How to Improve WordPress Performance and Security

In this post

Enjoy a handful of tips and advice for improving Wordpress performance. Keep spammers away and effectively speed up your web site.

WordPress performanceI’ve been a fan of WordPress for quite some time. In fact I’ve been using the CMS since 2003. Up until recently I haven’t had many issues with WordPress performance aside from a few heavy plug-in snags. Well about 2 months ago I started the task of making WordPress run more efficiently or at the very least lighter. Here’s a serious list of things to try if you’re site begins to slow down or has WordPress performance issues.

How to Improve WordPress Performance

If you notice your WordPress blog is running sluggish you need to do something about it. Poorly running websites detract visitors. No one wants to stay on a website that’s slow or poorly performing. The following tips will help your website run better and ensure visitors come back.

Install WP Super Cache – First and foremost you should be running the wp-supercache plugin. IMHO this should be a core part of the WordPress platform, but until it is you’ll have to install this one yourself. This plugin creates an HTML file out of served pages that is much smaller than it’s PHP doppelgänger.

Remove Heavy Plugins – Some of the plugins were written for WP while value adding are often heavy draws that can effect WordPress performance. One of the ways to find some of your heavier plugins is with the P3 (Plugin Performance Profiler). This will help you pinpoint offending plugins. One of the things that make plugins heavy is the number of queries made to your database. This article here will help you determine how many queries are being run every time someone accesses a page on your website.

Delete old SQL prefixes – Over time, your SQL database will start to accumulate more and more unused SQL tables. You may uninstall a plugin while it’s table info is still saved in your database. By logging into phpMyAdmin and removing old plugin prefixes you can speed and streamline your database performance.

Remove large files – This one is a no-brainer, but sometimes when you’re too close to the problem it’s hard to see the forest for the trees. Make sure there aren’t any outside sites serving a large media file from your server. If you really must serve up video create your own to be hosted on Youtube or track something down. Chances are whatever you are looking for is already there.

Use phpMyAdmin to optimize your database – Log in to phpMyAdmin, select all the tables, then, “repair”, and, “optimize”.

improve WordPress performance

Improve WordPress performance by making WordPress Run Safer

To assign a new WordPress username, login to your control panel and create a new user. Then set this profile as an administrator. For this user provide a password that is harder to crack than your birthday date or local address. Make sure your password contains both upper and lower case letters. Be sure to include alphanumeric characters as well as qwerty symbols. It may be hard to remember, but it’s also harder to crack. It’s also not a bad idea to update this information every so often.

Keep your WordPress version up to date – Aside from compatibility issues, WP releases are filled with new security fixes. As WordPress is constantly evolving so are the ways it is exploited. In an effort to stay ahead of the hackers always try to keep the most up to date version of WordPress running for the best possible security coverage.

Disallow Access to WP Core Files With .htaccess – It’s a good idea to keep curious bots out of parts of your site such as wp-admin, wp-content, etc. This can be done with your .htaccess file by banning access to these directories. Get more info about manually altering your .htaccess file here. Or give the Ask Apache Password Protect plugin for WordPress here.

Update your login information – Never use, “admin”, as your login username. WordPress sets this by default. So do many other CMS’s and scripts out of the box.

WordPress performance

WordPress Security Plugins

If your site has been compromised or you suspect it may have been the following plugins will help block nefarious spammers, bots and hackers.

Ask Apache Password Protect – Password protect sections of your website with this plugin.

Bad Behavior – Deny automated spam bots access to your PHP-based Web site.

Auto Close – Closes comments on old posts on the fly, without any DB queries. By default it’s 14 days, change that setting by editing the plugin file.

WordPress Exploit Scanner – Scans your WordPress site for possible exploits.

WP-Spamfree – An extremely powerful anti-spam plugin that virtually eliminates comment spam. Finally, you can enjoy a spam-free WordPress blog! Includes spam-free contact form feature as well.

Acunetix WP Security – Scans your WordPress installation for security vulnerabilities and suggests corrective actions.

Really Simple Captcha – A CAPTCHA for your comment system to prevent unwanted spam. Prevent automated spam by bots and most important naughty peoples. It’s simple and yet secure.

Super Web Performance Tools

Super Web Performance Tools

The following tools will help point out any issues you have with your web site. Knowing when something is broken or is effecting performance is critical if your serious about website traffic. The following tools will help you evaluate your blog and show you where you can make improvements.

Page Load Test from Pingdom. This free tool will tell you which parts of your site are running slower than others.

Website Grader provides a decent report of where your website needs the most help.



How to Improve WordPress Performance and Security Click To Tweet