How to White Label Gravity Forms

Gravity Forms is one of the most popular form building plugins available for WordPress. Most of the WordPress developers we know have Gravity Forms as a staple plugin in their website building strategy. It gives clients the power to quickly, and easily, add and modify all varieties of forms on their websites. For most clients, Gravity Forms is perfect out of the box. Unfortunately, not all clients are equal and sometimes website developers need to modify the Gravity Forms interface. Thankfully, our White Label WordPress plugin can help with that. This article will help you learn all the ways that you can use our plugin to white label Gravity Forms.

Our White Label Plugin

Before we get deeper into, let’s take some time to discuss the White Label plugin. Our plugin was built to make modifying and adjusting the WordPress admin experience simple. There are dozens of features in White Label to help you customize WordPress for your clients. For example, White Label helps you rebrand the WordPress login form and page. You can change menus inside the admin. The plugin lets you build dashboard widgets and modify the dashboard. There are features in White Label to change how plugins are shown to users. In addition, White Label has a set of theme-related features as well. Plus, many more options to make the WordPress admin fit your client’s needs exactly.

Take a look at our features list and the expansive documentation on this site to learn more about White Label. We think it’s the best white label WordPress plugin available. It’s simple and easy to use and makes a great addition to any WordPress developer’s or agency’s toolbox.

Let’s get back to the task on hand: how to white label Gravity Forms.

White Label has a section devoted solely to Gravity Forms. Using these bespoke features, in combination with some other features of our plugin, will let you white label Gravity Forms quickly and easy. In this article, we will walk you through each feature. By the end, you should have a working version of Gravity Forms without anyone using the site actually knowing what form builder plugin is in use.

Please note: Many of the features discussed in this article are only found in White Label Pro. You’ll have to purchase that version of our plugin to have access to many of the features related to white labeling Gravity Forms.

Gravity Forms Branding

White Label has a set of features to help you directly change Gravity Forms branding throughout the WordPress admin.

Hide the Gravity Forms Logo

The easiest way to white label Gravity Forms is to hide its logo throughout the admin. The Gravity Forms logo appears throughout various screens. Most obviously, in a header at the top of each screen in the plugin. You can easily hide the Gravity Forms logo with a click of a checkbox in White Label.

Replace the Gravity Forms Name

In addition to the logo, White Label lets you modify the name of Gravity Forms as it appears on various screens and interface panels. You can change the plural (Gravity Forms) and singular (Gravity Form) appearances of the name by setting your own values.

Gravity Forms Templates

Creating a new form with the Gravity Forms plugin begins with a template popup. This popup is incredibly handy, but it does contain a feature that some people looking to white label Gravity forms might want to remove.

Hide Gravity Forms Template Preview Button

Gravity Forms templates come with a Preview button that links to an external site maintained by the developers of Gravity Forms. In order to white label the plugin, you might want to remove that link from each template. You can do so by checking the box next to Hide Preview Button in White Label’s settings for Gravity Forms.

Gravity Forms Settings

Gravity Forms comes with a comprehensive settings screen. These panels contain branding for Gravity Forms, of course, but also some features you might not want clients to access. Thankfully, White Label can hide the features for you.

Hide Gravity Forms Settings Panels

The Gravity Forms Settings screen has individual panels for each part of the plugin you can adjust. White Label has an easy-to-use table, with checkbox, you can use to hide these panels. Simply check the box next to whichever panel you don’t want your clients to see.

Hide Gravity Forms Setting Panel Links

Some of the panels on the Gravity Forms settings screen contain links to external sites. You can hide those links completely by checking the box next to the Hide Links setting in White Label.

Screenshot of White Label's Hide Gravity Forms Settings Links Feature

Gravity Forms Add-Ons

There is an entire section of the Gravity Forms plugin devoted to first-party and third-party add-ons. These add-ons add functionality to Gravity Forms not provided in the base plugin. Of course, most WordPress developers and agencies want to limit their clients’ access to these kinds of add-ons. White Label includes a feature to help you easily disable access to Gravity Forms add-ons.

Hide Gravity Forms Add-Ons Install Button

The list of official add-ons includes an install button. You can hide this install button, to prevent clients from activating an add-on without you knowing, by checking the corresponding box in White Label.

Hide Gravity Forms Add-Ons Download Button

The certified add-ons list, in the Gravity Forms plugin, includes download links to each third-party developer’s website. Check the box in White Label’s settings too prevent clients from seeing those links.

Gravity Forms Plugin Details

One of White Label’s most popular features is the ability to hide and rename plugin details. You can hide WordPress plugin from your users effortlessly. All you have to do is find the plugin you want to hide on the list inside White Label’s Plugins tab. Check the corresponding box and you’re done.

Screenshot of Hide Plugins Feature in White Label

Clients will immediately have the selected plugins hidden from their view when they visit the WordPress admin’s Plugins screen. On top of that, those same clients won’t be notified or nagged whenever your selected plugins have available updates.

White Label Pro, the premium version of our plugin that is required to access its Gravity Forms features, lets you change WordPress plugin details. This is a great way to take your white labeling of Gravity Forms to the next level. White Label Pro lets you change the following items that are shown on the Plugins screen of the WordPress admin:

Name
Plugin URI
Description
Author
Author URI

The following plugin details can be hidden:

View Details
Author
Version

Here’s an example of how you could modify the Gravity Forms plugin details using our plugin:

Screenshot of White Label's Plugin Details Feature with Gravity Forms

This is what your users would see with the above settings in place:

Screenshot of White Label's Plugin Details Feature with Gravity Forms Example

Gravity Forms Menu Items

Finally, let’s close this discussion by showing you how to modify Gravity Forms menu items in the WordPress admin. White Label has a built-in feature that lets you hide WordPress admin menus from your clients. The interface for this is easy to use. All you do is pick the menu items to hide, check the box next to them, and save. That’s it.

Screenshot of White Label's Gravity Forms Sidebar Menus Features

For Gravity Forms, we recommend hiding:

Add-Ons
System Status
Help

These are the three interfaces within Gravity Forms that provide the most outside access and obvious branding.

White Label Pro, required for many of these Gravity Forms white labeling features, also lets you rename WordPress admin menus and change WordPress admin menu icons.

White Label Gravity Forms with Our Plugin

That’s the end of our guide on how to white label Gravity Forms. You can get started with White Label, for free, today. It’s simple to install and offers a ton of features right out of the box. You can then upgrade to White Label Pro if you’d like to access the Gravity Forms features discussed in this article.

Our plugin is the best way to modify the WordPress experience for your clients. Use it to keep the WordPress admin clean, simple, and easy to use. White Label will help you cut down on support requests from clients. It makes troubleshooting problems easier by simplifying what clients have access to. It’s a great plugin for WordPress developers and agencies.

How to White Label Elementor

Elementor is one of the most popular page builders in the WordPress community. If you develop WordPress sites for clients, there’s an excellent chance you have experience with Elementor. Unfortunately, Elementor comes with a lot of branding and upsells that WordPress professionals sometimes want to remove or change. Luckily, our White Label WordPress plugin can help. Today, let’s take a thorough look at how you can use our plugin to white label Elementor.

Before we begin, a few words about White Label. Our plugin was designed to make customizing the WordPress admin experience easy. There are dozens of features in White Label to help you achieve that goal. White Label lets you rebrand the WordPress login page. You can modify the menus inside the WordPress admin. Create your own dashboard or widgets. Hide or change how plugins are displayed. Customize how your installed themes are visible to users. Replace text and logos throughout the WordPress admin. You can even disable upgrade and notification nags.

Please review our features list and our documentation if you wish to learn more about White Label. We believe it’s the best white label WordPress plugin out there. It’s quick and easy to use and ideal for WordPress developers and agencies.

