and, after a while. it can start to become difficult to manage. At times, when things go wrong, you can rely on your wp-config.php file to recover your database name and password… But what if you make the horrible mistake of overwriting your existing wp-config.php file with the wrong one. or simply deleting it by accident?

“Error Establishing a Database Connection”

This happened to me recently, and I spent a number of hours searching forums and knowledge bases trying to figure out how to fix it. Most discussions involved trying to insert a new password directly into the MySQL database using special hashing techniques (encrypting a new, plain text password), and then updating your wp-config.php file accordingly. But the solutions I found is so much easier!

It’s a simple case of adding a new user to your database

The only thing you need for this solution to work is the name of your database, and you can easily get this through your cPanel. This fix should get your site back up and running in less than five minutes:

  1. Log in to your cPanel, and go to MySQL Databases.
  2. Scroll to the section that says ‘MySQL Users’ > ‘Add New User’, then create a new user, remembering to copy your username and password into a safe location.
  3. Scroll to ‘Add User To Database’, then add the user you just created to the relevant database. If you’re lucky, you’ll only have one database to choose from. If there’s more than one, look for a WordPress database. The syntax is usually username_wp123 (where username is the first eight characters of your host login, and the numbers were randomly generated at the time of installation).
  4. Next, grant ALL PRIVILEGES to the new user.
  5. Now it’s just a simple matter of inserting this information into a new wp-config.php file. If you’ve deleted all instances of this file, you can use wp-config-sample.php to create a new one (this file is included in your WP root directory by default).
    /** The name of the database for WordPress */
    define('DB_NAME', 'database_name_here');
    /** MySQL database username */
    define('DB_USER', 'username_here');
    /** MySQL database password */
    define('DB_PASSWORD', 'password_here');
  6. Edit, save, then upload the file via FTP into your root WordPress directory.
  7. Your website should now function normally! (If not, leave a comment.)