Following the steps below in this article, you will be able to learn how to optimize and secure your website easily within 20 minutes.
First Phase: Optimization
Let’s start by optimizing the website before digging into the security!
Step One: Install W3 Total Cache
To install W3 Total Cache Plugin, you can download it here.
Step Two: Install SEO Plugin
An SEO plugin expands the scope of the source software with special tasks and functions which affect search engine optimization, web analysis, online marketing, and other aspects, using an SEO plugin for your website helps you edit the keywords and meta fields for each post or page on your site. You can either download your own SEO plugin, or use YoastSEO that can be downloaded here.
To learn how to configure YoastSEO plugin, here is a quick tutorial that you can find on YoastSEO blog.
Step Three: Htaccess quick hacks
The first Htaccess trick on the list is Gzip compression.
Do you know that compression can reduce the size of HTML files, JS and CSS files by 60% to 80%?
Copy and paste the below code and add it in your Htaccess file to Enable Gzip and DEFLATE Compression.
Gzip Compression on Apache
DEFLATE Compression on Apache
Enable Keep Alive – Speed up WordPress using Htaccess
Enabling Keep Alive is another powerful Htaccess trick to speed up WordPress website. It enables your server and web browser to download resources on a single connection, hence it increases page speed. You can enable Keep Alive by adding ‘Connection: Keep-Alive’ HTTP header in your server.
Add the following Htaccess code to enable Keep Alive and increase page speed using Htaccess (WordPress).
# TN START ENABLE KEEP ALIVE <ifModule mod_headers.c> Header set Connection keep-alive </ifModule> # TN END ENABLE KEEP ALIVE
So far, you’ve made the major-easy tasks on how to optimize your website and increase it’s load speed. Now, let’s move into the last part, which is website security.
Second Phase: Security
We are all worried when it comes to security, and being concerned about data and content that we produce and save into our website. The first thing to do in your WordPress website is to install a security plug-in that can do most of the major job for you.
You can find too many of them, but so far the i recommend to use Wordfence security plugin.
Wordfence protects your server at the endpoint, which is superior to cloud alternatives. Cloud firewalls can be circumvented and have historically resulted in data leaks. Wordfence firewall uses user identity information in over 85 percent of our firewall rules, which cloud firewalls do not. And, unlike cloud solutions, our firewall does not need to break end-to-end encryption.
By using the free version of Wordfence, you will be able to scan your website for any vulnerabilities, what is good about it is that it can block any DOS (Disk Operating System) attack on your server.
Any suspicious login can be blocked to access the site again, and you can adjust the time of the block ( it can be for X hours, days, or even forever, sounds awesome right! ).
Stay tuned for another blog post, where we can dig deep into WordPress security and simple steps that you can do!