Useful Suggestions To Secure And Speed Up Your WordPress Blog

Useful Suggestions To Secure And Speed Up Your WordPress Blog
  • 14 December 2009
  • WordPress
  • This post was written exclusively for PV.M Garage by ricardo
  • Comments (58)»

WordPress is the most used blogging system and, thanks to the great community that works to enhance its features, nowadays it is used as full content management system. WordPress rocks, dude!
For these reasons it is (maybe) one of the most hacked CMS. In some cases a website proudly powered by WP could be slow without a correct configuration and administration.

There are some tricks that allow us to boost our WordPress installation in a few minutes. Below there is a list of useful tips to secure and speed up your blog system. Take your time for reading, they are very simple and they could be helpful to save your time in the future.

Make Back-Up

A simple and basic rule that can save you in many cases. Remember to frequently back up your website root folder (with all files) and database, so you can restore your site anytime.
Useful Suggestions To Secure And Speed Up Your WordPress Blog

You can use PhpMyAdmin to make a quick copy of your SQL DB. Enter in your database structure, go to export, select all tables in SQL format (don’t forget to check “Add DROP TABLE”, I also use a GZIP compression).

Use the last version of WordPress

It’s essential to update your WordPress to fix bugs and security issues. You can use Automatic Upgrade (Tools -> Upgrade in your admin area), or a Three Step Manual Upgrade, to know more about how to stay updated you can read Upgrading WordPress.

Use a Solid Password and Protect your WP-Admin Folder

WordPress installation creates a default admin user with a random password. Are you still using the random default password? Change it and choose a new strong password, immediately!
It is a good thing to change the default username for the admistrator. In Users section of the admin area you can manage your profile.

Protect the wp-admin Directory with a server-side password. Put a .htaccess file in the directory that you want to protect. Below the code of the .htaccess.

AuthName "WP-Admin"
AuthType Basic
AuthUserFile /path/to/passwd  #(the path to .htpasswd)
Require valid-user

Use htpasswd to create a passwd file (.htpasswd) and put it in a non-web accessible directory (htpasswd -c /path/to/passwd username).

Protect wp-config.php

First of all you should set up secret keys in your wp-config.php. Why? Begining from the 2.6 version, WordPress includes a new set of security features for passwords and password hashing and cookie security and, if you want to increase the security of your site, you can use this generator to add secret keys.

define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');

Wp-Config contains sensible data and for this reason you must protect this file in your .htaccess.

# protect wpconfig.php
<files wp-config.php>
Order deny,allow
deny from all
</files>

Block Search Engine Access to the WP- Folder

The WP- folders don’t need to be indexed by search engines, so to block their access to these system folders you can write in your robots.txt file the following line.

Disallow: /wp-*

Bad Behavior Plugin

Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site’s load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.

Bad Behavior also transcends other link spam solutions by working in a completely different, unique way. Instead of merely looking at the content of potential spam, Bad Behavior analyzes the delivery method as well as the software the spammer is using. In this way, Bad Behavior can stop spam attacks even when nobody has ever seen the particular spam before.

Login Lock-Down Plugin

Login LockDown tabulates the IP address and timestamp of every failed WordPress login attempt, so, when a certain number of attempts are detected within a short period of time from the same IP range, the plugin disables all requests from that range. This can prevent brute force password attack.

Secure WordPress

Secure WordPress is a little help to secure your WordPress installation. It removes Error information on login page; adds index.html to plugin directory, removes the wp-version, except in admin area.

Optimize Images on your Server

Images are important for the great impact on the design of a website, but if the pictures on our webpages aren’t optimized we could have some troubles with the load time and bandwith of the website.

So you should use a good compression for your image, depending on your software, to find the right balance between quality and dimension of the file.
Rcently I’ve read a good article on Web Designer Wall about the image’s compression using two different software, Fireworks vs Photoshop Compression.

Enable GZIP Compression

Compression is a quick and effective way to save bandwidth and speed up your website. Apache allows the compression through mod_deflate and adding the following code in you .htaccess you will enable the GZIP compression of your webpages.

# BEGIN GZIP
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/xml text/css application/x-javascript application/javascript
</ifmodule>
# END GZIP

Test your compression using GZIP-Test.

Minify CSS and Compress Javascript files

To minify your CSS (and speed up your website), you can use one of the available tools, such as Styleneat, or php library, such as Minify.

Something else to do is to put all of your JavaScript into a single file and load it in the bottom of the page (footer.php).

Yo can use Firebug with Page Speed on Mozilla Firefox to test and optimize your webpages.

Reduce the Number of Links to External Websites

External websites and scripts can take a lot of time to load depending on the server connection. You should limit widgets and connections to other sites, in fact, reducing the number of hostnames from which resources are served, we can minimize the number of DNS resolutions and the RTT delays.

