I’ve been a fan of WordPress for quite some time. In fact I’ve been using the CMS since 2005. Up until recently I haven’t had many issues running WordPress aside from a few heavy plugin snags.
Well about 2 months ago I started the task of making WordPress run more efficiently or at the very least lighter. Here’s a serious list of things to try if you’re site begins spiking.
How to Make WordPress Run Better
1. Install WP Super Cache – First and foremost you should be running the wp-supercache plugin. IMHO this should be a core part of the WordPress platform, but until it is you’ll have to install this one yourself. This plugin creates an html file out of served pages that is much smaller than it’s php doppelganger.
2. Remove Heavy Plugins – Some of the plugins written for WP while value adding are often heavy draws. One of the ways to find some of your heavier plugins is with the Plugin Hog Detecor. This will help you pin point offending plugins.
One of the things that makes plugins heavy is the number of queries made to your database. This article here will help you determine how many queries are being run every time someone accesses a page on your website.
3. Delete old SQL prefixes – Over time your sql database will start to accumulate more and more unused sql tables. You may uninstall a plugin while it’s table info is still saved in your database. By logging into phpMyAdmin and removing old plugin prefixes you can speed and streamline your database performance.
4. Remove large files – This one is a no brainer, but some times when you’re too close to the problem it’s hard to see the forest for the trees. Make sure there aren’t any outside sites serving a large media file from your server. If you really must serve up video create your own to be hosted on Youtube or track something down. Chances are whatever you are looking for is already there.
5. Use phpMyAdmin to optimize your database – Log in to phpMyAdmin, select all the tables, then, “repair”, and, “olptimize”.
How to Make WordPress Run Safer
1. Keep your WordPress version up to date – Aside from compatibility issues WP releases are filled with new security fixes. As Wordress is constantly evolving so are the ways it is exploited. In an effort to stay ahead of the hackers always try to keep the most up to date version of WordPress running for the best possible security coverage.
2. Disallow Access to WP Core Files With .htaccess – It’s a good idea to keep curious bots out of parts of your site such as wp-admin, wp-content, etc. This can be done with your .htaccess file by banning access to these directories. Get more info about manually altering your .htaccess file here. Or give the AskApache Password Protect plugin for WordPress here.
3. Update your login information – Never use, “admin”, as your login username. WordPress sets this by default. So do many other CMS’s and scripts out of the box.
To assign a new WordPress username, login to your control panel and create a new user. Then set this profile as an administrator. For this user provide a password that is harder to crack than your birthday date or local address. Make sure your password contains both upper and lower case letters. Be sure to inlcude alpha numeric characters as well as qwerty symbols. It may be hard to remember, but it’s also harder to crack. It’s also not a bad idea to update this information every so often.
WordPress Security Plugins
Ask Apache Password Protect – Password protect sections of your website with this plugin.
Bad Behavior – Deny automated spambots access to your PHP-based Web site.
Close old posts – Closes comments on old posts on the fly, without any DB queries. By default it’s 14 days, change that setting by editing the plugin file.
Disable Revisions – Disable revision functions in WordPress and delete all entries of revisions in database.
WordPress Exploit Scanner – Scans your WordPress site for possible exploits.
WP-Spamfree – An extremely powerful anti-spam plugin that virtually eliminates comment spam. Finally, you can enjoy a spam-free WordPress blog! Includes spam-free contact form feature as well.
WP Security Scan – Scans your WordPress installation for security vulnerabilities and suggests corrective actions.
Simple Captcha – A CAPTCHA for your comment system to prevent unwanted spams. Prevent automated spams by bots and most important naughty peoples. It’s simple and yet secure.
Some Free Handy Web Tools
Page Load Test from Pingdom. This free tool will tell you which parts of your site are running slower than others.
Website Grader Website Grader provides a decent report of where your website needs the most help.
Hey There. I found your blog using msn. This is an extremely well written article. I will be sure to bookmark it and come back to read more of your useful info. Thanks for the post. I will certainly comeback.
I am not sure where you are getting your information, but great topic. I needs to spend some time learning more or understanding more. Thanks for great information I was looking for this information for my mission.
This article is not the ultimate quick fix to your security concerns. If you have specific security concerns or doubts, you should discuss them with people whom you trust to have sufficient knowledge of computer security and WordPress.