Now, back to the topic at hand. Let’s learn how to white label Elementor.

White Label has an entire section devoted to Elementor. These specific features, combined with some other features built into the plugin, will let you white label Elementor for your clients. We’ll go through each feature one-by-one. By the end of this article, you should have a working version of Elementor without your clients knowing exactly which page builder plugin they are using.

Elementor Logos

White Label has several features to help you deal with the Elementor logo throughout your WordPress installation.

Hide the Elementor Logo

The most obvious way to white label Elementor is to remove its logo from the WordPress admin. This logo appears, to your day-to-day users, most obviously in the Elementor editor. The logo appears during the editor’s loading process, inside the editor’s panel, on the “Edit with Elementor” button, and even in the WordPress admin’s bar menu. You can quickly and easily hide the Elementor logo throughout your WordPress install with a click of a checkbox in White Label.

Replace the Elementor Loading Logo

What if you want to replace the Elementor loading logo with your own? White Label can help you do that as well. In the Elementor area of White Label, there is an option to define an image file to replace the loading logo. The size of the logo doesn’t matter. White Label will adjust to make it work inside the loading screen. This feature also works with the editor navigation menu.

Elementor Colors

Colors are another huge way for software companies to brand their products. Elementor has several strong color choices in their editor. Our White Label plugin lets you modify Elementor editor colors with a few simple settings.

Editor Primary Color

The primary color mainly applies to the header and footer of the editor’s panel. This is the section of the editor, on the side, that contains menus and widgets. In addition, the primary color will also apply to confirmation buttons in the editor. All you need to do is select a color with the built-in picker supplied by White Label. Our plugin does the rest.

Editor Secondary Color

The secondary color applies to the icons and text in the footer of the editor’s panel. There are other additional areas where the secondary color is used: notification dots, panel headers, etc. As with the primary color, you simply pick a color in White Label and that’s it.

Screenshot of White Label's Replace Elementor Editor Colors Feature

Elementor Text

Elementor forces the name of the plugin throughout the WordPress admin. This is most prominent in the Pages list with post state text, but it happens in buttons as well.

Hide Elementor Post State Text

Essentially, post state text is that bit of wording that appears after a piece of content. Here’s an example:

The “— Elementor” part is what we are referring to. You can hide Elementor post state text entirely from the admin with White Label. Simply check the box and that text will disappear.

Screenshot of White Label's Hide Elementor Post State Text Feature

Replace Elementor Post State Text

Let’s say you want to keep the post state text, but change the wording. White Label has you covered there as well. You can replace Elementor post state text with text of your own choosing easily. Enter in the text you want, hit save, and you’re done.

Replace “Edit with Elementor” Text

Finally, the last bit of Elementor text that you can modify with White Label. There are buttons, and an admin bar menu item, that contain the “Edit with Elementor” text by default. You can use White Label to replace the “Edit with Elementor” text with your own wording. It’s just as easy as changing the post state text. Type what you want, save your settings, and you’re done.

Elementor Editor Navigation

Elementor’s editor has a series of navigation items in the side panel. Not all of these items are useful. Or, to be honest, something you want your clients to have access to. White Label comes with a simple interface to hide Elementor editor navigation based on your needs. All you have to do is check the box next to each menu item you want to hide in the editor. Your choices also change the navigation on the Elementor settings screen.

Elementor Pro

The free version of Elementor comes with many upsells and nags for the Pro version. You can white label Elementor to hide some of these elements from your clients.

Hide Elementor Pro Upgrade Nags

The Elementor editor, in the free version, is covered in ads and nags to upgrade to Elementor Pro. We are plugin developers ourselves, so we appreciate the need for these, but they can be overwhelming to non-technical WordPress users. So White Label offers a way to hide Elementor Pro upgrade nags in the editor. It’s a simple checkbox, like many of the other settings we’ve discussed in this article.

Hide Elementor Pro Widgets

Finally, the free version of Elementor shows you widgets unavailable without Elementor Pro. You can remove these widgets from the list with White Label. A single checkbox check will hide Elementor Pro widgets in the editor. Your clients will no longer try and use widgets that are not actually available to them.

Elementor Plugin Details

One of the most common features our users take advantage of is hiding and renaming plugin details. You can hide WordPress plugins from your users easily. Simply find them on the list inside White Label’s Plugins tab, in the plugin’s settings, and select the ones you want to hide.

Your other users will immediately not be able to see that plugin when they visit the Plugins screen of the WordPress admin. In addition, your users will not be notified or nagged whenever a hidden plugin has an update available.

You can change WordPress plugin details as well with White Label Pro, the premium version of our plugin. This can help you take your effort to white label Elementor to the next level. White Label Pro lets you modify the following items that are shown on the WordPress Plugins screen:

Name
Plugin URI
Description
Author
Author URI

The following plugin details can be hidden:

Author
Version
View Details

Here’s an example of how you could modify the Elementor plugin details using our plugin:

Screenshot of White Label's Plugin Details Feature with Elementor

This is what your other admin users would see as a result:

Screenshot of White Label's Plugin Details Feature with Elementor Example

Again, this is a feature only found in White Label Pro. You’ll have to purchase that version of our plugin to have access to this functionality.

Elementor Menu Items

Finally, let’s wrap this up by discussing Elementor menu items in the WordPress admin. White Label has a feature to let you hide WordPress admin menus from your users. The interface is simple. Select the menu items you want to hide, save, and you’re done.

Screenshot of White Label Hide WordPress Admin Sidebar Menus

We recommend you hide all the Elementor options from the menu. This is the simplest way to make sure your users only interact with Elementor via the editor.

White Label Pro has additional functionality that will let you rename WordPress admin menus. This can be useful if you want to combine hiding some Elementor menu items and keeping some with different names.

Screenshot of White Label Pro Rename WordPress Admin Menus

White Label Elementor with Our Plugin

Get started with White Label today. It’s quick and easy to install, and you’ll be able to white label Elementor, and many other parts of WordPress, in minutes. Upgrade to White Label Pro, when you’re ready, to get even more powerful features to help customize Elementor to your needs.

Our plugin is the best way to customize WordPress for clients. Keep the WordPress admin clean, simple, and easy to use. Cut down on support requests and troubleshooting by simplifying what your clients can access and do to their website.

How to Set Your Own WordPress Block Editor Theme Colors

How to Add Your Own WordPress Block Editor Theme Colors

Last Updated February 6, 2023

This post is brought to you by White Label for WordPress. Customize the WordPress admin and make life easier for you and your clients.

The WordPress Block editor has come a long way since its initial launch. There are plenty of blocks included by default and even more available from third-party developers now. Each has its own special set of features and customization capabilities. One of the most common of those features is to set text and background colors for a given block’s content. There is a set of default colors included with WordPress but did you know you can pretty easily add your own? That’s what we’ll cover today. Let’s go through how you can quickly and easily add your own WordPress Block Editor theme colors to your current website project.

Adding Block Editor Theme Colors with Code

Today, we’re going to first focus on adding new block editor theme colors by writing some code. You can also add more colors using some plugins if you prefer and we’ll get to that later in the article. Our assumption is that you are a WordPress developer looking for a more programmatic approach. So we’re going to show you how to add new colors by including some code in your theme.

Declare Block Editor Theme Colors in functions.php

The code you need is relatively simple. You only need to add a small function that uses the after_setup_theme hook. Inside this function, we will be adding an array of custom colors with the add_theme_support function. The elements of that array have to define the name of the color, a slug, and the color itself as a hex value.