Caution! Reducing the number of unique hostnames has the potential to reduce the parallel downloads in the page and this may increase response times. You should find the right balance.

Page Speed can help you in this “mission”.

Optimize and Repair Database

Periodically you should optimize your database. go to the Database Structure for your WordPress installation, check all tables, select the Optimise Tables option and repair.
Useful Suggestions To Secure And Speed Up Your WordPress Blog

There is a plug-in that allows the database optimization from the admin area of WordPress, WP-Optimize.

Turn Off Post Revisions

To turn off Post Revisions feature (if you don’t need it), add this following code to wp-config.php:

define('WP_POST_REVISIONS', false);

Remove Unused Plugins

Browse your list of plugins you’re using and try to optimize your WordPress deleting unused plugins. If you have more than 15 plugins active on your blog, ask yourself if you really need them and delete the less useful ones.
Useful Suggestions To Secure And Speed Up Your WordPress Blog

Remember this words, many things don’t need plugins but ten minutes of reflection, php skills, fantasy to integrate directly into your theme a great feature!

WP Super Cache Plugin

WP Super Cache Plugin generates static html files from your dynamic WordPress blog. After a html file is generated your webserver will serve that file instead of processing the comparatively heavier and more expensive WordPress PHP scripts.

Author: ricardo

I'm a PHP Developer and a Web Designer from Mexico. I'm working in a little company as junior developer. I really enjoy doing web stuff and I love WordPress. My free time is for rock, cars and tennis!

website design and development

58 Comments

  1. Mia

    Great article, as it will be useful to many WP users out there -whether they are just starting on WP or are seasoned users . Ok, Im heading over to my database right now :)

    M.

  2. Bobm

    First off thanks for this information, useful indded. However I do have a question for you. In the Optimize and Repair Database section you wrote

    “Periodically you should optimize your database. go to the Database Structure for your WordPress instalaltion, check tables having overhead, select the Optimise Tables option and repair.”

    What exactly do you mean by tables having overhead ?

    Thanks

  3. Dries Bultynck

    Excellent tips! thx for sharing!

  4. justin

    Thanks, I’m going to hopefully use some of these methods on my own blog!

  5. Matthew Moran

    This is a great list!

  6. loswl

    This is a great list of plugins, never seen some of them before, thanks for sharing :)

  7. Omer Greenwald

    Awesome tips. I would also check which javascript and css files are loaded in different pages in the blog. Some of these files are loaded in pages they are not used because of plugins that can easily be replaced by user functions http://www.webtechwise.com/speed-up-wordpress-blog-by-having-less-plugins/

  8. TheShadow

    Thanks for the list.will try it.

  9. Best Way to Lose Weight

    Lots of interesting info there. o.0 Keep on putting up new updates!!! <333

  10. How to Become a Video Game Tester

    Loved looking into this. Keep it up!

  11. MerverLycle

    Free Movies, Games, Videos online database play games online
    community – Watch Free movies Online, Download Movies and games for Free, Join largest DB community – vidbar.tv Free games, Free Movies, watch movies
    , Watch Movies online and play games online for free

  12. EsopsvofapodA

    buy viagra online personality theory of course of action of sildenafil involves the foster of cyclic guanosine monophosphate

  13. mulch for garden

    I would like to point out my respect for your generosity in support of those individuals that need help on your subject matter. Your very own commitment to passing the solution around was exceedingly functional and has in every case allowed most people like me to achieve their dreams. This invaluable hints and tips can mean a whole lot a person like me and further more to my office colleagues. Thanks a lot; from each one of us.

  14. plants for garden

    I together with my buddies ended up following the best procedures located on your site then suddenly developed a terrible suspicion I never expressed respect to the website owner for them. The young boys had been as a result warmed to study them and already have seriously been having fun with them. Appreciation for genuinely well thoughtful and also for making a decision on variety of tremendous information most people are really desperate to know about. Our honest regret for not expressing appreciation to you earlier.

  15. EsopsvofapodA

    buy viagra online strangeness theory of convincingness of sildenafil involves the safety of cyclic guanosine monophosphate

  16. Jenelle Polasek

    Lovely just what I was searching for.

  17. EsopsvofapodA

    buy viagra online method of approach of sildenafil involves the safety of cyclic guanosine monophosphate

  18. EsopsvofapodA

    buy viagra online structure of squabble of sildenafil involves the utilitarian of cyclic guanosine monophosphate

