Little-known hack to update all posts or pages in WordPress by code

Sometimes you need to open and update all pages of a WordPress website to get changes to take place.

This might be due to a newly added plugin, or simply a re-organisation of the theme architecture or layers.

If your site has a lot of pages, this can become a hideous task.

With the help of a small function, we can achieve this programmatically, just change the post_type to match what you want to update (post, page or custom post type).

Where do I add this code in WordPress?

Just add this snippet on the function.php of the theme you are using.

If you are unsure on how-to, this is an excellent guide from WP Beginner.

IMPORTANT! Don’t forget to remove the code once the update has been completed!

// Update all post

function update_all_posts() {
    $args = array(
        'post_type' => 'page',
        'numberposts' => -1
    $all_posts = get_posts($args);
    foreach ($all_posts as $single_post){
        $single_post->post_title = $single_post->post_title.'';
        wp_update_post( $single_post );
add_action( 'wp_loaded', 'update_all_posts' );

If you need any help with WordPress Development, get in touch!

Never miss a sale – Should an employee text you when sick?

You own a shop on a busy street in your local city, and you hired a shop manager. It’s going well and they are quickly learning how to convert more customers. They are even changing the shop-front appeal more to walk-in traffic.

But one day, middle of the day, they shut down and go home. Not a text, not a call. They just didn’t feel that great, or maybe they just wanted to go to the beach. Who knows.

Now, your customers will find the shop close and will go somewhere else. You are losing tons of business and don’t even know!

Until one of your trusted customers decide to call you – they are worried about you, it’s unusual the shop it’s closed at midday.

Now, what would you do in that situation? You’d be pissed, you’d call immediately your employee and ask what’s going on.  Let’s face it, you’ll probably fire them.

One thing is sure: you will put processes in place so that doesn’t happen again.

Now, hands up if you have never experienced your website being down: your hosting might have had a problem, your CMS installation was broken or worse off, your site got hacked.

It happened to the best of us, and it will keep happening. Why? It’s the nature of technology, it can break.

Please help me understand something, cause I’m really struggling here.

Why you would not tolerate your employee to storm off for the day without alerting us, but you are OK with your website being down?

It makes no sense to me.

Your website, when done correctly, is the best salesperson you can possibly have, and it works for you 24/7.

But yet, people try everything they can to save money on design, development, hosting – and I am not even mentioning how most business owners won’t invest in a digital and content strategy.

We are all aware of how important it is to have a visible business online, we buy products online every day, we spend countless hours on social media – yet only a very small percentage of business owners invest in digital properly.

But back to our initial problem. Your website is down – it happened to you before, admit it.

What have you done about it? What processes have you put in place to avoid from happening it again?

If you are into DIY solutions, go over to UpTimeRobot and sign-up. It’s FREE, it takes few minutes and you have peace of mind that every time your site is down (for more than 5mins) you’ll get an email. Phew. That didn’t take long, did it?

If you want professionals to take care of it for you, head over to our Maintenance and Support page.

Every Website Care Plan we offer include the most important features to make sure your site is up and running smoothly at all times:

  • We update your website with the latest security patches
  • You’ll get a text every time your website is down – 24/7
  • We check and control attacks on your site – 24/7
  • We backup your site every day and every week

Why do you need to have a budget for your web design project

Example 1

Client: “I need a website, how much will it cost?”
Agency: “What kind of website do you have in mind?”
Client: “I’m open to suggestions, I want it to have a video presentation about my company on the homepage, visitors should be able to interact with inquiries and comments, and I’d like an image gallery”

Example 2

Client: “How much does a phone costs?”
Salesman: “What kind of phone?”
Client: “I’m open to suggestions, anything that is 4G ready with a decent memory and a high-resolution camera”

If you notice the two different analogies, you can see that there are similarities when it comes to budget.
The phone salesman could sell you the latest iPhone for $1200 or the latest Chinese brand for just about $200. Both will have the same features, but the user experience, the quality and overall durability will be extremely different.

When you tell the salesman your budget, he will suggest the best possible outcome for your need within your budget, which you’ll probably want to spend it all, to make sure you get the best possible phone you can get.

Yet, why prospects don’t tell a website agency their budget?


There are so many different ways to create a website, and unfortunately, different techniques are not tangible enough to a non-techy client to be able to see the difference.

What if I tell you that the exact same website could be built in 2 days or 4 weeks (and anything in between), depending on the technique and technology we use?
Add on top of it technical jargon like ReactJS or RESTapi and the prospect just doesn’t know what we are talking about: they are just too afraid to be ripped off.

“Easy, tiger.  Do you mean if I tell you my budget, you’re going to use all?”

That’s right.
Better yet, we make the best use of it.

Our job is to find ways to create the best result possible. Declaring your budget to your web development firm gives them the opportunity to understand more about the website that you want, allocate the budget to what is most important for your business and finally give you a better understanding of how they will create your website brilliantly.

