export type BlogPost = {
  slug: string;
  title: string;
  excerpt: string;
  date: string;
  readTime: string;
  category: string;
  keywords: string[];
  body: { h?: string; p?: string; list?: string[] }[];
};

export const POSTS: BlogPost[] = [
  {
    slug: "how-to-fix-hacked-wordpress-website",
    title: "How to Fix a Hacked WordPress Website (Complete 2025 Guide)",
    excerpt: "Step-by-step recovery process for hacked WordPress sites — from emergency lockdown to permanent hardening.",
    date: "2025-04-15",
    readTime: "9 min read",
    category: "Security",
    keywords: ["fix hacked wordpress", "wordpress hacked recovery", "wordpress hacked help"],
    body: [
      { p: "If your WordPress site is hacked, every minute matters. Search engines can blacklist your domain in hours, customers lose trust, and recovery gets harder the longer the malware sits. Here's the exact 7-step process we use to recover 100+ hacked WordPress sites a year." },
      { h: "1. Take an emergency snapshot" },
      { p: "Even of the infected site. You'll need it for forensic analysis. Use UpdraftPlus, your host's backup, or download via FTP." },
      { h: "2. Put the site in maintenance mode" },
      { p: "Stop visitors from being infected and stop search engines from indexing the bad pages. A simple .htaccess rule that returns 503 with a Retry-After header works." },
      { h: "3. Change every credential" },
      { list: [
        "All WordPress admin passwords",
        "Database password (update wp-config.php)",
        "FTP / SFTP / cPanel passwords",
        "Hosting account password and 2FA",
        "Reset all user sessions (delete WP user_meta session_tokens)",
      ]},
      { h: "4. Find the entry point" },
      { p: "Common: outdated plugin, weak admin password, vulnerable theme, hosting cross-contamination. Check access logs for suspicious POST requests around the infection date." },
      { h: "5. Clean files and database" },
      { p: "Reinstall WordPress core, replace all themes/plugins from official sources, and manually scan wp-content/uploads for PHP files (uploads should never have .php). For DB: scan wp_options, wp_posts, wp_users for injected scripts." },
      { h: "6. Harden the site" },
      { p: "Disable file editing in admin (DISALLOW_FILE_EDIT), restrict wp-admin by IP if possible, install Wordfence/Sucuri, enforce strong passwords + 2FA on all admins." },
      { h: "7. Submit clean URLs to Google" },
      { p: "Use Search Console > Security Issues > Request Review. Most blacklist removals happen within 72 hours." },
      { h: "When to call an expert" },
      { p: "If you see redirects to spam, pharma SEO, or your host has suspended you, get help immediately. We typically recover hacked WordPress sites within 24 hours with a 30-day clean guarantee." },
    ],
  },
  {
    slug: "wordpress-critical-error-fix",
    title: "Why WordPress Shows 'Critical Error on This Website' (And How to Fix It)",
    excerpt: "The exact debugging steps to find and fix the WordPress critical error message — without losing your data.",
    date: "2025-04-02",
    readTime: "6 min read",
    category: "Bug Fixing",
    keywords: ["wordpress critical error", "wordpress white screen", "wordpress error fix"],
    body: [
      { p: "The dreaded 'There has been a critical error on this website' message means a fatal PHP error crashed WordPress. The fix is almost always finding the bad plugin, theme, or memory limit." },
      { h: "Step 1: Check your email" },
      { p: "WordPress sends a recovery email with a magic login link. Look for one from wordpress@yourdomain.com — check spam too." },
      { h: "Step 2: Enable debug mode" },
      { p: "In wp-config.php set: define('WP_DEBUG', true); define('WP_DEBUG_LOG', true); — then check wp-content/debug.log for the actual error." },
      { h: "Step 3: Disable plugins via FTP" },
      { p: "Rename wp-content/plugins to plugins_off. If site loads, rename back and disable plugins one by one to find the culprit." },
      { h: "Step 4: Switch to a default theme" },
      { p: "Rename your active theme folder. WP will fall back to twentytwentyfour. If it works, your theme is the issue." },
      { h: "Step 5: Increase memory" },
      { p: "Add to wp-config.php: define('WP_MEMORY_LIMIT', '512M'); — many critical errors are memory exhaustion." },
    ],
  },
  {
    slug: "best-ways-to-speed-up-wordpress",
    title: "10 Best Ways to Speed Up WordPress in 2025 (90+ PageSpeed)",
    excerpt: "Proven optimizations that actually work. No theoretical advice — just what we apply to hit 90+ scores.",
    date: "2025-03-20",
    readTime: "8 min read",
    category: "Performance",
    keywords: ["speed up wordpress", "wordpress speed optimization", "wordpress pagespeed"],
    body: [
      { p: "Slow WordPress sites lose visitors, conversions, and Google rankings. Here are the 10 highest-impact optimizations we apply on every speed engagement." },
      { h: "1. Choose fast hosting" },
      { p: "Cloudways, Kinsta, SiteGround GoGeek tier or LiteSpeed servers beat shared hosting by 3-5x." },
      { h: "2. Use a caching plugin" },
      { p: "WP Rocket (paid) or LiteSpeed Cache (free, requires LS server) — set proper cache lifetime and preload." },
      { h: "3. Optimize images" },
      { p: "Convert to WebP/AVIF, lazy load below-the-fold, compress with ShortPixel or Imagify." },
      { h: "4. Use a CDN" },
      { p: "Cloudflare (free) or BunnyCDN ($1/mo) reduce latency for global visitors." },
      { h: "5. Defer JavaScript" },
      { p: "Move non-critical JS to footer, defer or async-load. WP Rocket and FlyingPress automate this." },
