Web Hosting Blog

6 Handy WordPress Code Snippets


Posted in: Misc

Adding more and more plugins can bloat out your WordPress installation, so one alternative is to use straight coding. You can customise your WordPress blog and add new features without worrying about plugins, widgets and themes using these simple code snippets. If you don’t have a WordPress blog yet, check out our one-click WordPress install, or sign up for web hosting or reseller hosting.

Display Random Links

If you have a lot of links to other websites and not very much space, you can show random links in your WordPress sidebar rather than displaying all of them at once. To do this, open up your sidebar.php file (either in the WordPress theme editor or via FTP). Then define your existing list to show random links by using ‘rand’ in the tag, e.g.

<?php wp_list_bookmarks('limit=10&orderby=rand'); ?>

You can change the ‘10’ to the number of links you want to display.

Block other IPs from the admin area

This handy snippet will only allow static IP addresses of your choosing to access the admin directory. Just make sure that you plan ahead if you change blogging locations a lot. It’s ideal for extra protection against hackers, and can be used for multi-user blogs as well.

1.Using FTP, open your /wp-admin/ folder and find the .htaccess file (if you don’t have one, upload an empty .txt file and rename it to .htaccess – don’t edit the one in your root WordPress folder).

2.Paste the following code:

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName “WordPress Admin Access Control”

AuthType Basic


order deny,allow

deny from all

# whitelist Admin’s IP address

allow from xx.xx.xx.xxx

# whitelist User 1’s IP address

allow from xx.xx.xx.xxx

# whitelistUser 2’s IP address

allow from xx.xx.xx.xxx


Include any IP addresses where the x’s are and remove/add extra lines as you wish, then save the file. To give anyone else access to the admin panel in the future, you’ll have to go into the .htaccess file again and add them manually.

Customise the logo on your WordPress login page

Bored of the same WordPress logo on the login screen? Change the image to anything you like with this snippet. It’s particularly good to make your login screen more consistent with your website’s design or company image and adds more interest to multi-user blogs. If you manage multiple blogs, changing the logo is also helps identify them instantly.

Open function.php and include this code, then change /images/custom-login-logo.gif to the URL of your image.

function my_custom_login_logo() {

echo '



add_action(‘login_head’, ‘my_custom_login_logo’);

Display a tag cloud

Add a cloud of tags used in your blog entries, with words sized based on their frequency. If you tag your entries around a particular area of interest (e.g. web design), this will put some good keywords on your page for search engines as well as making it easy for visitors to locate posts on a specific topic.

Simply add this code to your sidebar (or footer, if you prefer):

<?php wp_tag_cloud('number=15, smallest=6&largest=16&'); ?>

Change ‘15’ to the number of tags you want to display (they will be selected in terms of popularity). As the font size of tags also varies according to popularity, you can define the range from the smallest size to largest – just change the ‘6’ and ‘16’ in the code.

Display archives in a drop down list

If your blog’s been going for a while you’ll want to free up some sidebar space by converting your archive list into a drop down menu. Even if you’ve only had a blog for a few months, putting your archive links in a drop down stops your visitors being drawn away from the rest of your sidebar content.

Just paste this code into your sidebar:

Thank your commenters

Once someone has commented on your blog entry, this snippet will automatically list their name (and URL/email address where provided) at the end of the entry as a thank you.

Go to the theme you want to add this to, then open the index.php file. Paste this code:


function comment_plugger

($show = 1, $limit = 0, $sep = ' ', $none = ' none') {

global $wpdb, $tablecomments, $id;

$cid = ($show) ? ($id - 1) : $id;

$request = "SELECT DISTINCT comment_author_url,




$request .= " WHERE comment_post_ID='$cid'


comment_author <> ‘’


comment_author_url <> ''";

$request .= ' ORDER BY comment_author ASC';

$request .= ($limit > 0) ? “LIMIT $limit” : ‘’;

$commenters = $wpdb->get_results($request);

if ($commenters) {

$output = '';

foreach ($commenters as $commenter) {

if (!empty($commenter->comment_author_url)) {

$output[] = '

echo implode($sep, $output);

} else {

echo $none;




Now paste the following code where you want your commenters’ URLs to be shown:

<?php comment_plugger(1); ?>

By default, the code is set to show commenters from your last entry; if you want to show them from the current entry, change the 1 to a 0.


Was this article useful? Let others know

(No ratings have been submitted for this entry yet)


Please remember that all comments are moderated and any links you paste in your comment will remain as plain text. If your comment looks like spam it will be deleted. We're looking forward to answering your questions and hearing your comments and opinions!



  • Chris
      26 July 2010 at 13:34


    Nice tip on the IP blocking.

    Will this give the same result as your wp-admin?

    I have seen the way you have you wp-admin on Mashable

    How is this achieved?


  •   26 July 2010 at 13:50

    Hi Chris,

    This actually works so that the admin panel can't be accessed by anything other than approved IPs, even with a username and password, so it's very secure.

    If you want a pop up box prompting for username and password for admin access, this is a great tutorial: http://css-tricks.com/easily-password-protect-a-website-or-subdirectory/

    Bear in mind that the username and password you set will need to be used by everyone who wants access to the WordPress folder, so don't make it identical to your own personal WP log in details if you run a multi-user blog.

    If you're interested in how to make your WordPress installation secure, this article might be useful as well: http://www.wpbeginner.com/wp-tutorials/11-vital-tips-and-hacks-to-protect-your-wordpress-admin-area/
  • Jason Brook
      26 July 2010 at 14:32

    It also means that if your on a dynamic IP you will be forever updating the .htaccess file with your new IP's so really its a bit of a bad way to do this if you are or any other users that use the admin area are on a dynamic IP. A login system as shown in the post above would be a better way of protecting your login page.

    However if you already have a login box that is very secure, what's the big fuss over extra passwords i doubt the majority of sites even need it.
    Jason Brook  
  •   26 July 2010 at 15:22

    Hi Jason

    Yes, the code snippet for protecting your admin panel is for static IPs rather than dynamic.

    There are lots of options out there for adding extra security - it's up to you to choose what's best for your situation.

    Obviously as a web host we're keen to promote best practice for security :)
  • Neil Mani
      30 July 2010 at 3:54

    Really nice work done........

    Thanks for the wonderful code guide, I'm really going to use it for my wordpress site.......

    Hope we will get some more in near future......
    Neil Mani  
  • Toby Drysdale
      12 August 2010 at 12:42

    Thanks for the tips Jennifer - and the link to WPBeginner, some great tips on there as well.One thing we do is drop a blank index.html into the plugins folder - which will stop potential hackers from looking at what plugins you may have - and which plugins they may be able to exploit.
    Toby Drysdale  
  •   16 August 2010 at 7:08

    @Neil Thanks! Yes, if there's demand we'll definitely post more.

    @Tony Thanks for the tip.



  Live chat