Alexander Leidinger

Just another weblog


My cur­rent list of acti­vated WP-plugins

Here is the list of the Word­Press plu­g­ins I have acti­vated since a long time. Some of them I could maybe deac­ti­vate (maybe 4 – 5) but some­how I was too lazy so far to make some time to have a look at this. All in all I regard most of them as essen­tial in some way for my blog.

  • AddToAny: Share/Bookmark/Email But­ton
    Help peo­ple share, book­mark, and email your posts & pages using any ser­vice, such as Face­book, Twit­ter, Google Buzz, Digg and many more.
  • AddToAny: Sub­scribe But­ton
    Help read­ers sub­scribe to your blog using any feed reader or feed service.
  • After The Dead­line
    Adds a con­tex­tual spell, style, and gram­mar checker to Word­Press. Write bet­ter and spend less time edit­ing. Visit your pro­file to con­fig­ure. See the Proof­read­ing Sup­port page for help.
  • Akismet
    Akismet checks your com­ments against the Akismet web ser­vice to see if they look like spam or not. You need an API key to use it. You can review the spam it catches under “Com­ments.” To show off your Akismet stats just put <?php akismet_counter(); ?> in your tem­plate. See also: WP Stats plugin.
  • aLinks
    A Word­Press plu­gin that auto­mat­i­cally links key­words in your blog post.
  • All in One SEO Pack
    Out-of-the-box SEO for your Word­Press blog.
  • AskA­pache RewriteRules Viewer
    Dis­plays the Inter­nal Word­Press Rewrite Rules in Detailed Glory.
  • Bet­ter Plu­gin Com­pat­i­bil­ity Con­trol
    Adds ver­sion com­pat­i­bil­ity info to the plu­g­ins page to inform the admin at a glance if a plu­gin is com­pat­i­ble with the cur­rent WP version.
  • Bet­ter Search
    Replace the default Word­Press search with a con­tex­tual search. Search results are sorted by rel­e­vancy ensur­ing a bet­ter vis­i­tor search experience.
  • Bro­ken Link Checker
    Checks your blog for bro­ken links and miss­ing images and noti­fies you on the dash­board if any are found.
  • Change Admin User­name
    Lets you change your user­name to some­thing other than “admin”.
  • Con­tex­tual Related Posts
    Show user defined num­ber of con­tex­tu­ally related posts.
  • Cute Pro­files
    Cute Pro­files adds all your Social Pro­file icons ver­ti­cally on left or right side of your pages, which will remain vis­i­ble all the time though the page is scrolled and with­out con­sum­ing the side­bar space.
  • Dash­board: Lat­est Spam
    Dis­plays the lat­est spam on your Word­Press 2.5+ dash­board so you can make sure there were no false pos­i­tives. Uses Defen­sio to hide obvi­ous spam if you have it installed.
  • Easy Chart Builder
    Cre­ates a chart directly in your post or page via short­cut. Man­ages siz­ing of chart to sup­port wptouch and other mobile themes.
  • Exploit Scan­ner
    Scans your Word­Press site for pos­si­ble exploits.
  • FD Word Sta­tis­tics
    Com­putes Gunning-Fog, Flesch, and Flesch-Kincaid read­abil­ity indexes about posts as they are edited for the pur­pose of improv­ing their readability.
  • GD Press Tools
    GD Press Tools is a col­lec­tion of var­i­ous admin­is­tra­tion, seo, main­te­nance and secu­rity related tools that can help with every­day blog tasks and blog optimizations.
  • GD Sim­ple Wid­gets
    Col­lec­tion of pow­er­ful, easy to use wid­gets that expand default wid­gets. Plu­gin also adds few more must-have wid­gets for posts, authors and comments.
  • GD Star Rat­ing
    GD Star Rat­ing plu­gin allows you to set up advanced rat­ing and review sys­tem for posts, pages and com­ments in your blog using sin­gle, multi and thumbs ratings.
  • GeoSmart