How to increase conversions automatically serving the right content to the right audience with geo targeting

While working with Flexitol / Dermal Therapy, a leading skin care Australian brand, we realised we needed a better way to showcase different product offerings depending on the country the visitor was from. Originally, the user would visit different LTD’s (domain extensions eg: .com,, to go directly to the content they were after – but when searching in google, they could end up visiting a product that was indeed not available in their country of origin.

This will increase conversions, as you are actually showing content that is specifically aimed at that audience.

The technical bit.

Let us show you how we use a free API ( *free for 10k requests a month) and basic PHP to make our website ready to serve different content for audiences from different countries (and even cities if we want to…)

So the first step for us would be getting the users IP address.

To accomplish that we are using something along the lines like this.

// or for more advanced users

After we do that, we are going to send an API request with PHP’s file content function to which kinda looks like this.

$geo = json_decode(file_get_contents("" . $ip . "?access_key=" . $IPStack_apiKey . "&format=1"));
$country = $geo->country_name;

The geo variable contains the IP stack Response and looks like this.

  "continent_name":"North America",
  "country_name":"United States",
    "capital":"Washington D.C.",
    "country_flag_emoji_unicode":"U+1F1FA U+1F1F8",

Quite a nice set of information for a free API. Like mentioned before, the first 10k requests are for free which will never get expired by most small business websites but the fact that you can even serve different content to different Post Codes makes it extremely powerful.

If you have a website with a lot of traffic have a look at the pricing table

So, that gives us the User location. All that’s left to do is serve the right content.

For that reason, all we basically did is set a variable in PHP that looks like this.

    if ($country == "united States" ){
        $_SESSION["SESScountry"] = 'United States';
        setcookie('SESScountry', 'United States');
        include 'states.tpl.php';
    if ($country == 'Australia') {
       $_SESSION["SESScountry"] = 'United States';
       setcookie('SESScountry', 'United States');
        include 'australia.tpl.php';

And that’s it.

Multi-location content enabled website in less than 20 lines of PHP code.

Worth to mention on that point here is the Session and Cookie settings for PHP.

Of course, we don’t want our user to hit the API on every single request they are making so we set a cookie and a session when they first hit our website and all subsequent requests get’s served based on their cookie value. This not only increases the usability of our API service, even more, it also gives us the capability of user grouping, retention etc.

The possibilities are huge.

If you are using Drupal 7, Note that the cookies need to have the SESS letters followed by lowercase letters, otherwise the varnish cache will stripe them out and gives you not the desired result.

Our Website Launch Checklist – Essential Checks Before You Go Live

This article reviews some important and necessary checks that Drupal websites should be checked against before the official launch — little details are often forgotten or ignored, but – if done in time – may sum up to an overall greater user experience and avoid unnecessary costs after the official site release.

Those checks assume you have a local, development and live environment.

Local Environment Checks

1. Favicon

We use a very handy module to install and make sure the favicon is perfect in all tablet, phones and desktops: The Real Favicon Generator module.

2. Update to the Latest Version of Core and Modules

You don’t want to go live without an up-to-date codebase. This applies to any CMS, not just Drupal.

3. Cross Browser / Responsive Checks

We have a subscription with BrowserStack which allow us to check how your website looks on the major browsers and viewports.

4. Check permissions and roles

Do you need an editor role for the client? Check that permission are correct. Masquerade as the client and try adding/removing content. Make sure the client has enough privileges to update the site!

5. Site Search

Does it work? Is it themed properly? If you don’t use a search on the site, make sure it’s disabled.

6. Privacy Policy, Website Disclaimer & Terms and Conditions

If you have a contact form, then you need a Privacy Policy. We use My Privacy Policy cause it’s quick and easy – and quite affordable.
If you publish information or advice on your site (blog) then you need a Website Disclaimer. Grab one from Disclaimer Generator.
If you sell goods or services, then you need Terms and Conditions.

7. Pathauto Pattern

Make sure they match the old URLs and when not possible, use meaningful patterns for each content type.

8. Check site status and fix any error

Go to the report page and make sure it’s all smooth there.

9. 404 Pages

You want to make sure there is a meaningful 404 page, ideally performing a search on the site with the terms in the URL. Search 404 is the perfect module for it.

10. Turn on revision for all content types

Revision can be a lifesaver to go back to an earlier version of a page. Make sure all content types have revision turned on by default.

11. Disable and remove unused modules

Clean up after yourself. Have a look at the module list – is there anything that can be removed?

12. Block indexing of content types used in rotators, promos etc

If your content type node is not a page, but is used to create a view, a report or simply should not be seen through the node URL, then block it in your robots.txt file or use the Rabbit Hole Module

13. Update all your Features / Configuration Management

Make sure all settings are packaged up and ready to be moved into code and then pushed to the dev and live environment.

