14 Handy WordPress Hacks Every Developer Should Know

14 Handy WordPress Hacks Every Developer Should Know

The great thing about WordPress is how you can extend it a hundred million ways to meet your needs. If you know your way around PHP, it’s not hard to tweak your site.

While there are thousands of plugins out there, it’s just as easy to add a snippet of code to your site for a quick fix.

I’m always discovering new tips and tricks that make WordPress easier and fun to use. In this roundup, I’ve put together a 14 handy hacks, some you may have come across before, others that may be new to you, and some you wouldn’t know how to search for on Google.

Feature image
Try out these handy WordPress hacks on your site and makes things a little bit easier.

1. Force Perfect JPG Images

WordPress automatically compresses images to 90 percent of the original. While this isn’t such a big deal for most site owners, some people, like photographers, miss this extra 10 per cent.

To ensure the images on your site are at 100 per cent quality, add this to your theme’s functions.php file:

add_filter( 'jpg_quality', 'high_jpg_quality' );
function high_jpg_quality() {
return 100;

2. Proper URLs

It’s a good idea to ensure your URLs are properly formed and are free of invalid characters. You can do this with the esc_url() function:

$my_url = 'http://myawesomesite.com/?awesome=true';
$url = esc_url( $my_url );

3. Shortcodes in Text Widgets

Widgets are great, but you can make them even better by enabling shortcodes in them with this filter:

add_filter( 'widget_text', 'do_shortcode' );

4. Delay When Your Posts Go to RSS

Have you ever published a post and then realised there was a huge mistake in the first paragraph? It’s easy enough to fix the error, but it’s too late for all your subscribers – your post has already been published in their RSS feeds.

Delay when your posts are published to RSS and give yourself time to double-check your live posts. Add this snippet to your functions.php file:

function publish_later_on_feed($where) {
global $wpdb;
if ( is_feed() ) {
$time_now = gmdate('Y-m-d H:i:s');
$time_delay = '15'; // integer
$where = " AND TIMESTAMPDIFF($device, $wpdb->posts.post_date_gmt, '$time_now') > $time_delay ";
return $where;
add_filter('posts_where', 'publish_later_on_feed');

You can change the value of $delay to whatever length of time suits you.

5. Display Featured Images In RSS Feed

A picture tells a thousand words, as they say. Encourage subscribers to visit your site rather than just read your content in their RSS feed by displaying featured images by default:

add_filter('the_content_feed', 'rss_post_thumbnail');
function rss_post_thumbnail($content) {
global $post;
if( has_post_thumbnail($post->ID) )
$content = '<p>' . get_the_post_thumbnail($post->ID, 'thumbnail') . '</p>' . $content;
return $content;

6. Disable HTML in Comments

Spam can be a real pain. Do you get spam in the comments of your site that are littered with links to even more spam?

Disable HTML in your comments to prevent links to spam, bold text and other spammy tactics. Just add the following code to your functions.php file:

// This will occur when the comment is posted
function plc_comment_post( $incoming_comment ) {
// convert everything in a comment to display literally
$incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']);
// the one exception is single quotes, which cannot be #039; because WordPress marks it as spam
$incoming_comment['comment_content'] = str_replace( "'", ''', $incoming_comment['comment_content'] );
return( $incoming_comment );
// This will occur before a comment is displayed
function plc_comment_display( $comment_to_display ) {
// Put the single quotes back in
$comment_to_display = str_replace( ''', "'", $comment_to_display );
return $comment_to_display;
add_filter( 'preprocess_comment', 'plc_comment_post', '', 1 );
add_filter( 'comment_text', 'plc_comment_display', '', 1 );
add_filter( 'comment_text_rss', 'plc_comment_display', '', 1 );
add_filter( 'comment_excerpt', 'plc_comment_display', '', 1 );
// This stops WordPress from trying to automatically make hyperlinks on text:
remove_filter( 'comment_text', 'make_clickable', 9 );

Thanks to Peter Keung for this great snippet.

7. Shortcut to Your Site’s URL

WordPress has a simple function that allows you to quickly reference your URL. Not only will save you having to type out your URL time and time again, it will also save you having to change your files if you ever change domains.