  19. MiffPilky

    purchase cialis cialis levitra viagra vs vs order cialis online.
    order levitra levitra buy purchase levitra.
    purchase viagra keywords buy viagra buy viagra.
    purchase cialis online pharmacy generic cialis order cialis online.
    buy viagra online viagra uk without prescription order viagra online.
    order cialis online cialis levitra order cialis.
    order cialis online free samples of cialis purchase cialis.
    purchase viagra viagra buy buy viagra.
    order viagra online viagra online cheap order viagra.
    order viagra buy viagra where buy viagra.
    order cialis online results viagra cialis levitra purchase cialis.
    order cialis cialis buy cheap cheapest purchase cialis.
    buy viagra purchase viagra online order viagra online.
    buy viagra viagra cialis levitra comparison purchase viagra.
    order cialis cialischeap cialis online order cialis online.
    order cialis cialis online cyalis buy cialis.
    order levitra cialis levitra buy levitra.
    order cialis online buy cialis online now order cialis.
    purchase cialis to cialis buy where order cialis online.
    purchase levitra testimonials levitra order levitra online.
    buy viagra online purchase viagra order viagra.
    order viagra online viagra cialis generica buy viagra online.
    buy cialis lowest price cialis purchase cialis.
    order viagra cheap viagra pill order viagra online.
    buy viagra cheap viagra online order viagra online.
    buy viagra online purchase viagra buy viagra online.
    buy levitra online levitrabuy levitra online buy levitra online.
    purchase levitra levitra discount purchase levitra.
    buy cialis where to buy cialis order cialis.
    buy viagra online information on viagra buy viagra online.

  20. superheroine chloroformed

    this really is a Positive. write-up Like my Pagan Multimedia Artist used to declare Beauty is in the eye of the beholder!

  21. beeteetadulty

    репетитор химии

  22. Pharmg722

    Hello! kaecffd interesting kaecffd site!

  23. Pharmf929

    Very nice site! [url=http://opeyixa.com/qvoayqa/2.html]cheap cialis[/url]

  24. Pharmg413

    Very nice site! cheap cialis http://opeyixa.com/qvoayqa/4.html

  25. Pharmd926

    Very nice site!

  26. ArticleDirectory

    Wow! Thank you. I always wanted to write in my site something like that. Can I take part of your post to my blog?

  27. ezrqth

    sPOn4N tjntpipbwvpn, [url=http://injqwypdnqcc.com/]injqwypdnqcc[/url], [link=http://odrccwvzrjol.com/]odrccwvzrjol[/link], http://iakcpvlwyats.com/

  28. scrapebox

    There are a lot of strange comments on here. People must be using SCRAPEBOXLIST.COM

  29. zero friction marketing

    We pretty much appreciate your website post. You will find a multitude of ways we could put it to good use while using minimum effort with time and financial resources. Thank you so much regarding helping have the post respond to many queries we have encountered before now.

  30. How to Tutorial

    I have not been this excited and motivated by a post for quite some time! keep up the great job. keep on inspiring the people!

  31. ccjgnr

    HamjBk gcyffcvkfehu, [url=http://smvsusetcwjl.com/]smvsusetcwjl[/url], [link=http://xyowbhdcbiic.com/]xyowbhdcbiic[/link], http://sciaakueyjod.com/

  32. zero friction marketing

    It is rare to encounter an experienced person in whom you may have some trust. In the world of today, nobody actually cares about showing others the best way in this matter. How lucky I am to have found a really wonderful web-site as this. It is people like you who make a genuine difference in this world through the tips they share.

  33. Best Way to Lose Weight

    You made an amazing post!!! d(^^)b Keep putting up new posts! I will check back in a bit.

  34. Milk crates

    Wonderful beat ! I would like to apprentice while you amend your website, how can i subscribe for a weblog site? The account aided me a applicable deal. I were tiny bit acquainted of this your broadcast offered vivid clear concept

  35. Balenciaga bag sale

    Howdy! I am aware this can be somewhat off matter but I was wondering in the event you knew where I could choose a captcha wordpress plugin regarding my personal remark form? Now i’m utilizing the same website program since yours that i’m having trouble finding 1? Many thanks!

  36. usp labs protein

    Great share it is without doubt. My teacher has been awaiting for this info.

  37. alcohol rehabilitation centers

    can you believe that http://abttc.net/addiction-treatment gave away free treatment. I saw it on KTLA

  38. london brand agency

    You really make it seem so easy with your presentation but I find this matter to be really something which I think I would never understand. It seems too complicated and very broad for me. I’m looking forward for your next post, I will try to get the hang of it!

  39. does hydroxycut work

    Its like you read my mind! You appear to know a lot about this, like you wrote the book in it or something. I think that you could do with some pics to drive the message home a bit, but other than that, this is wonderful blog. A fantastic read. I will definitely be back.

  40. online sex

    fotzen ficken

Trackbacks

  1. C

Leave your comment

You must be logged in to post a comment.

-->

This website is proudly powered by WordPress, hosted by Suite48. Icons by WeFunction, KomodoMedia and DezinerFolio.
Contents and resources released under Creative Commons License.
Design and code by PVM Garage - Copyright © 2010 PV.M Garage Theme - All Rights Reserved.

HOME | ABOUT US | ADVERTISE | CONTACT US