Here’s an example block of code where I’m adding two Block Editor theme colors from a client’s logo:

function add_block_editor_theme_colors() {
    $new_colors = [
        [
            'name' => esc_html__('Logo Brown', 'theme-name'),
            'slug' => 'logo-brown',
            'color' => '#695e4a',
        ],
        [
            'name' => esc_html__('Logo Green', 'theme-name'),
            'slug' => 'logo-green',
            'color' => '#41850f',
        ],
    ];

    add_theme_support('editor-color-palette', $new_colors);
}
add_action('after_theme_setup', 'add_block_editor_theme_colors');

Simple enough. Now we’re going to have two new options available in the WordPress Block Editor’s color palette to choose from. Of course, now we have to actually implement these colors in our theme’s CSS.

Add Colors to a CSS File

This part is fairly simple. The easiest way to get your new colors working on the front end of your site is to include them in a CSS file with your theme. The format is basic. It uses the slug from our array for both color and background-color properties.

Here’s an example of the CSS you’ll need if you were using our array:

.has-logo-brown-background-color {
    background-color: #695e4a;
}

.has-logo-brown-color {
    color: #695e4a;
}

.has-logo-green-background-color {
    background-color: #41850f;
}

.has-logo-green-color {
    color: #41850f;
}

Of course, this doesn’t make our new colors work inside of content in the Block Editor. For that, you’ll need to enqueue your stylesheet in the admin as well.

Let’s go back to the functions.php file and add our CSS file to the front and admin side of our site.

Enqueue CSS File

We’re going to need to enqueue our CSS file on the front end and the admin of our WordPress site. You’ll need to add more code to your theme’s functions.php file. This will make sure that our new colors are actually working in our content. When a visitor reads our site or an admin user is writing in the Block Editor the colors will work.

For this code example, I’m going to say that we saved our CSS file into a css directory of our theme and called it block-editor-theme-colors.css. Here’s the code:

function add_block_editor_theme_colors_stylesheet() {
    wp_register_style('new-block-editor-theme-colors', get_template_directory_uri().'/css/block-editor-theme-colors.css';
    wp_enqueue_style('new-block-editor-theme-colors')
}
add_action('wp_enqueue_scripts', 'add_block_editor_theme_colors_stylesheet');
add_action('admin_enqueue_scripts', add_block_editor_theme_colors_stylesheet');

This should get you new block editor colors on both the front and back of your WordPress installation.

Do you want an easier solution? Let’s take a look at some WordPress plugins that can help.

Adding Block Editor Theme Colors with a Plugin

There are a couple of good plugins that will let you customize color palettes for use in the WordPress Block Editor. We’ve chosen two that have similar feature sets but different interfaces. The one you choose will ultimately come down to your preference in interacting with the plugin itself.

Custom Color Palette for Gutenberg

The Custom Color Palette for Gutenberg plugin is a great way to add your own colors to the Block Editor without writing any code. This plugin utilizes the WordPress Customizer and the built-in color picker to let you build your very own color palette. You can control main, grayscale, and primary colors and toggle each of those color categories even further. In the end, you can build a complete set of new Block Editor theme colors without writing a single line of PHP or CSS.

Plugin Details

This product was originally released by its owner in October of 2018. It is actively on version 1.0 and last saw an update on April 1st, 2020. The most recent update works on WordPress 5.4.16 and requires at least PHP 5.6 to operate on your server. This plugin is now working on over 2,000 WordPress sites. It has had over 22,880 downloads. There have not been many support requests from customers. Reviews for this plugin are very positive. Many of the customers who left a review found Custom Color Palette for Gutenberg to be useful.

Block Editor Colors

Block Editor Colors is another fine WordPress plugin for adjusting the available colors you can use in the new editor. Unlike the previous example, this plugin has its own interface for defining Block Editor theme colors. You can add custom colors, define default colors, and all of your choices are applied globally across your WordPress site. So, regardless of the theme or other plugins you use, the color palette you build will be available. This is perfect for client projects where you want to add logo-specific colors but the site undergoes regular redesigns and changes.

Plugin Details

This product was first published by its developer in March of 2020. It is now on version 1.2.6 and last underwent an update on June 11th, 2025. The most recent edition runs on WordPress 6.7.2 and requires at least PHP 5.6 to work on your server. This plugin is actively running on over 3,000 WordPress websites. It has had over 29,470 downloads. There have not been many support requests from customers. Reviews for Block Editor Colors are very positive. Many of the customers who left a piece of feedback found this plugin to be useful.

Customize WordPress for Your Clients

Hopefully, using our code examples or plugin suggestions, you can add new Block Editor theme colors to your client projects moving forward. Before you go, if you want more ways to customize WordPress for clients, you might be interested in our White Label plugin.

White Label was built to let you rebrand and modify the WordPress admin experience for clients. Make WordPress less confusing for them to use and easier for you to support. Change the login page, add custom dashboard elements, edit and hide menus, and manipulate how plugins are displayed.

Check out the complete feature list to learn about all of the ways our White Label WordPress plugin can improve your business and the experience of your users.

How to Add a WordPress Search Form to a Custom Theme

WordPress theme developers have to worry about a lot of moving parts. Templates for posts, pages, archives, and taxonomies. The list goes on and on. One of the often overlooked aspects of theme design is a search form. Including a search form is the easiest way to let website visitors find the content they’re looking for quickly. It alleviates the need for complex, nested menus and other forms of navigation that can be cumbersome and overwhelming. Today we’re going to discuss several ways in which you can include a WordPress search form in the custom theme you are developing.

Before we get started, as a WordPress developer you might be interested in learning more about our White Label plugin. Our plugin lets you modify and customize the entire WordPress admin experience for your clients. Rebrand WordPress, replace logos, add custom color schemes, and more with the dozens of features in White Label. You can learn more about what the plugin has to offer by viewing the features list.

Now, with that out of the way, let’s talk about search forms.

Use WordPress Core’s Built-in WordPress Search Form Function

The search form is such a common feature of a website that WordPress has a built-in function to help you add one to a theme. It’s very simple and can be called with some optional parameters.

In its simplest form, it looks like this:

<?php get_search_form(); ?>

You can pass that function an array of arguments with two possible options:

echo which is a boolean that determines whether WordPress will echo or just return the form. The default value is true.
aria_label which is the ARIA label for the search form. This is an easy way to improve accessibility on your site by giving your form a unique description. It will help to separate this form from other search forms that might appear in your theme.

This seems simple enough. What else would you need, right? Well, this function gets you the bare-bones search form. There are no customizations possible in terms of the markup. You can combine this search form function call with your own template if you want.

Let’s take a look at that technique next.

Build a Custom WordPress Search Form Template

The WordPress templating system knows to look for a search form template in the active theme directory. If one is found, the get_search_form function will use the markup in that file instead. You will need to create a searchform.php file in your theme directory.

The markup is fairly simple. Here’s a very basic version you can use to start:

<form role="search" method="get" action="<?php echo esc_url(home_url('/')); ?>">
    <input type="search" value="<?php echo get_search_query(); ?>" name="s" />
    <input type="submit" value="Search" />
</form>

The most important parts to keep the same here are the action on the form and the name of the search input. Stick with the submit button as well unless you want, or need, to do something more custom.

Obviously, you’ll want to improve on this quite a bit. Add CSS class and ID tags to the elements. Convert the text in the search button to something that can be translated. But, just as a basic example, that chunk of code should get you started on making your custom WordPress search form template.

With the searchform.php file in place, any call you make with get_search_form will use that markup instead of the default provided by WordPress Core.

Write a Custom Search Form Function

This is a bit of an odd way to go about it but we’ll highlight it here just in case it’s useful for your situation. You can write a filter for the get_search_form function to replace the markup of the form. This might be something you want to do if you are writing a custom WordPress plugin, for instance.

