WordPress Interview Questions and Answers – Part 13

201. Is WordPress safe from brute force login attempts? If not, how can you prevent such an attack vector?
No, WordPress on its own is vulnerable to brute force login attempts.
Some good examples of actions performed to protect a WordPress installation against brute force are:
• Do not use the “admin” username, and use strong passwords.
• Password protect “wp-login.php”.
• Set up some server-side protections (IP-based restrictions, firewall, Apache/Nginx modules, etc.)
• Install a plugin to add a captcha, or limit login attempts.

202. Assuming we have a file named “wp-content/plugins/hello-world.php” with the following content. What is this missing to be called a plugin and run properly?

add_filter('the_content', 'hello_world');
function hello_world($content){
return $content . "<h1> Hello World </h1>";

The file is missing the plugin headers. Every plugin should include at least the plugin name in the header with the following syntax:

Plugin Name: My hello world plugin

203. What is a potential problem in the following snippet of code from a WordPress theme file named “footer.php”?

</section><!—end of body section- ->
<footer>All rights reserved</footer>

All footer files must call the <?php wp_footer() ?> function, ideally right before the </body> tag. This will insert references to all scripts and stylesheets that have been added by plugins, themes, and WordPress itself to the footer.

204. What is this code for? How can the end user use it?

function new_shortcode($atts, $content = null) {
“type” => “warning”
), $atts));
return '<div class="alert alert-'.$type.'">'.$content.'</div>';
add_shortcode(“warning_box”, “new_shortcode”);

This shortcode allows authors to show an info box in posts or pages where the shortcode itself is added. The HTML code generated is a div with a class name “alert” plus an extra class name by default, “alert-warning”. A parameter can change this second class to change the visual aspect of the alert box.
Those class naming structures are compatible with Bootstrap.
To use this shortcode, the user has to insert the following code within the body of a post or a page:
[warning_box]Warning message[/warning_box]

205. What is the use of Slug field in tags?
It is used to specify the tags URL.

206. Consider the following code snippet. Briefly explain what changes it will achieve, who can and cannot view its effects, and at what URL WordPress will make it available.

add_action('admin_menu', 'custom_menu');

function custom_menu(){
add_menu_page('Custom Menu', 'Custom Menu', 'manage_options', 'custom-menu-slug', 'custom_menu_page_display');

function custom_menu_page_display(){
echo '<h1>Hello World</h1>';
echo '<p>This is a custom page</p>';

This will add a new menu item labelled “Custom Menu” to the side menu of the WordPress dashboard. When you click on this menu item, WordPress will call the function ‘custom_menu_page_display’ and show a page titled “Custom Menu”, with the heading “Hello World” and a paragraph that reads “This is a custom page”.
With default settings and roles, admins can view it and all lower roles can’t. In fact this menu item will only be visible to users who have the privilege to “manage options” or change settings from WordPress admin dashboard.
The admin custom page will be made available at this (relative) URL: “?page=custom-menu-slug”.

207. How would you change all the occurrences of “Hello” into “Good Morning” in post/page contents, when viewed before 11AM?
In a plugin or in theme functions file, we must create a function that takes text as input, changes it as needed, and returns it. This function must be added as a filter for “the_content”.
It’s important that we put a little effort to address some details:
• Only change when we have the full isolate substring “hello”. This will prevent words like “Schellong” from becoming “sgood morningng”. To do that we must use “word boundary” anchors in regular expression, putting the word between a pair of “\b”.
• Keep consistency with the letter case. An easy way to do that is to make the replace case sensitive.

function replace_hello($the_content){
$the_content=preg_replace('/\bhello\b/','good morning',$the_content);
$the_content=preg_replace('/\bHello\b/','Good Morning',$the_content);
return $the_content;
add_filter('the_content', 'replace_hello');

208. What is the $wpdb variable in WordPress, and how can you use it to improve the following code?

function perform_database_action(){
mysql_query(“INSERT into table_name (col1, col2, col3) VALUES ('$value1','$value2', '$value3');

$wpdb is a global variable that contains the WordPress database object. It can be used to perform custom database actions on the WordPress database. It provides the safest means for interacting with the WordPress database.
The code above doesn’t follow WordPress best practices which strongly discourages the use of any mysql_query call. WordPress provides easier and safer solutions through $wpdb.
The above code can be modified to be as follows:

function perform_database_action(){
global $wpdb;
$data= array('col1'=>$value1,'col2'=>$value2,'col3'=>$value3);
$format = array('%s','%s','%s');
$wpdb->insert('table_name', $data, $format);