<?php bloginfo('url'); ?>


Our best pro WP tools in one bundle

Try free for 7 days
30-day money-back

You can then use the function like so:

<a href="<?php bloginfo('url'); >/about">About Our Company</a>

8. Recent Blog Posts on Homepage

Display your most recent blogs on your homepage without actually making your blog your homepage with this fantastic snippet:

<?php query_posts($query_string . '&showposts=5' ); ?>
<?php if ( have_posts() ) : while ( have_posts() ) : the_post(); ?>

<div class="story">

<div class="story-content">

<h4><a href="<?php the_permalink(); ?>"><?php the_title(); ?></a></h4>

<?php the_excerpt(); ?>
<?php endwhile; endif; ?>

You can change &showposts=5 to however many posts you want to display.

9. Customize the Dashboard Logo

Add your own logo to the dashboard in the backend of WordPress to personalise your installation. This is a great tip for customizing client sites. Just paste the following code:

add_action('admin_head', 'custom_logo');

function custom_logo() {
echo '

<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" data-wp-preserve="%3Cstyle%20type%3D%22text%2Fcss%22%3E%3C!--%20%23header-logo%20%7B%20background-image%3A%20url('.get_bloginfo('template_directory').'%2Fimages%2Fcustom-logo.gif)%20!important%3B%20%7D%20--%3E%3C%2Fstyle%3E" data-mce-resize="false" data-mce-placeholder="1" class="mce-object" width="20" height="20" alt="<style>" title="<style>" />


10. Remove Error Message on the Login Page

Whenever your users enter an incorrect login name or password, an error message is displayed on the login page alerting them to an incorrect piece of information. If a hacker were to correctly guess one of those pieces of information, the error message would help them identify what he/she got right.

Block hackers by adding the following filter:

add_filter('login_errors',create_function('$a', "return null;"));

This hack isn’t recommended for sites with multiple authors.

11. Remove Publicly Displayed Version of WordPress

Another anti-hack hack. This handy security by obscurity snippet will hide the version of WordPress you’re using, making it harder for hackers exploiting holes in older versions of WordPress.

// Remove the WP version for extra WordPress Security
function remove_wp_version(){
return '';
add_filter('the_generator', 'remove_wp_version');

12. Automatic Copyright Date in Footer

So many sites have outdated copyright information while others show just the current year as their copyright date.

Display your correct copyright date (e.g. © 2005-2014) with this code to your functions.php file:

function comicpress_copyright() {
global $wpdb;
$copyright_dates = $wpdb->get_results("
YEAR(min(post_date_gmt)) AS firstdate,
YEAR(max(post_date_gmt)) AS lastdate
post_status = 'publish'
$output = '';
if($copyright_dates) {
$copyright = "© " . $copyright_dates[0]->firstdate;
if($copyright_dates[0]->firstdate != $copyright_dates[0]->lastdate) {
$copyright .= '-' . $copyright_dates[0]->lastdate;
$output = $copyright;
return $output;

Next, you need to add this to your footer.php file where you would like to display the copyright date:

<?php echo comicpress_copyright(); ?>

This function looks for the date of your first post, and the date of your last post. Very cool!

Thanks to Philip M. Hofer (Frumph) of ComicPress for this snippet.

13. Set Default Editor

Do you prefer to use the HTML editor rather than the Visual Editor when writing posts? Make either of these options your default by adding either of the following lines to your functions.php file:

# Visual Editor as default
add_filter( 'wp_default_editor', create_function('', 'return "tinymce";') );

# HTML Editor as default
add_filter( 'wp_default_editor', create_function('', 'return "html";') );

14. Redirect a User After Login

You can redirect users who login to your site to another URL based on their role using this snippet. Just add it to your functions.php file:

<?php function redirect_user_on_role() { //retrieve current user info global $current_user; get_currentuserinfo(); //If login user role is Subscriber if ($current_user->user_level == 0)
wp_redirect( home_url() ); exit;
//If login user role is Contributor
else if ($current_user->user_level > 1)
wp_redirect( home_url() ); exit;
//If login user role is Editor
else if ($current_user->user_level >8)
wp_redirect( home_url() ); exit;
// For other roles
$redirect_to = 'http://google.com/';
return $redirect_to;


Thanks to WP-Snippets for this great snippet.


How do you like to hack WordPress? What are your favorite hacks? Tell us in the comments below.

Raelene Morey

Raelene Morey Raelene is the Founder of Words By Birds, a digital writing agency that works with startups, SaaS, B2B, and WordPress businesses on turning tech speak into words that convert. She was formerly the managing editor at WPMU DEV. A computer science grad turned newspaper journalist, when she’s not taming browser tabs, she likes brunching and bushwalking.