WordPress Quick Tips

My list of plugins that I recommend. I have divided them into two categories: Highly Recommended and Recommended. The highly recommended plugins can be used successfully by most WordPress based websites. The recommended plugins provide additional functionality which may be useful in in your site.

404 Error Monitor
Captures 404 errors. This is useful if you have changed your permalink structure, so you can redirect your visitors to pages they are looking for.
Akismet
Akismet protects your site from comment, and trackback spam. It is one of the best solutions for spam prevention.
  1. Click the “Activate” link
  2. Sign up for an Akismet API key
  3. Go to your Akismet configuration page, and save your API key.
Jetpack by WordPress.com
Provides functionality found on WordPress.com to your WordPress site. This has several features, and is worth using.
Page Comments Off Please
This plugin is installed on all new WordPress sites.
Quick Cache
WordPress advanced cache plugin; speed without compromise!
Quick Cache comment garbagecollector
Add-on for Quick Cache. Will regenerate single page/post caches if a comment has been placed
Web Ninja Auto Tagging System
This plugin will automatically make tags.
WordPress SEO
This is my favorite SEO plugin.
WP Smush.it
Reduce image file sizes and improve performance.
BulletProof Security
Website Security Protection. This is my current perferred security plugin.
Blogroll to Page
Create pages of links using the WordPress blogroll functionality.
MailPoet Newsletters
Create and send newsletters. Import and manage your lists. Add subscription forms in widgets, articles and pages.
Syndicate Out
Syndicates posts made in any specified category to another WP blog using WordPress’ built in XML-RPC functionality.
Easy Digital Downloads
Serve Digital Downloads Through WordPress.
Easy Digital Downloads – Bitcoin Currency
Adds Bitcoin (BTC) currency in Easy Digital Downloads
Easy Digital Downloads – Free Download
Bypass Checkout Mechanism For Free Download
Layered Pop
Create multi-layers animated popup.
Syntax Highlighter ComPress
Syntax Highlighter lets you add different highlights to text.
Ultimate Tag Cloud Widget
This plugin aims to be the most configurable tag cloud widget out there.
MailPoet Newsletters
Manage mailing lists, and send mass emails, like newsletters.
Meteor Slides
Create Slideshows.
Summary: Excerpt Extraction
Creates summaries of your posts.
Ultimate Noindex Nofollow Tool II
Allows you to set noindex and nofollow on specific pages, posts, and archives.
WP Post Series
Adds a new taxonomy of a series of posts.

Theme Recommendations

  • Weaver II
  • Yoko
  • Twentyfourteen
  • zeeBizzCard

 

(Education, Tutorials, Documentation, Support)
learn.wordpress.com – Tutorials
codex.wordpress.com – Documentation
wordpress.tv – WordPress Related Videos
wordpress.com/support – Support Forums

http://codex.wordpress.org/WordPress_Lessons
http://codex.wordpress.org/Combating_Comment_Spam
http://codex.wordpress.org/Hardening_WordPress – How to Secure a WordPress based Website
http://thematosoup.com/tips/wordpress-security-htaccess – Securing WordPress
http://searchenginejournal.com/just-say-no-to-hackers-how-to-harden-your-wordpress-security/63685 –

Securing WordPress

http://www.gtmetrix.com – Test website for optimization of site
http://sitecheck.sucuri.net/scanner/ – Online malware scanner
http://www.ip2location.com/blockvisitorsbycountry.aspx – Tool to Allow you to create .htaccess code to block based on country
https://codex.wordpress.org/Combating_Comment_Spam/FAQ
https://managewp.com/wordpress-categories-tags-seo

Security Advice

Securing a WordPress site can be complicated, but there are two items which can help dramatically each day:

Change the Admin Username away from admin
Change the database table prefix to something other than wp_

This is one of the first things I do when I make a brand new site, but if you have an established WordPress site you can make use of Better WP Security to do this.

WordPress like all database driven websites is vulnerable to attack through vulnerabilities in the code. Since WordPress will always have vulnerabilities it is important to keep WordPress, the plugins you use, and themes updated, and your passwords secure. One part of securing a password is to use a strong password (8-12 characters long with at least 1 uppercase letter, lowercase letter, number, and symbol).
Steps to Secure a Site

Remove files you are not familiar with.
Keep code updated
Remove unused scripts
Monitor file permissions
Hide configuration files
In the php.ini file make the following changes:
Set ‘register_globals’ to Off.
Set ‘display_error’ to 0 or Off.

Remember to confirm all user inputs. Items on Forms, in URLS and so on. Remember to make use of access Control. Keep users away from admin areas, and other places they do not need to be.

Make use of .htaccess to block known bad users, or the IP ranges of countries that you do not want accessing your website. Better WP Security is able to add some black list ips to your .htaccess. You can also make use of some free services create code for the .htaccess file to block access to certain countries. This may be useful if you see attacks coming mostly from certain countries and you do not need traffic from those countries this can be a useful tool to protect your site.

Increase Speed and Efficiency of WordPress

Occasionally when your site gets a large number of simultaneous visitors the site could appear down due to the overwhelming number of php processes running on the server. There are a couple of ways that you can combat this. You can install a caching plugin, like Hyper Cache or Quick Cache. You can also use CloudFlare with or with out a caching plugin to improve the loading speed of your site.
Securing WordPress

Using a pre-existing subdirectory install

If you already have WordPress installed in its own folder (e.g., http://example.com/wordpress), then the steps are as follows:

Go to the General panel.
In the box for Site address (URL): change the address to the root directory’s URL. Example: http://example.com
Click Save Changes. (Do not worry about the error message and do not try to see your blog at this point! You will probably get a message about file not found.)
Copy (NOT MOVE!) the index.php and .htaccess files from the WordPress (wordpress in our example) directory into the root directory of your site—the latter is probably named something like www or public_html. The .htaccess file is invisible, so you may have to set your FTP client to show hidden files. If you are not using pretty permalinks, then you may not have a .htaccess file. If you are running WordPress on a Windows (IIS) server and are using pretty permalinks, you’ll have a web.config rather than a .htaccess file in your WordPress directory.
Move (DON’T COPY) the wp-config.php file to your root directory.
Edit your root directory’s index.php.
Open your root directory’s index.php file in a text editor
Change the line that says:

Countries with Lots of Hackers

  • Hungary
  • Italy
  • India
  • Romania
  • Brazil
  • Taiwan
  • Russia
  • Turkey
  • China
  • USA

Source (http://www.abcnetspace.com/2013/05/top-10-countries-with-most-hackers.html)

WordPress Database Information

The options table will tell you the SiteURL, the template and stylesheet used. You can change the theme by changing the stylesheet and template line.

What are your WordPress tips?

Written on April 24, 2014