Development Environment Checks

1. Titles, Meta Data and Open Graph sharing

Make sure your titles and meta-data are optimised for SEO. In both Drupal 8 and Drupal 7 the Metatag module is a great way to select your patterns and automate your titles, but also make sure your content is shareable on Social Media. You want to make sure there is a meaningful description and ideally image when you share any page of your website – not only the homepage!

2. Ensure your settings.php file is read-only

We usually don’t need to worry about it as we use Pantheon as hosting platform, but in any other case, make sure your settings.php is read-only!

3. Migrate old URLs to new site URLs

Make a list of all URLs from the old website. Where possible, match Pathauto patterns with the old paths, keeping them the same. Where not possible, create 301 redirects either through the .htaccess file, or with Redirect module.

4. Links

Chances are, few of your links won’t work. Run the site through the W3C Link Checker and make sure it’s all looking smooth.

6. Google Analytics and Console

Do you have any analytics installed on the website? We usually the Google Analytics module installed, and make sure the Google Console is linked to the property

7. Sitemap

The website should have a sitemap generated and you should tell Google Console about it. Here you can see if any content is blocked by robots and if you have any other issues on your website. For Drupal, it is important to always check pages created by Views. This is often missed on Drupal sites I’ve seen.

8. Test / Dummy content removed

Make sure all your test content, views, contexts, users are removed from the site. Do you have installed any modules that you are not using? Disable it and remove it. What about site information? Do we have the right site name, email etc? Clean up after yourself!

9. Test webforms

Have you tested all web forms? Is the email being sent and received? Clean up any test submissions and make sure the success message is correct. Also, make sure validation works in every field.

Live Environment Checks

1. Password protect your dev and test site

Now that your site is live, if you use Pantheon is a good practice to password protect your test and dev environment. This will make sure the client doesn’t keep updating the wrong environment. (Yes, it happens.)

2. Aggregate CSS and JS

Use the core functionality on admin/config/development/performance

3. Disable Development Modules

Devel, Devel generate, or any other UI modules should be disabled on live

4. Site speed

After having turned on caching mechanism, make sure to test the website for speed and performance.
PageSpeed Insight, GTmetrix and Pingdom Website Speed Test is the one we use.

5. Third Party API

Do you have any third party that need API key and domain authorisation updated? (Eg. Lockr, Google Captcha, Google Map etc) Usually they have different values for dev, test and live. Make sure it’s all good.

6. Account Creation

Only admin can create accounts unless it’s a site where registrations are part of the functionality.

7. Check errors log and resolve issues

And make sure errors aren’t shown for production sites – just write to the log.

8. Backups

Have been scheduled? We use Pantheon for most of our projects, and their backup schedule it’s just fantastic.

How to prepare to the next highly critical Drupal security update

Are we going to experience another Drupalgeddon?

Back in October 2014, just hours after SA-CORE-2014-005 was released, millions of Drupal sites were hacked. This left site owners, agencies and developers with the tedious and expensive task of cleaning the mess left behind the SQL injection.

Today, 22nd March, the Drupal Security Team has released an important announcement: a highly critical security vulnerability has been found in Drupal 7.x, 8.3.x, 8.4.x and 8.5.x. A security release will be released on March 28th between 18:00 – 19:30 UTC – that’s 5:00 – 6.30 AEST.

“Team urges you to reserve time for core updates at that time because exploits /might/ be developed within hours or days.”

The fact that an announcement has been released a week ahead, it means it’s a big one. Use this week to get your websites ready to receive the security update and prepare for it.

Don’t delay, you’ve been warned!

How to prepare?

I am a Marameo Design customer

Most of our customers are on our Support Plan. This means their site is already running the latest Drupal core and modules, and they will receive the security update within 4hrs of release. Easy.

I have a Support Plan with another agency

That’s great. This means you should have received some communication about this important update and you should be running the latest Drupal core and modules. Just to make sure, send them an email and make sure it’s all good and they are ready to install the security update next Thursday from 6.30am.

I don’t have a Support Plan

First off, you need to check the status of your current installation. Are you running Drupal 7? Drupal 8? Login to your site with an administrator user, and go to the Module page. Make sure you have enabled the “Update Manager” module and then go to /admin/modules/update.

Here you will find a list of modules and which Drupal core version you are using. You should be on Drupal 7.57 or Drupal 8.5.0

Update your Drupal site to the latest version of core and install all security updates available for contrib modules. The update process isn’t too straightforward if you never have done it, but here’s a guide for updating Drupal 7 and updating Drupal 8

You want to have an up-to-date installation before Thursday 28th March.


While we hope this security update won’t affect the Drupal ecosystem like Drupalgeddon did a few years ago, let’s do the right thing and update your Drupal installation, pronto.