Some sites, and some hosting platforms, have difficulty handling email, in which case we have to add a plugin to ensure email delivery goes through smooth. Here are the steps for adding our preferred plugin, Postman SMTP, to a WordPress site:
- Find the plugin within the repository. It is https://wordpress.org/plugins/postman-smtp/
- Have at the ready an email address, preferably a gmail, and log in to it. You’ll need this address to set up the APP, API Key and App Secret.
- Enable the plugin and go through the Setup Wizard. It will ask you the email address and name. If a gmail address, it will go through the next two steps without any input needed.
- In authentication, click the link to the Google Developers Console Gmail Wizard to set up the App.
- In the Console, it will ask you to create a project and if you agree to the terms of service. This will enable the API.
- Still in the Console, add the email address and add a Product Name of your choosing.
- This will give you the Client ID. Copy it and paste it into Postman SMTP’s settings.
- To get the Client Secret, click on Credentials in the left menu, then click on the name of your APP. This will give you the Secret. Add to Postman SMTP.
- You’ll have to enable the APP, which Postman will prompt you to do.
- You’ll also need to go back into the settings, and change the transport type to Gmail API from SMTP.
And that should be it. Next, test the form to make sure everything is in order.
Gravity Forms notifications are set up in the individual settings of each form. Under notifications, select Admin Notification (the default).
The Send to Email should be set to the email addresses the form should go to.
From Name can be set from the drop down to the right. The First Name should be selected, then a space, then Last Name.
From Email should be set to something like wordpress@<site URL>.
Reply to should be set to the user’s Email address (again, in the right hand dropdown).
BCC to admin email address.
Subject remove all but New Submission Form and add First Name , then a space, then Last Name, as before.
If this form is in a sidebar, add Embed Post/Page Title into the Message.
Within Global Settings:
Write to Files: Allow iThemes Security to write to wp-config.php and .htaccess
Set notification email and backup email to web@ address
Send Digest Email
Enable Blacklist Repeat Offender
Add Current IP to Whitelist
Enable Infinite WP Compatibility
Within Banned Users:
Enable Ban Lists
Within System Tweaks:
Protect System Files
Disable Directory Browsing
Disable PHP in Uploads
Within WordPress Tweaks:
Remove the Windows Live Writer header
Remove the RSD Header
Reduce comment spam
Disable XML-RPC (unless using Jetpack)
Block Multiple Authentication Attempts per XML-RPC Request
Protect System Files
We also change the login URL, which is especially important if the site has a history of malware. This is in the Advanced Tab as Hide Backend. In this setting, you can change the login URL to anything you would like.
When you are showing a person how to use WordPress for the first time it is a good idea to make them an Editor role instead of an Administrator. You can use a plugin called Capability Manager Enhanced to give the Editor Role more than its usual permissions.
By default the editor cannot edit widgets, theme options, page builders, slider plugins or other types of plugins. The user manager plugin can give an editor access to many of these.
Note that editors can see all users, but cannot create other editors. They can only create users at the author level.
Recommended Editor Capabilities
Many WordPress themes have built in shortcodes for creating column widths within page and post content. What do you do if you want to include these handy shortcodes within a theme that does not have this feature? You basically have two options either create your own custom code or use an existing plugin like WP Easy Columns.
We have been using Easy Columns and it is a pretty good plugin. The shortcodes are a little long for my liking but using the interface offered in the editor makes it fairly simply. Training a client on how to use these should not be a challenge. It is certainly a quicker method than creating this from scratch or following a tutorial and has some advantages.
For years we have used a plugin called Redirection We have always liked the redirection plugin because it has a visitor log that will show you 404 errors.
The log feature can slow down your host so if you want a really simple redirection plugin use Simple 301 Redirects.
If your WordPress generated emails are not going through, your messages may end up in the user’s spam filter. In many cases the mail from some servers is blacklisted before it even gets to their spam folder. They can be completely lost in cyber space!
WordPress generated emails are things like contact form notifications, comment notifications, and passwords sent to new users.
WP Mail SMTP. This plugin hasn’t been updated in a few years but it still works fine in WP 3.6 (Oct 2013).
The port to use for a gmail address is 465, the server is smtp.gmail.com and the SSL option should be enabled.
*Older sites are using this plugin. Newer sites will be using the Postman SMTP plugin http://wordpress.org/plugins/postman-smtp
When we need to make a quick update we use WP DB Manager. Note that it does not backup your WordPress files. For a complete backup we use Infinite WP.
We have also used this plugin before but it doesn’t work with some hosting companies.
Be sure you back up your database before trying to use this plugin. It should be pretty easy to use but not hard to screw things up.
When you first install and activate WP-Super Cache plugin it does almost nothing to increase your site speed. In this video we show you how to adjust the settings for WP Super Cache so that it serves up the website faster for users, while still allowing administrators to see their updates without refreshing the cache.
Note that in the video I set preload mode to load every 120 minutes. We now recommend setting this to 360 minutes.
See also “How does a cache make my website faster“.