Here’s an example of how that would work using the basic markup we used above:

function my_search_form($form) {
    $form = '<form role="search" method="get" action="'.home_url('/').'">';
    $form .= '<input type="search" value="'.get_search_query().'" name="s" />';
    $form .= '<input type="submit" value="'.esc_attr__('Search').'" />';
    $form .= '</form>';

    return $form;
}
add_filter('get_search_form', 'my_search_form');

This is a pretty edge-case solution. For theme developers, you are probably better off just working with your own searchform.php file and skipping this filter function.

Add Custom Post Type Support to a WordPress Search Form

Finally, before we wrap this up, let’s talk about how you can add support for custom post types to a WordPress search form.

This is quite easily done by adding some hidden input elements to the form itself. All you need to do is include one hidden element per post type you want to search to work with. For example, let’s say our site has the following custom post types:

Teams
Players
Coaches

To make a search form that looks through those posts we would do this:

<form role="search" method="get" action="<?php echo esc_url(home_url('/')); ?>">
    <input type="search" value="<?php echo get_search_query(); ?>" name="s" />
    <input type="hidden" name="post_type[]" value="teams" />
    <input type="hidden" name="post_type[]" value="players" />
    <input type="hidden" name="post_type[]" value="coaches" />
    <input type="submit" value="Search" />
</form>

A neat trick here is that, instead of hidden inputs, you can use checkboxes and let the user decide what post types to search for. Tweaks like this are one of the biggest reasons why you shouldn’t rely on the default search form markup. Creating your own gives your theme so much more flexibility and functionality. It’s completely worth the time and effort.

Closing Thoughts on WordPress Search Forms

Writing your own search form markup, through theme files or a filter function, is one way you can get greater control over the built-in experience. Don’t let the built-in WordPress function take charge when you need to add a search form to your theme.

It’s important to add search capabilities to your WordPress themes. Many sites rely on search as a supplement to their site’s navigation. In fact, many sites with large amounts of content are practically unusable without a search form. Adding one with your own markup and styles is a great way to enhance the usability of your custom WordPress theme.

Of course, the default WordPress search results experience leaves much to be desired. In fact, you might want to check out our post about WordPress search plugins that can improve that.

The Best WordPress Plugin Detector Tools in 2023

Oftentimes, when browsing a WordPress-powered site, you’ll find yourself wondering how a specific feature was done. It’s not rare for a site to have something custom-developed but more often than not the feature is from a plugin. There are plenty of manual ways to discover what plugins a WordPress site is using. Thankfully, there are also a variety of WordPress plugin detector tools you can use. In addition to plugins, these tools also function as WordPress theme finders as well.

Let’s take a look at some of the more popular WordPress plugin detector tools out there today. We’ll briefly go over their features. In addition, we’ll run a test site through them to see how well they do at correctly identifying WordPress plugins.

Our Test Site

Our test site is running the GeneratePress theme on the latest version of WordPress. To be sort of unfair, we’re going to check for every WordPress plugin installed and activated on the site. It’s incredibly difficult, and often impossible, for any WordPress plugin detection tool to find admin and behind-the-scenes plugins. Those that do are truly standout performers.

The following plugins are installed and activated on our test site:

** These plugins are paid add-ons or have no direct presence on the WordPress.org plugin repository.

Scan WP

First on our list is Scan WP which is a tool for more than just plugin detection. That will be a common feature for every tool on this list, in fact. In addition to plugin detection, Scan WP will tell you a site’s theme, hosting provider, and some SEO information provided by SEMRush. A lot of this information, like the hosting, are just less-than-subtle attempts at affiliate marketing. The theme details are pretty normal for these types of tools: price, tags, URL, etc. One nice feature is that Scan WP will tell you how many sites they have scanned are using the same theme.

We’re here to talk about WordPress plugin detector tools though. How does Scan WP stack up? Of the 16 plugins our test site uses, Scan WP was only able to identify the following 5 for a 31% success rate:

Atomic Blocks
Easy Digital Downloads
MC4WP
WP Terms Popup
Designer Add-on for WP Terms Popup

That’s not a really great set of results. You could do a better job just manually reviewing the site’s source code. Let’s see if the next detector tool on our list does any better.

WordPress Plugin Checker by Earth People

The WordPress Plugin Checker is a tool written by the team at Earth People. This WordPress plugin detector is one of the oldest solutions we’ll cover in this post. It’s quite limited in what it can find. Their scanner only looks for the 50 most popular plugins in the WordPress.org repository in addition to the plugins Earth People develop themselves. That means, at the time of this writing, this WordPress scanner is only looking for 65 plugins. There are no bonus features to this site which means you won’t learn about themes, hosting, or other interesting details.

For our test site, only 2 out of the 16 plugins were detected for an abysmal success rate of 13%:

MC4WP
Wordfence Security

WP Detector

WP Detector offers similar results to Scan WP but with a slightly less overwhelming interface. This tool provides theme details, hosting information, and SEP data via SEMRush. There are still affiliate links scattered through like Scan WP as well. In terms of plugin performance, this WordPress analyzer was (you guessed it) as successful as Scan WP. The site found 5 of the 16 plugins on our test site for a success rate of 31%.

Atomic Blocks
Easy Digital Downloads
MC4WP
WP Terms Popup
Design Add-on for WP Terms Popup

InspectWP

InspectWP is probably one of, if not the, most comprehensive tools on this list. This site does a lot on top of checking for WordPress plugins and themes. In addition to WordPress concerns, InspectWP shows you issues with security, GDPR, SEO, general HTML markup, performance, and much more. You can learn hosting, server, and even DNS information about any website that you look up with the tool.

For our test site, the plugin results weren’t too bad. It found the following six plugins we were using.

Easy Digital Downloads
MC4WP
The SEO Framework
WP Super Cache
Wordfence Security
Redirection

In fairness, we ran this test at a different time from the other plugin detection tools on this list. So, the total number of installed plugins on our test site has changed. We can’t give a success rate because it will never compare fairly to the others. But, in general, InspectWP did a nice job finding plugins and the extra information it provides is quite useful.

WhatWPThemeIsThat

WhatWPThemeIsThat.com is one of the most popular WordPress detection tools out there. As the name implies, it is mostly focused on WordPress theme detection. It will easily find whatever theme a WordPress site is using and tell you what version is in use, who made the theme, and how to find it for yourself. There’s very little that is flashy about this site. You get the theme details and a brief rundown of any plugins and that’s it.

Once again, we’re really interested in plugins, and here are the results. WhatWPThemeIsThat found 5 of the 16 plugins on our test site for a success rate of 31%. This performance, and the exact plugins it found, are identical to what Scan WP produced:

Atomic Blocks
Easy Digital Downloads
MC4WP
WP Terms Popup
Designer Add-on for WP Terms Popup

IsItWP

IsItWP is a WordPress website analyzer that is mostly a vehicle for affiliate sales. The main push is to get you to read their hosting reviews. Their theme detection is sub-par in terms of how it scanned our test site. The test site uses GeneratePress. It is one of the most popular WordPress themes on the market and IsItWP could not identify it.

In fact, of all the WordPress plugin detector tools on this list, it performs the most poorly. IsItWP was unable to find a single one of the plugins on our test site. A success (can you call it that?) of 0%. Instead of results, it suggested we read their blog post on the best-selling WordPress plugins.

IsItWP did so poorly that we thought we would put it to another test. We asked it to scan itself. The results were bad again. It was able to identify the custom theme the site uses but only found two plugins. We were able to identify at least five plugins by browsing the site’s source code.

WPThemeDetector

Finally, the last tool on our list is incredibly popular: WPThemeDetector.

