Catalog / WordPress Cheatsheet
WordPress Cheatsheet
A quick reference guide for WordPress users, developers, and administrators covering key concepts, functions, and best practices.
Core Concepts
WordPress Fundamentals
WordPress: A free and open-source content management system (CMS) based on PHP and MySQL. |
Posts: Dynamic content entries displayed in reverse chronological order. |
Pages: Static content like ‘About Us’ or ‘Contact’ pages. |
Themes: Control the visual design of your website. |
Plugins: Extend WordPress functionality with additional features. |
Widgets: Add content and features to sidebars and other widget areas. |
Users: Manage different user roles and permissions. |
Key WordPress Files & Directories
|
Contains database connection details, security keys, and other settings. |
|
Directory where WordPress themes are stored. |
|
Directory where WordPress plugins are stored. |
|
Server configuration file (if using Apache), used for permalinks and security. |
|
Main WordPress file that handles requests. |
Admin Dashboard Sections
Posts |
Create, edit, and manage blog posts. |
Media |
Upload and manage images, videos, and other media files. |
Pages |
Create and manage static pages. |
Appearance |
Customize your site’s design with themes and widgets. |
Plugins |
Install and manage plugins to extend functionality. |
Users |
Manage user accounts and roles. |
Settings |
Configure general site settings, permalinks, and more. |
Theme Development
Basic Theme Structure
A basic WordPress theme requires at least two files: |
|
|
Common Template Files
|
Contains the website header (doctype, |
|
Contains the website footer (closing |
|
Contains the sidebar content (widgets, navigation). |
|
Template for displaying a single post. |
|
Template for displaying a single page. |
|
Template for displaying archive pages (categories, tags, dates). |
|
Theme functions file for custom PHP code. |
Theme Functions
|
Hook for adding content to the |
|
Hook for adding content to the footer. |
|
Displays the post title. |
|
Displays the post content. |
|
Displays the post permalink. |
|
Returns the theme directory URI. |
Plugin Development
Basic Plugin Structure
A basic WordPress plugin requires at least one PHP file with plugin metadata. |
Plugin metadata includes Plugin Name, Version, Author, and Description, defined in comments at the top of the file. |
Plugin Header Example
|
Key Plugin Functions
|
Hooks a function to a specific action. |
|
Hooks a function to a specific filter. |
|
Runs a function when the plugin is activated. |
|
Runs a function when the plugin is deactivated. |
|
Enqueues scripts and styles for the front-end. |
|
Enqueues scripts and styles for the admin area. |
Example: Adding a Custom Action
|
Security Best Practices
Core Security Measures
Keep WordPress, Themes, and Plugins Updated: Regularly update to patch security vulnerabilities. |
Use Strong Passwords: Protect user accounts with strong, unique passwords. |
Limit Login Attempts: Implement a login attempt limiter to prevent brute-force attacks. |
Enable Two-Factor Authentication (2FA): Add an extra layer of security to user logins. |
Regular Backups: Schedule regular backups of your WordPress files and database. |
Use a Security Plugin: Consider using a security plugin like Wordfence or Sucuri Security. |
Database Security
Change the Database Table Prefix: |
Use a prefix other than the default |
Protect |
Restrict access to |
File System Security
Disable File Editing: |
Prevent users from editing theme and plugin files through the WordPress admin panel. |
Restrict File Uploads: |
Limit file upload types to prevent malicious uploads. |
Additional Hardening
Disable Directory Listing: Prevent directory listing to avoid revealing file structure. |
Implement a Web Application Firewall (WAF): Use a WAF to filter malicious traffic. |