Loading ... Still faster than Windows update
2
0
Following the steps below in this article, you will be able to learn how to optimize and secure your website easily within 20 minutes.
First Phase: Optimization
Let’s start by optimizing the website before digging into the security!
Step One: Install W3 Total Cache
W3 Total Cache (W3TC) improves the SEO (Search Engine Optimization) and user experience of the site by increasing website performance and reducing load times ; the only web host agnostic Web Performance Optimization (WPO) framework for WordPress. W3 total cache is trusted worldwide by the community, it helps in speeding up your website by minifying HTML, CSS, and JavaScript files.
To install W3 Total Cache Plugin, you can download it here.
Step Two: Install SEO Plugin
An SEO plugin expands the scope of the source software with special tasks and functions which affect search engine optimization, web analysis, online marketing, and other aspects, using an SEO plugin for your website helps you edit the keywords and meta fields for each post or page on your site. You can either download your own SEO plugin, or use YoastSEO that can be downloaded here.
To learn how to configure YoastSEO plugin, here is a quick tutorial that you can find on YoastSEO blog.
Step Three: Htaccess quick hacks
The first Htaccess trick on the list is Gzip compression.
Do you know that compression can reduce the size of HTML files, JS and CSS files by 60% to 80%?
Copy and paste the below code and add it in your Htaccess file to Enable Gzip and DEFLATE Compression.
-
Gzip Compression on Apache
# TN START GZIP COMPRESSION <IfModule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image/.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* </IfModule> # TN END GZIP COMPRESSION
-
DEFLATE Compression on Apache
# TN START DEFLATE COMPRESSION <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE "application/atom+xml" \ "application/javascript" \ "application/json" \ "application/ld+json" \ "application/manifest+json" \ "application/rdf+xml" \ "application/rss+xml" \ "application/schema+json" \ "application/vnd.geo+json" \ "application/vnd.ms-fontobject" \ "application/x-font" \ "application/x-font-opentype" \ "application/x-font-otf" \ "application/x-font-truetype" \ "application/x-font-ttf" \ "application/x-javascript" \ "application/x-web-app-manifest+json" \ "application/xhtml+xml" \ "application/xml" \ "font/eot" \ "font/otf" \ "font/ttf" \ "font/opentype" \ "image/bmp" \ "image/svg+xml" \ "image/vnd.microsoft.icon" \ "image/x-icon" \ "text/cache-manifest" \ "text/css" \ "text/html" \ "text/javascript" \ "text/plain" \ "text/vcard" \ "text/vnd.rim.location.xloc" \ "text/vtt" \ "text/x-component" \ "text/x-cross-domain-policy" \ "text/xml" </IfModule> # END DEFLATE COMPRESSION
Enable Keep Alive – Speed up WordPress using Htaccess
Enabling Keep Alive is another powerful Htaccess trick to speed up WordPress website. It enables your server and web browser to download resources on a single connection, hence it increases page speed. You can enable Keep Alive by adding ‘Connection: Keep-Alive’ HTTP header in your server.
Add the following Htaccess code to enable Keep Alive and increase page speed using Htaccess (WordPress).
# TN START ENABLE KEEP ALIVE <ifModule mod_headers.c> Header set Connection keep-alive </ifModule> # TN END ENABLE KEEP ALIVE
So far, you’ve made the major-easy tasks on how to optimize your website and increase it’s load speed. Now, let’s move into the last part, which is website security.
Second Phase: Security
We are all worried when it comes to security, and being concerned about data and content that we produce and save into our website. The first thing to do in your WordPress website is to install a security plug-in that can do most of the major job for you.
You can find too many of them, but so far the i recommend to use Wordfence security plugin.
Wordfence protects your server at the endpoint, which is superior to cloud alternatives. Cloud firewalls can be circumvented and have historically resulted in data leaks. Wordfence firewall uses user identity information in over 85 percent of our firewall rules, which cloud firewalls do not. And, unlike cloud solutions, our firewall does not need to break end-to-end encryption.
By using the free version of Wordfence, you will be able to scan your website for any vulnerabilities, what is good about it is that it can block any DOS (Disk Operating System) attack on your server.
Any suspicious login can be blocked to access the site again, and you can adjust the time of the block ( it can be for X hours, days, or even forever, sounds awesome right! ).
Stay tuned for another blog post, where we can dig deep into WordPress security and simple steps that you can do!