This WordPress scanner will find themes and plugins for any WordPress-powered site you ask it to look at. It offers similar results to its main competitor, WhatWPThemeIsThat, in a similar format. You get theme details you would come to expect with some added stats like theme popularity. For example, our test site uses GeneratePress, and WPThemeDetector currently reports that 81 out of every 10,000 sites it scans use the same theme.

Now, for the good stuff. WPThemeDetector has a very accurate plugin detection system. In fact, no other tool on our list performs as well as this one. Their software found 9 of the 16 plugins running on our test site for a whopping 56% success rate. It found quite a few plugins no other tool we tried could find. Here’s the complete list:

Akismet Anti-Spam
Atomic Blocks
Easy Digital Downloads
GP Premium
MC4WP
Redirection
WordFence Security
WP Terms Popup
Designer Add-on for WP Terms Popup

WPThemeDetector was the only tool on our list to find Akismet Anti-Spam, GP Premium, and Redirection. Impressive. We recommend you use WPThemeDetector for all of your plugin-finding needs. It performed much better on our test site than any other WordPress plugin detector tool we tried.

Want More Help with WordPress?

We appreciate you reading our post on WordPress plugin scanners. The blog we run here has other articles about using and getting the best out of WordPress. We regularly post articles on how to use WordPress for your clients and projects in the best way possible.

In addition, our plugin WordPress plugin White Label gives you the ability to adjust the WordPress admin experience for your clients and users. Check it out for free and start making WordPress less intimidating and confusing for your clients.

How to Use a WordPress Static Site Generator to Increase Performance

One of the big knocks on WordPress is that it can have pretty poor performance. WordPress is simple to install and it runs on pretty much any server. It’s easy to get started and realize your site is running slow. Fortunately, there are a lot of ways to improve loading speeds and performance. You can try WordPress caching plugins, for instance. Or, if you want to take an even more modern approach, you can use a WordPress static site generator.

A WordPress static site generator will generate a copy of your site’s content in pure HTML and CSS form. There will be no database interaction or requests when someone visits your site. Everything will be served to the user through pre-generated files. This means changes you make to your site, via the WordPress admin, will require new static files to be created. Of course, that downside is worth the performance increase that static files provide. It’s much simpler, and faster, for a server to send someone static HTML than it is to generate web page content on demand for each request.

The Pros and Cons of Static WordPress Sites

We’ve discussed this already but speed and performance are the main advantages here. In addition, a WordPress static site generator is going to help keep your site safe from hackers. Bad actors take advantage of WordPress and its dynamic content systems to weasel their way into your database and admin. A static site doesn’t have any of those server-based interactions for people with bad intentions to use.

The downside to a static site is that you lose a lot of the interesting functionality of WordPress. Again, there is no longer going to be any dynamic content or real-time server requests. This means things like contact forms, comment systems, and even site search become much more difficult to make work. Also, large sites with a lot of content can be difficult and slow to generate whenever changes are made.

All in all, whether or not you go with a static site generator for your WordPress site is best decided on a case-by-case basis. Smaller sites that don’t see a lot of updates are ideal candidates. More interactive sites, that require a lot of user input, are probably not the best choices for this approach.

The Types of WordPress Static Site Generators

There are generally two types of WordPress tools to generate static sites: services and plugins.

For a WordPress static site service, you rely on a third party to handle the entire process. Generally, these services come with regular monthly or annual fees. They handle all of the technical details and leave you to relax and worry about other parts of your website.

WordPress plugins that generate static sites are a different beast entirely. For the most part, these plugins are free to download and use. The downside is that you are often the one responsible for the successful installation and maintenance of the static site generation processes. If something goes wrong, it’s on you to correct things or get a hold of the plugin developer to help you.

Static WordPress Services

Sometimes the easiest thing, if you have the budget, is to let someone else handle static site generation for you. The following are some of the most well-regarded and popular WordPress static site generator services on the market.

Strattic

Strattic is a headless WordPress hosting provider that has grown in popularity recently. Signing up for Strattic gives you access to a worldwide content delivery network (CDN) that will host and server your static files. The best part is that Strattic provides you with a lot of the features uncommon to static sites. That means you’ll get site search, working integrations with many popular plugins (including ones for forms), standard redirects, and 404 handling.

There is a 30-day free trial available if you want to give this a shot. Afterward, the price of their plans ranges from $45/month to $250/month and more. Most sites can handle the cheaper plan but, if you grow, there are options available. Strattic is on the rise, with a recent round of investment guaranteeing they will be around for a long time.

Shifter

Finally, we suggest you check out Shifter for service-based static site generation. Shifter markets itself as a Jamstack WordPress hosting platform. Essentially, Shifter provides a platform to serve WordPress-powered sites served statically. You handle everything inside their custom dashboard and they handle the rest. They have their own CDN, handle your backups, and let your site serve WordPress dynamic content like search, forms, and online sales.

Shifter has an entirely free plan which sets it apart from the competition. It’s limited in terms of storage and bandwidth but is good enough for smaller sites. After that, plans range from $16/month up to $144/month. Each increase brings more storage and bandwidth. In addition, paid plans support custom domains which is key for any serious website anymore.

Static WordPress Plugins and Tools

There are a handful of really good plugins and tools for static WordPress site generation. Here are two of the favorites that we recommend you check out.

Simply Static

Simply Static, by Patrick Posner, is arguably the most well-known and useful static site generating plugin. It’s available for free at WordPress.org and offers a lot of flexibility and choices. You can use the plugin to generate static files of your site that you can then host on your own server, another provider’s servers, or at a CDN.

There is a premium version called Simply Static Pro that offers GitHub integration. You can then deploy your website to GitHub Pages, Cloudflare Pages, Netlify, Vercel, Amazon S3, and other servers. Even your own. Essentially, the Pro version makes the production process seamless so you don’t have to worry about transferring any files.

WP2Static

Finally, check out WP2Static from Leon Stafford. This plugin provides an interface to generate and deploy your site. In addition, there is a command-line tool you can use as well. You can check out the free version of the plugin right now and see if it’s right for you.

The add-ons, which can be bought in a bundle for a one-time fee, extend WP2Static in interesting ways. You can use the add-ons to deploy your site to BunnyCDN, Google Cloud, Netlify, and more. There is also an add-on to help integrate your site with Algolia search. As we mentioned, integrating search into a static site can be a pain so this is a nice addition.

Want More Tips About Managing WordPress Sites?

Thanks for taking the time to check out this post on picking a WordPress static site generator. The blog we maintain has more articles about getting the most out of WordPress for your business. We frequently write articles on how to effectively use WordPress for your clients and projects.

In addition to the blog, our popular plugin WordPress plugin White Label lets you change the WordPress admin experience to match your clients and their needs. Check it out today for free and discover how it can help you deal with clients better.

How to Maintain a Secure WordPress Website for Your Clients

Web design and development is dominated by many platforms but the most popular is WordPress. If you are here, you presumably know this already as you use WordPress for your clients. You are also presumably aware that the popularity of WordPress comes with a reputation of hackers looking to exploit its vulnerabilities. Their goals are to steal valuable information from websites or shut them down entirely. How can you prepare your WordPress website to be as protected as possible from these threats? Here are some easy steps you can take to keep a secure WordPress website.

Research Themes and Plugins Before Installing

WordPress enjoys the flexibility of having many themes and plugins. Unfortunately, those themes and plugins can also have vulnerabilities that can be exploited by hackers. This is why it is important to review your theme and plugins in advance. Check for any potential threats associated with them. A simple search for any theme or plugin name should reveal past or ongoing issues to be aware of.

