Prevent brute force attacks on WordPress login with rate limiting
Block brute force attacks on wp-login.php by implementing PHP-based login attempt rate limiting, adding CAPTCHA via the WordPress hooks, and hardening with .htaccess rules.
Run safe custom database queries in WordPress using wpdb
Use the $wpdb class with prepare(), get_results(), get_var(), and insert() to run safe, SQL-injection-proof custom database queries in WordPress.
Lazy load images and iframes in WordPress without a plugin
Use the native loading="lazy" attribute, WordPress filter hooks, and a lightweight Intersection Observer fallback to lazy load all images and iframes on a WordPress site.
Create a WordPress plugin from scratch with settings page and options
Build a minimal WordPress plugin with a Settings API options page, storing and retrieving plugin options securely with nonce verification and input sanitisation.
Use the Fetch API to call the WordPress REST API from JavaScript
Replace jQuery AJAX with the native Fetch API to read and write WordPress data through the REST API, including authentication with nonces for protected endpoints.
Fix WordPress duplicate content with canonical URLs and noindex tags
Eliminate WordPress duplicate content issues by adding correct canonical URLs, applying noindex to archive and pagination pages, and preventing parameter-based duplicates.
Debug WordPress with WP_DEBUG Query Monitor and error logging
Enable WP_DEBUG, configure PHP error logging to a file, and install Query Monitor to see every database query and hook on any WordPress page.
Add custom dashboard widgets to the WordPress admin with PHP
Use wp_add_dashboard_widget() to register custom panels on the WordPress admin dashboard that display site stats, quick links, or any custom content.