      { h: "6. Inline critical CSS" },
      { p: "Render-blocking CSS kills LCP. Tools like Critical CSS Generator or WP Rocket's RUCSS handle this." },
      { h: "7. Clean the database" },
      { p: "Delete post revisions, transients, spam comments. WP-Optimize works well." },
      { h: "8. Limit external scripts" },
      { p: "Each Facebook pixel, hotjar, GA4 tag adds latency. Audit and self-host where possible." },
      { h: "9. Use a fast theme" },
      { p: "GeneratePress, Astra, Kadence — built for speed. Avoid Avada / Newspaper / heavy multipurpose themes." },
      { h: "10. Enable HTTP/3 + Brotli" },
      { p: "Both supported by Cloudflare free plan. Easy 100ms wins." },
    ],
  },
  {
    slug: "remove-malware-from-wordpress",
    title: "How to Remove Malware from WordPress (Manual & Plugin Methods)",
    excerpt: "Detect, isolate, and surgically remove malware from WordPress without losing your content.",
    date: "2025-03-10",
    readTime: "7 min read",
    category: "Security",
    keywords: ["remove malware wordpress", "wordpress malware removal", "wordpress virus"],
    body: [
      { p: "Malware on WordPress shows up as spam redirects, pharma SEO injections, fake login pages, or unexpected admin users. Here's the surgical approach we use." },
      { h: "1. Run a free scan" },
      { p: "Sucuri SiteCheck and Wordfence give a quick public-facing report. For deeper scans, use Wordfence > Scan with all options enabled." },
      { h: "2. Identify infection vectors" },
      { p: "Look in wp-content/uploads for any .php files (none should exist), and in wp-content/plugins for unfamiliar folders." },
      { h: "3. Replace WordPress core" },
      { p: "Download fresh WordPress, replace wp-admin and wp-includes folders entirely. Never edit core files." },
      { h: "4. Reinstall plugins from source" },
      { p: "Delete and reinstall every plugin from wordpress.org or the original developer. Hacked plugins often look identical but contain backdoors." },
      { h: "5. Audit the database" },
      { p: "Search wp_options for base64_decode, eval(, suspicious URLs. Check wp_users for unauthorized admins." },
      { h: "6. Reset all secrets" },
      { p: "Generate new salt keys (wp-config.php), change DB password, rotate all admin passwords." },
      { h: "7. Harden after cleanup" },
      { p: "Install a security plugin, enable 2FA, restrict wp-admin by IP, set proper file permissions (644 files, 755 dirs)." },
    ],
  },
  {
    slug: "how-much-does-wordpress-expert-cost",
    title: "How Much Does a WordPress Expert Cost in 2025? (Real Pricing)",
    excerpt: "Realistic pricing for WordPress fixes, agencies, and freelancers — and what you should actually be paying.",
    date: "2025-02-25",
    readTime: "5 min read",
    category: "Pricing",
    keywords: ["wordpress expert cost", "wordpress freelancer rates", "hire wordpress expert"],
    body: [
      { p: "WordPress expert pricing ranges wildly — from $10/hour offshore to $200/hour US agencies. Here's what fair, real-world rates look like." },
      { h: "Quick fixes: $15–$40" },
      { p: "Text changes, image swaps, CSS tweaks — anything under 30 minutes." },
      { h: "Bug fixing: $30–$80" },
      { p: "Plugin conflicts, white screen, PHP errors. Should be same-day work." },
      { h: "Malware removal: $70–$200" },
      { p: "Includes scanning, manual cleanup, and hardening. Avoid 'cheap' malware services — they often miss backdoors." },
      { h: "Speed optimization: $50–$200" },
      { p: "Should include before/after PageSpeed proof and 90+ guarantee." },
      { h: "Maintenance retainers: $50–$150/month" },
      { p: "Backups, updates, monitoring, plus a small bucket of monthly tasks." },
      { h: "Red flags" },
      { list: [
        "Quotes under $5 — almost always poor quality or scam",
        "No money-back guarantee",
        "Vague timelines ('few days')",
        "Asking for full payment upfront",
      ]},
    ],
  },
  {
    slug: "fix-woocommerce-payment-gateway",
    title: "How to Fix WooCommerce Payment Gateway Errors (Razorpay, Stripe, PayPal)",
    excerpt: "Common WooCommerce payment failures and the fixes that actually work — without losing orders.",
    date: "2025-02-10",
    readTime: "6 min read",
    category: "WooCommerce",
    keywords: ["woocommerce payment fix", "razorpay woocommerce", "stripe woocommerce error"],
    body: [
      { p: "Failed payment gateways = lost revenue and angry customers. Most issues fall into one of five buckets — here's how to diagnose each fast." },
      { h: "1. Check API keys & mode" },
      { p: "Sandbox vs Live mismatch is the #1 cause. Confirm keys match the environment in WooCommerce > Payments." },
      { h: "2. SSL / HTTPS issues" },
      { p: "Most gateways require valid SSL. Check with SSL Labs and ensure WooCommerce > Settings > Force SSL on checkout is on." },
      { h: "3. Plugin conflicts" },
      { p: "Disable third-party plugins (especially caching, optimizers, security) one by one to isolate." },
      { h: "4. Webhook failures" },
      { p: "Stripe and Razorpay rely on webhooks for order completion. Verify endpoint URL in dashboard, check for 200 responses in their logs." },
      { h: "5. Currency or country mismatch" },
      { p: "Razorpay requires INR, Stripe needs gateway-supported currency, PayPal restricts certain countries. Match exactly." },
      { h: "Quick wins" },
      { list: [
        "Enable WooCommerce logs (WC > Status > Logs) to see actual error",
        "Test in incognito to rule out cookies/cache",
        "Disable PHP OPcache temporarily after gateway plugin update",
      ]},
    ],
  },
];