    GeoSmart auto­mat­i­cally adds city-precise loca­tion infor­ma­tion for com­ment authors to com­ment meta­data. GeoSmart can also dis­play a Google map show­ing com­ment author dis­tri­b­u­tion across the globe. In addi­tion, GeoSmart ships with a mul­ti­ple instance capa­ble side­bar wid­get that dis­plays a map show­ing the loca­tions of the most recent vis­i­tors to your blog. Requires PHP 5 and Word­Press 2.8+. Map dis­play requires a Google Maps API Key.
  • Global Trans­la­tor
    Auto­mat­i­cally trans­lates a blog in 48 dif­fer­ent lan­guages by wrap­ping four dif­fer­ent online trans­la­tion engines (Google Trans­la­tion Engine, Babelfish Trans­la­tion Engine,, Promt). After upload­ing this plu­gin click ‘Acti­vate’ and then after­wards you must visit the options page and enter your blog lan­guage to enable the translator.
  • Google XML Sitemaps
    This plu­gin will gen­er­ate a spe­cial XML sitemap which will help search engines like Google, Yahoo, Bing and to bet­ter index your blog.
  • Gra­vatar Signup Encour­age­ment
    Dis­plays mes­sage to users with­out gra­vatar that they don’t have one with link to Gravatar’s sign-up page (e-mail included).
  • Health Check
    Checks the health of your Word­Press install
  • http:BL Word­Press Plu­gin
    http:BL Word­Press Plu­gin allows you to ver­ify IP addresses of clients con­nect­ing to your blog against the Project Honey Pot database.
  • Import HTML Pages
    Imports well-formed sta­tic HTML pages into Word­Press posts or pages. Requires PHP5. Now with Dreamweaver tem­plate sup­port and Word HTML cleanup.
  • InfoLink
    Adds a but­ton to the Edi­tor, easy link­ing to Wikipedia, IMDB or add a link with google search.
  • Limit Login Attempts
    Limit rate of login attempts, includ­ing by way of cook­ies, for each IP.
  • One-Time Pass­word
    One-Time Pass­word Sys­tem con­form­ing to RFC 2289 to pro­tect your weblog in less trust­wor­thy envi­ron­ments, like inter­net cafés.
  • Plu­gin Man­ager
    Plu­gin Man­ager lets you to view, down­load and install plu­g­ins from from an AJAX’ed inter­face, instead of man­u­ally down­load­ing, extract­ing and upload­ing each plugin.
  • Plu­g­ins Garbage Col­lec­tor
    It scans your Word­Press data­base and shows what var­i­ous things old plu­g­ins which were deac­ti­vated, unin­stalled) left in it. The list of addi­tional data­base tables used by plu­g­ins with quant of records, size, and plu­gin name is shown.
  • Quick Stats
    Logs hits with refer­rer, ip, host, client and url infor­ma­tion. RSS tracker fea­ture lets you tracker your vis­i­tors in near real­time using an RSS reader soft­ware.
  • Search Meter
    Keeps track of what your vis­i­tors are search­ing for. After you have acti­vated this plu­gin, you can check the Search Meter sec­tion in the Dash­board to see what your vis­i­tors are search­ing for on your blog.
  • SEO Smart Links
    SEO Smart Links pro­vides auto­matic SEO ben­e­fits for your site in addi­tion to cus­tom key­word lists, nofol­low and much more.
  • Sim­ple Track­back Val­i­da­tion
    Elim­i­nates spam track­backs by (1) check­ing if the IP address of the track­back sender is equal to the IP address of the web­server the track­back URL is refer­ring to and (2) by retriev­ing the web page located at the URL used in the track­back and check­ing if the page con­tains a link to your blog.
  • Smartlinker
    Smartlinker is a tool­bar on the Word­Press TinyMCE edi­tor that enables you to hyper­link words and phrases in your blog. A word/phrase can be the name of a per­son, place or thing.
  • Table of Con­tents Cre­ator