It is also essential for plugins to have a reliable support team for help if there are problems. Try to avoid using a plugin that is either old or not compatible with recent WordPress versions. It may not have an active support system. When something goes wrong and you can’t fix it yourself you might be in trouble. Being unable to reach out to the theme or plugin developer for assistance could leave you scrambling to find alternate solutions.

Handle Regular WordPress Updates

WordPress is open-source software that is always changing and evolving. You can just install WordPress, add a few plugins, and send your clients on their way but that is a recipe for disaster. It’s important not to neglect updates to WordPress core and third-party plugins. Plugins, in particular, are very common vectors for security threats to infect a site. Keeping plugins updated is an easy way to make sure your client’s website stays safe. Updates also frequently introduce general bug fixes and new features that can improve the website and experience.

WordPress has a feature that lets you turn on automatic plugin updates. You can do this on a case-by-case basis if you don’t want to be constantly checking your clients’ sites for changes. We recommend you use this feature sparingly though. Plugin updates should be reviewed and not just done blindly most of the time. Unless you really trust the plugin developer, we suggest treading carefully with automatic plugin updates. WordPress core can be automatically updated by most hosting providers. This is common for important security fixes and, in general, can be trusted to go forward without your intervention. Either way, keeping things updated is by far the easiest way to maintain a secure WordPress site.

Create Durable and Secure WordPress Passwords

A common way hackers try to break into WordPress sites is by figuring out the password to an admin account. Traditionally, hackers try to access WordPress sites via brute force attacks. In these situations, an individual repeatedly tries different username and password combinations until they hit on one that works. These combinations are usually pulled from large databases of known accounts that have been comprised around the web.

What many people don’t realize is that there is more than one way for hackers to try and access WordPress via logins. Non-technical folks assume a person is manually entering in usernames and passwords. Unfortunately, hackers and exploiters are too smart for that. Often times they will use bots to do the login attempts for them. To make things worse, they don’t even need to use the actual WordPress admin’s login form. There are ways, with scripting, that you can try and access a WordPress site repeatedly without having to access the login page at all.

Remember, a weak password has a higher chance of being compromised. It is important to use random characters when creating a WordPress password. WordPress’ user creation tool has a password suggestion feature we recommend using. These auto-generated passwords are more secure than what most people come up with off the top of their heads. Creating obscure passwords is a very simple step to maintaining a secure WordPress installation.

Eliminate Automated Bot Traffic

Since we mentioned hackers earlier, one of their main weapons is bots. When you see bot traffic in your analytics it can be a bad omen. It is important to track the original source of this traffic and block it from reaching your site. This can include the IP address of the traffic as well as the region it is coming from. Your malware detector software can be used to identify the sources of bot traffic and how to manage it, including blocking them from coming from certain IP addresses and regions. We recommend a plugin like WordFence to handle this effectively.

Monitor Additional Users and their Access Roles

It is very common for a WordPress website to be run and managed by multiple people. This is why many clients want user accounts across multiple access levels within their business. This is simple enough to do in WordPress but you must be careful which role each user is assigned. Not everyone should be an administrator, for example. Giving the wrong person admin-level control of a WordPress site can lead to many issues. If they are non-technical, they might accidentally delete or install something they shouldn’t. If they are malicious, they can create all sorts of havoc with administrator privileges.

Review user access levels constantly as not every team member may have reliable security software set up on their systems. If a team member has their computer compromised by a virus, then disable or limit their user role within your website until their device is cleaned. In addition, if an employee is departing from the company, then remove their user role from the system as well.

Finally, try using a plugin like White Label to limit what admins can and can’t do to a WordPress site. The plugin, which we develop and update regularly, lets you modify menus, dashboards, and more to fit your client’s needs.

Use Security Scanners and ModSecurity WordPress Settings

The most popular WordPress security scanner is WPScan. You can find details about the inner workings of WPScan online at the official website. In short, it’s a command-line interface tool that checks against a large database of known WordPress vulnerabilities. After the WPScan tool runs it shows you its findings in a simple reporting interface. WPScan checks for the current versions of WordPress, your theme, and any plugins that are installed. From there it will find problems recorded in its database. In addition, WPScan can find and alert you to other problems. Weak user passwords. Publicly accessible database dumps. Exposed error logs. Vulnerable files and a lot more. It’s an incredible, yet pretty technical tool, to keep a secure WordPress installation.

ModSecurity is an open-source web-based firewall application most commonly referred to as a WAF. It can run on all of the popular web servers such as Apache and Nginx. Installing and configuring ModSecurity is beyond the scope of this article but tutorials are available online. Once you have ModSecurity running you can make it work with WordPress by installing a rule set. Luckily, there is a WordPress ModSecurity rule set available provided for free by a member of the WordPress community.

Want to Learn More About Handling Your Clients’ WordPress Sites?

The key to having a secure WordPress site is having a consistent system of security practices. Being proactive in your management of WordPress can go a long way. Adding the aforementioned strategies into your security plan can protect against malicious threats.

We appreciate you taking the time to read this article on keeping a secure WordPress site. Check out our blog for more tutorials and articles about using WordPress in your business. We often write posts on how to get the best out of WordPress for your clients. We also have a very popular plugin called White Label that lets you change the WordPress admin experience to better suit your clients.

WordPress Log4j Exploits: Are Your Clients’ Sites Safe?

Undoubtedly, you’ve heard the news about the recent discovery of an exploit centered around something called Log4J. This issue has hit mainstream television, newspapers, and every form of media. It’s become so well-known, in such a very short time, that you might have heard your friends and family asking about it. Anyone who does any kind of web design or web development work has most definitely had clients ask them about Log4J as well. Today we’re going to go over what exactly Log4j is, how the exploit works, and whether or not your WordPress clients are in danger. In the end, you should have a better understanding of the truth behind WordPress Log4j exploits and how they impact the world’s most popular content management system.

What Is Log4j?

Log4j is a very popular logging library for the Java programming language. Written and maintained by the Apache Software Foundation., Log4j appears in a variety of software applications to collect and store events. In short, a logging library lets a developer collect information about a particular process or user and save it for later use. These uses can be for other features of an application, for various kinds of reporting, or to simply help with development by monitoring for errors.

What Is the Log4j Exploit?

The Log4j exploit, specifically called CVE-2021-44228 but commonly referred to as Log4Shell, is a zero-day vulnerability that allowed for unintended code execution. Since Log4j allows for storing user input (again, it’s common practice to log these kinds of things in a lot of applications) it needs to be sure that input isn’t actionable. Unfortunately, the Log4Shell vulnerability allows for the remote execution of code if the user input that is logged is formatted in a very specific way.

This exploit allows malicious users to inject text via Log4J and then execute code on a remote address. Some common applications of this technique are to force devices to unknowingly mine cryptocurrency, send spam emails, and do other underhanded things.

News of the exploit came to the Apache Software Foundation’s attention on November 24th, 2021, but the vulnerability had been in the wild since 2013. On December 6th, 2021, a fix for the exploit went out but the crisis doesn’t end there. The amount of software using Log4j is quite vast. It will take quite a while for all of these applications to correct this issue internally. In the meantime, abuse of the exploit will be running rampant.

Is WordPress Impacted by Log4j?

Finally, to the discussion about WordPress Log4j problems.

This entire post has essentially been nothing but bad news for the Internet. Log4j is very popular in the Java programming community. Many high-profile applications use the library. Fortunately, PHP, and not Java, is the programming language of WordPress. This means that your clients’ WordPress sites are safe in most circumstances.

The only thing you should check is to see if, for some reason, your WordPress sites connect or interact with any Java-based applications on the same server. The chances of this are rare if you are working with standard WordPress installation. We recommend you check anyway just to be safe. If you are unsure, contacting your hosting provider is a good place to start to get confirmation.

