WordPress as blogging platform and content management system comes with great number features and functionalities. Using it you may develop a great online blog or even highly visited e-commerce website. At some point however, you may need to improve some aspects of the website and make it more effective. This can easily be done with the help of the most important wordpress plugins that community developers and others share for free.
Today I would like to share my personal opinion about 2 plugins I consider as essential for WordPress. They will make your website more secure, faster, SEO optimized and of course improve its visibility.
WordPress security – plugin basics
The first plugin in my list is called iThemes Security (formerly Better WP Security). Its purpose is to protect your website or some its specific areas. When you install the plugin you will see an additional button on the left panel called Security. Click on it to open the dashboard of the plugin. The following screenshot shows how to do it:
When the plugin dashboard is reached, scroll down to Security Status panel. There you will find the items that require your attention. Next to each one of them you will see fix button. To start securing your website you should start from the items with the highest priority and continue down to the lowest ones. My suggestion is not to miss anything otherwise your website might get hacked.
After finishing here, go back to the top and click Settings tab on the horizontal menu. To avoid problems with the access while playing with the application you should whitelist your IP address. You can do this using the blue button titled Temporarily whitelist my IP. The next steps are to check the following options:
Write to Files
Type a message in the text field next to Host Lockout Message. The same applies for User Lockout Message and Community Lockout Message fields.
Check and set up the blacklist option. It is also fine to leave them intact.
The rest of the settings are not that important so you may skip them and go back to the top again. There you should find Advanced options which will allow you to change the database prefix or the admin user. In my case my user is admin ( which of course is not recommend, but I set it up in order to show you the features of the plugin ), so I see an option to change it to something more difficult to guess. If you are in the begging of your WordPress carrier, you may skip these options unless you are 100% sure what you are exactly doing.
Again on the top there is another button called Backups. Using it you may set up your own backup of the database as well as the files.
Logs button shows the suspicious activity, while Help provides the channels to get assistance with the community of the developer.
Speed up WordPress
The next plugin I would like to review is W3 Total Cache. It is focused on the performance of the website by offering caching. When you install the plugin from the admin panel of your website, you will see additional button on the left called Performance. You should click on it to reach W3 Total Cache admin panel. Below you will find screenshot with instructions:
The first screen shows some paid support options and ways to support the developers. The main functions appear on the left right after Performance menu. Here are the basic setup I recommend:
General settings- check the following options
- Page cache
- Database cache
- Object cache
The additional options next to these settings can be left by default. If you have a developer familiar with the server specifics, you may ask him to apply the advanced settings.
Page cache menu – you should go to this menu and check Cache front page and Do not cache to logged users.
Minify menu – go to this menu item and enable the feature for all your website sources including HTML, CSS and JS files.
Database cache and Object cache areset up by default so you may skip them.
The next step is enable the following options in Browser Cache menu:
- Set Last-Modified header
- Set W3 Total Cache header
- Enable HTTP (gzip) compression
The next two menus User Agent Groups and Referred Groups can be skipped. Usually the themes and more specifically the frame works do the job. Note that incorrect settings in these sections may cause unpredictable results.
If you have a subscription at MaxCDN, you may click CDN menu and set up the connection. Alternatively you should skip that option.
Monitoring requires New Relic which usually do not run on a shared server, so you may skip this option too. If you need more information on setting this up, just drop me a line I will be more than happy to assist.
Extensions menu offers a few plugins that can be bundled with W3 Total Cache. They are CloudFlare, FeedBurner, Genesis Framework and WordPress SEO by Yoast.
FAQ and Support menus offer help and assistance with issue while in Install menu you can find more information on how to set up the configuration on shared hosting or dedicated server.