    Table of Con­tents Cre­ator (TOCC) auto­mat­i­cally gen­er­ates a dynamic site wide table of con­tents that is always up-to-date. All entries are nav­i­ga­ble mak­ing your site very SEO friendly. TOCC can be con­fig­ured to dis­play sta­tic pages, blog entries and forum com­ments. Another great fea­ture of TOCC is the abil­ity to include anchor tags on any page marked with a spe­cial class. This fea­ture allows links to arti­cles, down­loads or even other sites to appear within the table of con­tents as if they are part of your site’s nav­i­ga­tion. To gen­er­ate a table of con­tents, sim­ply include the <!– toc-creator –> tag on any page, or use the handy page cre­ation fea­ture located on the plu­gin admin page.
  • TinyMCE Advanced
    Enables advanced fea­tures and plu­g­ins in TinyMCE, the visual edi­tor in WordPress.
  • Update Noti­fier
    Sends email noti­fi­ca­tions to the admin if a new ver­sion of Word­Press avail­able. Noti­fi­ca­tions about updates for plu­g­ins and themes can also be sent.
  • Weasel’s No HTTP Author
    Checks to see if the author name in your com­ments con­tains “HTTP:” to help fil­ter out spam. This only sets the “spam” flag on the com­ment; Akismet does the dirty work and actu­ally removes and reports the comment.
  • Where did they go from here
    Show “Read­ers who viewed this page, also viewed” links on your page. Much like’s prod­uct pages. Based on the plu­gin by Mark Ghosh.
  • Who is Online
    Dis­plays who is cur­rently on your blog and for how long.
  • Stats
    Tracks views, post/page views, refer­rers, and clicks. Requires a API key.
  • WP-Polls
    Adds an AJAX poll sys­tem to your Word­Press blog. You can eas­ily include a poll into your WordPress’s blog post/page. WP-Polls is extremely cus­tomiz­able via tem­plates and css styles and there are tons of options for you to choose to ensure that WP-Polls runs the way you wanted. It now sup­ports mul­ti­ple selec­tion of answers.
  • WP-Print
    Dis­plays a print­able ver­sion of your Word­Press blog’s post/page.
  • WP-Stats-Dashboard
    Dis­plays the stats graph, your traf­fic and social met­rics mon­i­tor­ing on your dashboard.
  • wp-Typography
    Improve your web typog­ra­phy with: (1) hyphen­ation — over 40 lan­guages sup­ported, (2) Space con­trol, includes: widow pro­tec­tion, glu­ing val­ues to units, and forced inter­nal wrap­ping of long URLs & email addresses, (3) Intel­li­gent char­ac­ter replace­ment, includ­ing smart han­dling of: quote marks, dashes, ellipses, trade­marks, math sym­bols, frac­tions, and ordi­nal suf­fixes, and (4) CSS hooks for styling: amper­sands, upper­case words, num­bers, ini­tial quotes & guillemets.
  • WP Ajax Edit Com­ments
    The most pow­er­ful comment-editing solu­tion for Word­Press. Users can edit their own com­ments for a lim­ited time, while admins can edit all comments.
  • WP Math Pub­lisher
    Dis­play math­e­mat­i­cal equa­tions within your posts and com­ments. Put your plain text math­mat­i­cal expres­sions between [pmath size=xx]…[/pmath] tags. The optional size attribute con­trols how large the images will be dis­played. Use­ful xx inte­ger val­ues range from 8 to 24. Size defaults to 12 when attribute omit­ted. Pas­cal Brachet’s PHP Math Pub­lisher library is included.
  • WP Minify
    This plu­gin uses the Minify engine to com­bine and com­press JS and CSS files to improve page load time.
  • WP Secu­rity Scan
    Per­form secu­rity scan of Word­Press installation.
  • WP Super Cache
    Very fast caching plu­gin for WordPress.
  • WP Update Mes­sage
    Add an update mes­sage to your pages or posts to let your read­ers know what has been updated.

