Skip to content

Instantly share code, notes, and snippets.

View dipakcg's full-sized avatar
🎯
Focusing

Dipak C. Gajjar dipakcg

🎯
Focusing
View GitHub Profile
@dipakcg
dipakcg / .htaccess
Last active February 5, 2021 02:35
WordPress: Security Headers
# Add the following security headers in the root .htaccess file of WordPress #
# Get A+ Security Headers Score under securityheaders.com #
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.api.twitter.com https://gist.github.com https://syndication.twitter.com https://platform.twitter.com https://js-agent.newrelic.com https://*.nr-data.net https://*.wp.com https://*.gravatar.com https://*.wp.com https://pagead2.googlesyndication.com https://ssl.google-analytics.com https://connect.facebook.net https://www.google-analytics.com https://cdnjs.cloudflare.com https://ajax.cloudflare.com; img-src 'self' data: https://pbs.twimg.com https://platform.twitter.com https://syndication.twitter.com https://dashboard.wordpress.com https://s-ssl.wordpress.com https://dashboard.google.com https://wordpress.org https://*.w.org https://*.gravatar.co
@dipakcg
dipakcg / functions.php
Last active January 25, 2021 16:45
📦 WordPress : Set first image as featured image
// Get the first embedded image from the content
function catch_the_first_image() {
global $post, $posts;
$first_img = '';
ob_start();
ob_end_clean();
$output = preg_match_all('/<img.+?src=[\'"]([^\'"]+)[\'"].*?>/i', $post->post_content, $matches);
if ( isset( $matches[1][0] ) ) {
$first_img = $matches[1][0];
@dipakcg
dipakcg / .htaccess
Created September 21, 2020 11:56
HTTP Security Headers (WordPress)
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>
@dipakcg
dipakcg / functions.php
Last active September 13, 2020 06:27
Check WordPress Plugin Dependency
/* Check plugin dependency */
dcg_check_plugin_dependency('Easy Digital Downloads - Product Gallery for Frontend Submissions', 'Easy Digital Downloads - Frontend Submissions', 'edd-fes/edd-fes.php', '', null);
dcg_check_plugin_dependency('Easy Digital Downloads - Product Gallery for Frontend Submissions', 'Olam Multiple Image', 'olam-multiple-images/olam-multiple-images.php', '', null);
/**
* Verify if a plugin is active, if not deactivate the actual plugin an show an error
* @param [string] $my_plugin_name
* The plugin name trying to activate. The name of this plugin
* Ex:
* WooCommerce new Shipping Method
@dipakcg
dipakcg / functions.php
Created August 16, 2020 07:08
Easy Digital Downloads - Front-End Submissions - Allow only specific mime types upload
// FES form field name : Prices and Files
add_filter( 'upload_mimes', 'dcg_restrict_mime_types', 1, 1 );
function dcg_restrict_mime_types( $mime_types )
{
$user = wp_get_current_user(); // get the current user
// if user is shop vendor or a shop manager
if ( in_array( 'shop_vendor', (array) $user->roles ) || in_array( 'shop_manager', (array) $user->roles ) ) {
@dipakcg
dipakcg / .htaccess
Last active July 20, 2020 07:04
Security Headers Fix to verify with securityheaders.com
# Add the following to the WordPress installation's root .htaccess file
# Extra Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
Header set Referrer-Policy "no-referrer-when-downgrade"
Header set Feature-Policy: vibrate 'self'; usermedia *; sync-xhr 'self' https://dipakgajjar.com
Header set Expect-CT enforce,max-age=2592000,report-uri="https://dipakgajjar.com/report"
This is the technique I use to defer Youtube videos, when optimising the performance of WordPress site.
(1) Replace Youtube iFrame embed code with the below one:
----------------------
<div class="dcg-responsive-container">
<iframe class="dcg-responsive-iframe" src="" data-src="https://www.youtube.com/watch?v=nEFZLFyZNcE?rel=0" frameborder="0" allowfullscreen style="border:0"></iframe>
</div>
(2) Add the following CSS element (stylesheet element that will make Youtube iFrame Responsive) (style.css?):
@dipakcg
dipakcg / cloudSettings
Last active January 27, 2022 04:24
Visual Studio Code Settings Sync Gist
{"lastUpload":"2022-01-27T04:24:31.493Z","extensionVersion":"v3.4.3"}
@dipakcg
dipakcg / functions.php
Created August 14, 2019 06:17
WordPress: Load custom jQuery version
if ( !is_admin() ) {
// Deregister the jquery version bundled with WordPress.
wp_deregister_script( 'jquery' );
// CDN hosted jQuery placed in the header, as some plugins require that jQuery is loaded in the header.
wp_register_script( 'jquery', '//ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js', false, '3.4.1' );
wp_enqueue_script( 'jquery' );
}
@dipakcg
dipakcg / footer.php
Created July 9, 2019 05:02
Alternative to Cookie Notice WordPress Plugin