It’s important to remember that this issue does not impact the Apache webserver. This is important to know because many WordPress sites run on Apache-powered servers. While Log4J is part of the Apache Software Foundation it is separate from the web server application. In addition, you might see some references to something called Log4js in some of your WordPress plugins or server architecture. This is a Javascript library and not related to the exploit. It just has a very similar name.

This Isn’t the End of Log4j

We are most likely going to be dealing with the fallout of Log4j for many months to come. Thankfully, if you run a WordPress-focused business, the news is good. The odds are small that your clients and work are affected. WordPress runs on the PHP programming language, and not Java, so the likelihood of there being a problem is tiny. Just remember there is a chance your server might contain Java software that interacts with your WordPress installation. This would most likely be a custom setup you are aware of though so act accordingly.

Thank you for reading this article. If you would like to learn more about WordPress and running a WordPress business check out our blog. We regularly write articles and guides on how to get the best out of WordPress for your projects. We also have a popular plugin called White Label that lets you customize the WordPress admin experience for your clients. Check it out if you run a WordPress-focused client business.

WordPress Scripting: Server-Side and Client-Side

The term “coding” is broad and refers to any machine language that writes instructions for a computer or computer program. Scripting is a specific type of coding that sends instructions to websites or programs running on a computer. These instructions can be either on the client-side (the front-end) or the server-side (the back-end). When you visit a WordPress website it will first request that page from a server. The server will run any server-side scripts and then send the page to my browser along with the code necessary for the client-side scripting. Client-side and server-side code are the building blocks of WordPress scripting.

Let’s go into some more detail about exactly what server-side and client-side scripting is. In addition, we’ll discuss specifics about how this all relates to WordPress. By the end, you should have a better understanding of how server-side and client-side WordPress scripting works.

What Is Server-Side Scripting?

The server is the location where the files for your website are stored. When someone loads your site, their browser sends a request to the server. The server-side script then processes the request and sends the results back to the user. This back-and-forth, with the server processing code and information from a storage mechanism such as a database, is the core of server-side scripting.

In short, server-side scripts run on the server hosting the site in the few seconds between someone clicking something on your site and the content appearing in their browser.

What Is Server-Side Scripting Used For?

In most cases, server-side scripting is used for most aspects of loading a web page. It’s the building block of websites. For example, say you are visiting your favorite WordPress-powered website. When you first visit, the browser you’re on sends a request back to the server with information about what post you are viewing. Server-side scripts then instruct the server to pull that post’s data and construct the HTML for the page. Then the server sends that markup to your browser.

If you have a site with a personalized login page for your clients, the same thing will happen. The server needs to send their personal details back to the browser after they log in. You may see different content on the login page depending on if you are logged in or not. That’s server-side scripting. It decides what to display based on variables and conditions.

Which Parts of WordPress Scripting Are Server-Side?

The core of WordPress, and most third-party plugins, are all powered by server-side scripting. WordPress is built on top of PHP which is a server-side programming language. Data is stored inside of a MySQL database. These two components, when combined, handle all of the server-side processing requests a WordPress site makes. High-quality hosting is important because so much of WordPress works on a server. This is why you see so many ads for expensive WordPress web hosting nowadays. In addition, you can offset the slowness of server-side scripting with one of the many popular WordPress caching plugins.

What Is Client-Side Scripting?

In simple terms, client-side scripting is code that makes changes to the page in the browser where it is being unpacked. This happens on the user’s end and so it depends on their computer, rather than a server. With client-side scripting, the code is sent to and temporarily stored in the browser of the person viewing it.

Client-side scripts, such as JavaScript, work by interacting with a page’s HTML code to add or change what is shown on the page under different conditions.

What Is Client-Side Scripting Used For?

Client-side scripting is used to make websites more interactive. Think pop-up boxes and other exciting visual changes in the browser. Client-side scripting runs on the browser (such as Chrome or Firefox) that the page is being loaded on.

Design elements that display and become interactive without needing the page to reload are generally using client-side scripts. An example would be clicking on a photo in your social media feed and it becomes larger. This works because the photo has already been sent to you by the server and stored temporarily in your browser. The client-side script then makes it interactive by pulling the information from the HTML file and altering the image size.

Which Parts of WordPress Scripting Are Client-Side?

At its core, most parts of WordPress are server-side as we discussed. You’ll most often see client-side scripting on a WordPress site through themes and plugins. For example, any WordPress site that has one of those infinite scrolling lists of posts is using client-side scripting. Many plugins with interactive front-end elements, like a WordPress popup plugin, are using come client-side scripting as well. For the majority of instances, WordPress client-side scripting is going to involve something visitor-facing and interactive.

WordPress Scripting Is Server-Side and Client-Side

Server-side scripting prepares WordPress content before it’s sent to the browser. This usually happens before the page is loaded. Client-side scripting is used to make sites more interactive. Most WordPress sites now rely on both client-side and server-side scripts to give a complete experience. A site’s files are sitting on a server waiting for someone to request to view them. When the server receives a request, it sends those site files along with any client-side scripts to the visitor’s browser. The client-side script is used to make the page more interactive.

The Complete Guide to WordPress Database Cleanup

Every WordPress developer with even a small amount of experience has witnessed database bloat. Over time, your site’s database is going to be too large for its own good. When this happens it is time to consider the best approaches to proper WordPress database cleanup.

WordPress is a powerful content management system built on the foundations of open-source development. There are tens of thousands of plugins, and themes, at your disposal. Unfortunately, there isn’t really anyone keeping good tabs on how those plugins and themes are made. As your site grows, through the addition of content, plugins, and changes in the theme so does your WordPress database grow as well. Improperly developed plugins and themes, combined with poor maintenance practices, can leave your site running slow and fat.

Join us as we go through the reasons proper database maintenance is important. We’ll cover the best benefits of a good WordPress database cleanup plan, the best ways to handle WordPress database bloat, and how to prevent it from reoccurring in the future. In the end, you’ll be able to better provide WordPress services to your existing and future clients.

Why Proper WordPress Database Maintenance Is Important

You probably didn’t sign up for database ops when you started your WordPress agency. That’s understandable. Many WordPress developers don’t think twice about things like database size or speed. And, for projects of a certain size, it can never be an issue. Unfortunately, for most websites, there comes a time when the size of the database has gotten out of control. Knowing how to handle this, and why, is an important part of any WordPress maintenance program that you can operate for your clients.

Faster Website Speeds & Loading Times

Without proper caching, a WordPress site can run slow as it draws information out of the database. This happens on every page load and interaction. A large database, especially on a low-end server, will trend to slower response times as it grows. You can compensate for this by throwing more into your hosting: more memory and faster processing. Of course, that means more costs for you and your clients which isn’t always an ideal outcome. Staying on top of your website’s speed, through options like caching and database maintenance, is more cost-effective.

Smaller and More Practical Backups

Large WordPress databases lead to large WordPress backups. Every good backup solution for WordPress (more on this later) includes a copy of the site’s database. As that database grows, filling up with useless data, the size of your backup increases. This can be ok if you are storing backups locally on the server. Of course, most backup plugins include support for uploading backups to third-party storage providers. Those uploads can become large and fail if the backup size becomes too large for your server to handle.

How to Handle WordPress Database Cleanup

There are two common ways to handle the database cleanup process. You can either work with the database manually or automatically with WordPress plugins. We’ll cover each of those on their own but, first, let’s address the most important first step. You need to make some valid database backups before doing anything.

Stop and Make a Database Backup

Let’s stop for a minute and make a backup of your database. At the end of the day, no matter how you deal with a WordPress database cleanup, you will be touching important information. If something goes awry you are most certainly going to want a proper backup ready to go. Check out our rundown of the best WordPress backup plugins you can install and use for free right now.