I do not need some con­tact man­age­ment plu­gin, if some­one wants to con­tact me he can use my EMail address. I do not have a prob­lem hav­ing my EMail address in a robot-readable for­mat, my anti-SPAM soft­ware is well tuned for my mailbox.


Tags: , , , , , , , , ,

WP plu­g­ins and PHP safe_mode

Obvi­ously a lot of WP plu­gin authors do not check if their plu­gin is PHP safe_mode/open_basedir com­pat­i­ble. Yes, I know, it is dep­re­cated and does not offer 100% safety, but it is at least an addi­tional road-block in some cases and may pre­vent some mali­cious behav­ior… If I can choice between 100% break-in pos­si­bil­ity and <100% break-in pos­si­bil­ity, I chose the later.

I also think most of them also do not check with suhosin. They also fail to list other PHP exten­sion require­ments most of the time, they just assume you have a full install.

  • quick­stats wants the PHP ctype exten­sion, does not seem to play well with sql.safe_mode while the rest of WP does not seem to have an obvi­ous prob­lem with it
  • wp-stats–dash­board wants the PHP curl and json exten­sion (curl does not play well with safe_mode or open_basedir => needs to be dis­abled), needs suhosin.execu­tor.include.max_traversal set to 6; still does not work 100% cor­rect, I deleted the cache direc­tory con­tents to let it recre­ate the stats, but it still does not dis­play as much vis­its as I can see in the stats on the post­ings page
  • bot-tracker wants the PHP ses­sion extension
  • broken-link-checker tries to write to /var/tmp/ (safe_mode/open_basedir incompatible)
  • one-time-password does not play well with safe_mode/open_basedir
  • smartlinker tells me that the vari­able cook­ieString is not defined

Tags: , , , , , , , , ,

How many WP plu­g­ins are used on average?

After a quick chat with miwi, I ask myself how many peo­ple actu­ally are inter­ested in plu­g­ins for WP and how much plu­g­ins peo­ple have on average?

Miwi has cur­rently 4 plu­g­ins installed. I have 30 plu­g­ins installed as of this writing:

  • Akismet: comes with WP, anti-SPAM
  • AskA­pache RewriteRules Viewer: gives some info about the apache rewrite rules used in WP
  • Bet­ter Search: improves the search fea­tures of WP
  • Bot Tracker: shows which bots crawl your site (no robot crawled mine yet, I assume I have not acti­vated it long enough and need to wait a lit­tle bit until I see some results)
  • Bro­ken Link Checker: checks my blog for bro­ken links
  • Con­tex­tual Related Posts: adds “Related Posts:” to new post­ings, not always up to the task (as can be seen in this post­ing), but I hope it will improve with time when I post more
  • Dash­board: Lat­est Spam: gives some info in the dash­board about the blog-SPAM
  • FD Word Sta­tis­tics: gives some infos about the “com­plex­ity” of your posts in the post­ing editor
  • GD Press Tools: a col­lec­tions of mul­ti­ple features/stats/…
  • GD Sim­ple Wid­gets: not used yet, pro­vides wid­gets for the side­bar which also come with the WP-core, but this ones are modified/enhanced; I have not tested this yet
  • GD Star Rat­ing: allows you to rate my post­ings with stars and thumbs up/down (feel free to do it here, if you found some­thing useful 😉 )
  • Import HTML Pages: if I want to import exist­ing HTML pages… I have not decided yet if I will use it or not
  • Limit Login Attempts: IMO some­thing like this belongs into the WP-core
  • Plu­gin Man­ager: I want to give it a try
  • Quick Stats: some addi­tional stats
  • Search Meter: gives you some info about the searches peo­ple do in the blog (nobody searched some­thing yet…)
  • Sim­ple Track­back Val­i­da­tion: an anti-SPAM plu­gin, or at least some san­ity checking
  • Tan­Tan­Noo­dles Sim­ple Spam Fil­ter: some sim­ple anti–SPAM rules
  • TinyMCE Advanced: I want some more but­tons in my posting-editor
  • Weasels No HTTP Author: anti-SPAM, do not allow http:// in the name of authors (comments, …)
  • Stats: do I really need to explain this?
  • WP-Stats-Dashboard: sim­pli­fies the han­dling of the “Word­ Stats”-features
  • wp-Typography: auto­matic typo­graphic improve­ments to post­ings, I do not know if it is use­ful for non-English texts, but at least my post­ings in Eng­lish look better
  • WP Math Pub­lisher: allows to place some more math­e­mat­i­cal ren­der­ing of math-equations in post­ings, e.g. the golden ratio: phi = {1 + sqrt{5}}/{2}
  • WP Secu­rity Scan: scans your blog setup for known secu­rity holes
  • WP Update Mes­sage: allows to put a “post­ing updated: XXX changed”-box into your postings
  • Delete Spam Daily: not acti­vated yet, as I did not get any SPAM yet, I can not make a con­trolled test, so I wait
  • Hello Dolly: plu­gin comes with WP-core, not activated
  • Login Lock­Down: not acti­vated, I will delete it soon, as I like the “Limit Login Attempts”-plugin more
  • One-Time Pass­word: does not work out of the box for me, it looks like it does not find php-otp (it is not installed, and I need to have a look if it comes with php-otp included and iit s not found, or if I have to install it)

Tags: , , , , , , , , ,