Things I do to optimize and secure every WordPress site and blog
(Updated Sept. 9, 2007)
I have compiled a to-do list of plugins that I install and steps that I take to optimize and secure every WordPress site or blog that I create. This list will be updated with new developments or plugins and tips that I discover, so make sure to check back.
- Feedsmith – redirect all your feed subscribers to FeedBurner so that you can track your feed stats. Now FeedBurner allows you to keep your domain name in the feed address. This means that instead of your feed address becoming something like http://feeds.feedburner.com/WordpressGarage, it can be rss2 or whatever the feed address is for your site.
- Add FeedBurner feed flares to feed – make it easy for your RSS subscribers to bookmark or email your posts with Feed Flares
- Change permalink structure – use pretty permalinks for better search engine optimization. I always use the following custom permalink structure:
- Google (XML) Sitemaps - important for search engine optimization. This is not for your readers, but for the search engine crawlers that visit your site.
- Ultimate Google Analytics - this is an easy way to install Google Analytics on your site. There is another plugin that does this, but this one is “ultimate” because it also tracks outgoing links and links to downloads.
- Simple Tagging – tags are important for search engines and for Technorati. I tried all the other tagging plugins, and this is the easiest to use, and with it you can easily create a tag cloud and add related posts to each entry. Creating a tag cloud with Simple Tagging.
- Full Text Feed plugin – if you want your RSS subscribers to be able to see full text feeds, and you plan on using the More tag in your posts to create excerpts, you need this plugin.
- WordPress Database Backup - if you value your work, install this! It will send a backup file of your database to your email on a regular basis.
- WP-ContactForm: Akismet Edition – easy to use, functional contact form.
- Search Everything – if you have Pages on your site (i.e. not posts) with important information, they should show up in search results on your site. By default, WordPress excludes Pages from search results.
- WordPress Dashboard Editor – this allows you to easily get rid of all the incoming WordPress feeds that appear on your dashboard. I don’t find that they add any value for me, and I know that they would just confuse my clients, so I use this to get rid of them.
- DoFollow – if someone comments on your site, why not give them the gift of a link back to their site? Since I set up every site so that first comments from a commenter must be approved, I’m not worried about spammers getting links back to them.
- WP-Cache 2.0 – since you never know when you’re going to write that amazing post that the whole world will digg, install this so that when that day arrives, your servers(hopefully) won’t crash.
- Subscribe to Comments 2.1 – blogs are communities. Allow your commenters to follow comment threads by subcribing to comments.
- Add comments feed to header for more subscribers – this is a way to increase your comment feed subscribers by adding the Comments Feed to the list of feeds that are displayed when a user clicks on the RSS link in the browser.
- Hacked Antisocial (hacked version of Sociable) – you need to give your users an easy way to bookmark your posts. This plugin does this, while not diminishing your “link juice” – or WP Plugin: Gregarious – this is an efficient and customizable plugin that adds a little green icon at the end of posts, with wording of your choice (like “Bookmark this”), and when clicked opens a drop-down menu with a list of social sites for bookmarking, plus the option to email the post.
- ST Visualize Advanced Features or Advanced TinyMCE Editor – the default WYSIWYG editor in WordPress is painfully simple. A little known secret is that there are more buttons available, but they are hidden. The ST Visualize Advanced Features plugin adds a button to the toolbar that, when clicked, opens up another row of formatting buttons. The Advanced TinyMCE Editor plugin turns the toolbar into a full-fledged WYSIWYG with 60 functions!
- WP-PageNavi – puts nice pagination at the bottom of every page. This just increases usability and tells the user how many pages there are on the site, and where they are in the scheme of things.
- Yes-www – make sure that all pages are either with the “www” or without, depending on your preference. The advantage of this plugin is that it also deals with index.php requests, and redirects them accordingly.
- All in One SEO pack – optimizes titles, makes sure Google doesn’t spider duplicate content – or the SEO_Wordpress plugin – both prevent duplicate content spidering and generally improve the site for search engines. Now I use All in One SEO Pack only- it does everything, including meta keywords and descriptions, title optimization (list the post name first, and then the name of your blog, for SEO – like this: How to protect your WordPress site >> wpgarage.com. In the default installation, these elements appear with the blog name first, and then the post name).
- Viper’s Video Quicktags – the best solution for easily adding videos to posts – adds simple buttons to the advanced WYSIWYG editor for easily inserting all types of media formats in your posts and pages.
- Setting up pinging – you can enter ping addresses under Options>Writing in the admin. Here is a list of ping addresses that you can copy and paste into that box. Alternately, you can use an online pinging service, like King Ping. If you enter your blog URI on the King Ping site, it will ping 53 sites every time you post. These sites have been manually reviewed for suitability and quality.
- Submit site to Google, Technorati, Yahoo, Dmoz
- Secure the site – follow this list of directions to add greater security to your WordPress blog or site.
- Enrich RSS feed by adding copyright notice, comments and related posts
Nice to haves:
- Comment Email Responder Plugin – easily email commenters and post a comment in response in one shot
- Simple Spam Filter – more spam protection. Works in conjunction with Akismet
- Admin Themer – make modifications to the admin in a separate CSS file so they are preserved even when you upgrade.
- Landing Sites – when people come to your site from a search engine, show them other possible posts they may be interested in based on their search query
- WP-Chunk – shortens long URLs in comments so they don’t mess the layout
- WP – ©Feed – add copyright notice, related posts and comments to feed to stop sploggers and extend the reach of your feed
- Digg This – adds Digg button when your posts are digged/dugg
- Custom Query String – allows you to set how many posts will appear on different pages like Home, Search, Category
- No self pings plugin – if you link to another post in your own blog, it appears as a trackback. I don’t like these trackbacks, and delete them. This plugin stops self-pings automatically.
- Slug Trimmer – if you use pretty permalinks, they are formed from the titles of your posts. Sometimes the titles are long, and then you end up with a really long URL. This plugin trims the URLs automatically.
- SRG Clean Archives - this allows you to create a useful archive page, where the posts are divided up into months and years.
- Separate pingbacks and trackbacks from comments – makes the comments section more organized. This is not a plugin, but a hack to the template files. The TrackbackList Plugin v1.3 does this too.
- Optimize DB – Your WordPress database can get clogged with junk. This plugin optimizes your database simply and efficiently.
- Author Highlight – this highlights comments by the author of a post, making them stand out visually from the other comments. It is possible to do this by coding the template files and CSS too.
- OneClick – no more unzipping and then FTPing themes and plugins. OneClick allows you to upload plugin or theme files from the Admin panel, or right-clicking in Firefox. All you have to do is browse for the zip file and click “upload” and the plugin does the rest.
- Sticky Menu – Sticky Menu lets you define an unlimited number of menus, in which you list the exact number of menu items you want to appear. Menu items can link to any pages, posts, etc., in your site or any URLs exterior to your site. You can define a class name for each menu item.
- Fancy pull-quotes plugin - instead of creating a style for pull-quotes, you can use this plugin to make it easier.
- TinyMCE Comments - this makes it easy for commenters to format their comment. It seemed to slow down my site a lot.
- cforms – the easies, most flexible form builder I have ever seen. You can have multiple forms on one site, add as many fields as you want, divide your form into sections, validate, style it, have email autoresponders, track submissions, and more!
Category: Good Blogging Practice