209. Consider the following code snippet and explain the purpose of wp_enqueue_script. Can you figure out if something is wrong in the snippet?

function add_custom_script(){
plugin_dir_url( __FILE__ ).'js/jquery-custom-script.js'

wp_enqueue_script is usually used to inject javascript files in HTML.
The script we are trying to queue will not be added, because “add_custom_script()” is called with no hooks. To make this work properly we must use the wp_enqueue_scripts hook. Some other hooks will also work such as init, wp_print_scripts, and wp_head.
Furthermore, since the script seems to be dependent on jQuery, it’s recommended to declare it as such by adding array(‘jquery’) as the 3rd parameter.
Proper use:

add_action(‘wp_enqueue_scripts’, ‘add_custom_script’);
function add_custom_script(){
plugin_dir_url( __FILE__ ).'js/jquery-custom-script.js',
array( 'jquery')

210. Suppose you have a non-WordPress PHP website with a WordPress instance in the “/blog/” folder. How can you show a list of the last 3 posts in your non-WordPress pages?
One obvious way is to download, parse, and cache the blog’s RSS feeds. However, since the blog and the website are on the same server, you can use all the WordPress power, even outside it.
The first thing to do is to include the “wp-load.php” file. After which you will be able to perform any WP_Query and use any WordPress function such as get_posts, wp_get_recent_posts, query_posts, and so on.

<h2>Recent Posts</h2>
$recent_posts = wp_get_recent_posts(array(‘numberposts’=>3));
foreach($recent_posts as $recent){
echo '<li><a href="' . get_permalink($recent["ID"]) . '">' . $recent["post_title"] . '</a></li> ';

211. Brief on Photon in WordPress?
Photon is an image speeding up and alteration service for Jetpack-associated WordPress websites. By using this converted images can cache automatically and serve from the WordPress.com CDN. Here images can be edited, resized, and filtered by utilizing an easy simple API controlled by getting query arguments. When you enable Photon in Jetpack, images are refreshed on the fly.

212. For SEO, What are the WordPress plugins mainly used?
• Yoast
• Google XML Sitemaps
• Broken Link Checker
• W3 Total Cache
• WPtouch Mobile Plugin
• Jetpack

213. Define OAuth2?
It is a protocol that allows the applications for interacting with blogs on WordPress.com

214. Explain the components that become visible on the home screen of WordPress.
Have a look at the answer to one of the most important WordPress Questions and Answers:
• Dashboard menu: The dashboard menu component on the home screen comes with the menu navigation option for the posts, pages, media library, and comments from the left corner of the screen.
• Welcome: The Welcome component from the home page allows you to customize the WordPress theme with a click on the customize your site button. There is also a center column that offers useful links for page creation, web page front end viewing, blog posts creating, etc. Also, the last column comes with the links to the widgets, menus, comment settings, etc.
• Screen options: The screen option on the homepage comes with the various displays of the different widgets, which you can show or hide on the screens. It also includes the checkboxes with show/ hide on different screen options. At this same time, it allows you to customize the various sections on the admin screen area.
• Quick draft: The quick draft comes with the mini post editor for writing, saving, and publishing the post from the admin dashboard. This also contains the title and draft with some notes regarding the draft and save it as a draft.
• Activity: The activity on the home screen allows the latest comments, published recent posts. It also comes with the reply, deletes, edit, approves, or disapprove option for the comments. You can, at the same time, move the comments to spam.
• WordPress News: The WordPress news displayed on the home screen comes with the latest news related to the latest updates for software updates on WordPress.
• At a glance: This component on the home screen comes with the display of the overview of the posts, numbers, pages, and comments on the blog area.

215. What is the use of Mail Server in WordPress Writing setting?
It allows reading the emails that you send to WordPress and stores them for retrieval. For this you need to have POP3 compatible mail server and it will have URI address such as mail.example.com, which you should enter here.

Sign-up for our email newsletter and get free job alerts, current affairs and GK updates regularly.
Subscribe Here (or)

Leave a Reply

Your email address will not be published. Required fields are marked *

+ five = 10

Popup Dialog Box Powered By : XYZScripts.com
  • RSS
  • Facebook
  • Google+
  • Twitter