Manual Database Cleanup and Operations

Many people reading this post probably think that they can handle most of these problems with some custom SQL queries. And, of course, those people would be correct. You can figure out how to eliminate a lot of bloat in your WordPress database on your own. There are post revisions to remove, tables from long uninstalled plugins to delete, and much more.

We recommend, as tempting as it can be to get your hands dirty, avoiding manual WordPress database cleanup. Even the most competent, experienced WordPress developers make mistakes. The chance of a mistake happening with an incorrectly composed SQL query is much higher than going with an automated option like a plugin. In addition, so many objects in WordPress are interrelated across tables that it can be difficult to thoroughly clean things yourself. It’s better to rely on a plugin, built to account for all scenarios. So, with that said, let’s take a look at some popular WordPress database cleaning plugins.

WordPress Database Cleanup Plugins

The WordPress.org plugin repository is full of solid plugin options for WordPress database maintenance. We’re going to cover the most popular plugins next. Many of these have overlapping features but we suggest you give several of them a try. You might find one with an interface more to your liking or one that seems to be more actively in development. You can’t go totally wrong no matter which plugin you pick.

WP-Sweep

We recommend WP-Sweep as a good solution for cleaning up your WordPress database. This plugin is simple to use and offers maintenance support for a laundry list of issues. WP-Sweep cleans up revisions and auto drafts from your posts. It also handles comments by removing any that have been trashed, unapproved, or marked as spam. Orphan data is a huge issue in WordPress databases and WP-Sweep deals with them all automatically. You’ll no longer have to worry about orphaned metadata for posts, comments, users, or taxonomies. WP-Sweep even removes duplicate content in your database. Keep in mind, this is content that is copied in the database. Content made with a WordPress duplicate page plugin will remain safe.

One of the reasons we recommend WP-Sweep is due to the way the plugin is coded. It relies solely on WordPress’ built-in database delete functions to do its work. There are no actual SQL queries written or run by the code directly. This helps ensure the plugin removes things in the “WordPress way” and is an extra bit of security that’s nice to have.

In addition, WP-Sweep has a command-line interface (CLI) component as well. You can run any of the features of the plugin, on your own, from a terminal window. This is a particularly nice feature for the terminal warriors out there that find doing anything inside of the WordPress admin fussy.

WP-Optimize

Of all the plugins here, WP-Optimize is probably the most feature-packed. It handles site caching, compressing images, and database cleanup. This might be the choice for you if you want a plugin to handle multiple maintenance issues. We’re going to skip going over those extra features and just focus on the database parts.

In terms of database cleanup, WP-Optimize has a lot of useful features. It takes care of all the coming cleaning tasks you would expect, of course. It removes unnecessary data for posts, comments, pingbacks, trackbacks, and transients. The extra features make it stand out though. You can use the plugin to compact your database tables. There is support for scheduled optimizations so you can run your database maintenance automatically. The cleanup process has options to store data for a specific amount of time as a backup. Finally, you can get some database stats and reports to show how well WP-Optimize is working on your site.

We like WP-Optimize and recommend it if you are looking for a one-stop-shop solution for all of your WordPress maintenance needs. It might not be perfect for you if there are other plugins you prefer for caching and compression. Regardless, we suggest you give WP-Optimize a shot and see how it fits your workflow.

Advanced Database Cleaner

Advanced Database Cleaner is a full-featured WordPress plugin for database maintenance. It has a similar set of options to its competitors with a few neat extras. In terms of the basics, all of the support for posts, comments, etc. are there. This plugin removes revisions and auto drafts as well as trashed posts. You can have it delete pending, spam, and trashed comments. It supports the removal of pingbacks and trackbacks. Tools to delete orphan metadata for posts, comments, users, and terms are available. Finally, you can remove transients with Advanced Database Cleaner.

This plugin lets you review orphaned data before deleting it which is a nice touch. It also offers to store your cleaned data for a set period of time in case you make a mistake. You can set scheduled database cleaning tasks and specifically choose which things to take care of. In addition to WordPress tasks, Advanced Database Cleaner can run common MySQL processes like optimizing tables, repairing corruption, and removing empty table rows.

One thing that sets Advanced Database Cleaner from other options is its Multisite support. You can use this plugin, from the main site, to clean and run maintenance on every site of the network. WordPress Multisite is a difficult issue for many plugins so it’s nice when one supports it out of the box.

Optimize Database after Deleting Revisions

Finally, to wrap up our coverage of database clean plugins, we’ll discuss Optimize Database after Deleting Revisions. ODDR, for short, handles all of the obvious database maintenance tasks. It deals with post revisions, comments, pingbacks, trackbacks, and transients. You can set schedules to run these tasks automatically behind the scenes. Optimize Database after Deleting Revisions offers pre and post-maintenance reports. You can preview what is going to be removed and then review what was deleted. All of this is pretty standard stuff for a WordPress database cleanup solution.

ODDR is different in one interesting way though. It offers granular control over how your cleanup is run. You can tell it to only remove revisions, for example, by a date range or a total count. This means your cleanup process can remove excessively older content but keep more recent data to be safe. You can even set a custom field on your posts and pages to manually exclude them from the entire process. This isn’t a hands-off technique but should be trivial to handle for most WordPress developers.

We recommend ODDR if you need very tight controls over what data you clean up. Being able to exclude certain content from the process is a nice touch and may be necessary depending on your site or client’s needs.

Preventing WordPress Database Bloat & Related Website Problems

The plugins above can handle most of the database bloat issues you might experience with WordPress. Of course, relying on a third-party piece of software isn’t always best practice. You can do some things on your own to help prevent a WordPress database from filling up needlessly. Plus, you can set up caching solutions to make speed less of a concern. Let’s go over these ideas next.

Keep Your Plugins and Themes Updated

Out-of-control plugins, and occasionally themes, are a frequent source of database bloat. It’s important to understand what the plugins and the theme running your site are doing behind the scenes. This is especially true if you ever delete a plugin or switch a WordPress theme. Many times, with plugins especially, removing or deleting a theme doesn’t remove any of the data the plugin generated in the database. High-quality plugins know to offer this as an option or handle it automatically, but most do not. Being cognizant of what plugins are adding to your database is a good way to stay on top of bloat and overload.

Schedule Regular WordPress Database Checks

You should be familiar enough with WordPress and its database structure to identify outstanding problems. It’s good practice to semi-regularly do a manual review of your MySQL tables. You don’t need to write any queries or actually manipulate the data in any way. Doing a look over the tables’ raw data is possible with practically every MySQL browser software on the market today.

Invest in a WordPress Caching Solution

The final way to cut down on database bloat issues is to put your website on a caching system. There is an absolutely incredible number of WordPress caching plugins. They all offer very similar features with varying degrees of setup and cost involved. You can find the right fit for your site’s size, and your budget, with a little bit of research. Consider a content delivery network (CDN) as well. You can find opinions on the best CDN for WordPress at our company’s website if you want to learn more.

Make WordPress Database Cleanup an Important Maintenance Task

WordPress is a beautiful content management system that can sometimes get gummed up by its own foundation. It’s important to make WordPress database cleanup and maintenance a priority. For the sake of your client’s websites, your servers, and your own sanity. The approach you take doesn’t matter as long as the task is getting done.

As your client base grows, and the stable of websites you are responsible for increases, finding the base maintenance routine is important. We recommend finding what works best for you and then repeating that process for all of the WordPress websites under your supervision. Over time you will have enough experience to become an expert in WordPress database maintenance. This can lead to more clients, more services to offer, and an improvement to your WordPress agency or consultancy.