You will also want to read:
Automatic Update in WordPress
Changing your WordPress website location
Configuring the basic settings in your WordPress website
How to Backup Your WordPress Website Automaticaly Using Backup Plugins
How to Fix a Hacked WordPress Website
These ten steps will help you optimize your WordPress website and keep you safe:
1. Implement WordPress caching
WordPress by default will dynamically create your pages and posts by pulling from your database.
If you have 100 people view one of your pages, by default this will cause 100 PHP executions.
Instead the first person to view your page should pull from the database, and create a cached page.
This cached page can be viewed, hundreds, if not thousands of times by others with minimal usage.
WP Super Cache (Basic and easy to setup)
W3 Total Cache (Offers more advanced caching options)
Also read:
How to Install and Setup Your Premium WordPress Theme
How to Keep Your WordPress Website Updated
How to Manage 403 Forbidden Error in WordPress
How to Optimize and Speed Up Your WordPress Website
How to Secure a WordPress Website
2. Be careful of known intensive WordPress plugins
WordPress plugins can vary greatly in how efficiently they were created, since anyone can make one.
You can try to find an alternative plugin, seeing if leaving one of these disabled brings your resource usage down enough, or if it's really necessary to your site's function you could upgrade to a VPS.
You could also use the P3 Plugin Performance Plugin to try to figure out which WordPress plugins are the most intensive.
Below is a list of plugins we've seen customers have issues with before as they seem to utilize a large amount of resource usage compared to most plugins.
CMS Tree Page View
Constant Contact
WordPress Widget
Digi Auto Links
Disqus Comment System
FireStats WordPress
Geo Mashup
Google Talk Widget
NextGEN Gallery
PHP Code for Posts
Quotes Collection
Reveal IDs
Simple Post Thumbnails
Skype Status
VaultPress
WassUp Real Time Analytics
Wordgento
wpCloaker
WordPress Facebook
WP Forum Server
WP Live Stream
Online Backup for WordPress
WP Autoresponder and News Plugin
WP Super Heatmap
WP Symposium
Yet Another Related Posts Plugin
Also read:
How to create a simple portfolio website with WordPress
How to create and manage a page in WordPress
How to safely disable the WordPress automatic update feature
How to update your WordPress installation
3. Disable default wp-cron.php behaviour
WordPress runs wp-cron.php on every visit to basically ask "do I have anything to do?"
When visitors start to roll in, checking multiple times the same hour is very inefficient.
By default your wp-cron.php script could be getting called hundreds of times an hour.
Setup a manual cron job to run this instead, at a more appropriate 4 or 6 hour interval.
Disable the default wp-cron.php method in WordPress
4. Disable WordPress autosave and log out of dashboard
WordPress autosaves, and admin dashboard activity goes to the /wp-admin/admin-ajax.php script.
There can sometimes be hundreds, if not thousands of these requests and you can limit them by disabling the autosave feature in WordPress and staying logged out of the admin when not in use.
5.Limit or block search engine crawlers
By using a robots.txt rules file, you can deny access to certain search engines you don't want crawling your website, or deny them to particular sections of your website.
6. Stop or slow search engine crawlers on your website with robots.txt
Block unwanted users from your site
You can outright deny access to your website from either certain IP addresses, or User-Agents.
For instance the following .htaccess code would block the Chinese Baidu.com spider, HTTrack which is a website copier, and the Russian Yandex.com search engine.
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^.*(Baiduspider|HTTrack|Yandex).*$ [NC]
RewriteRule .* - [R=403,L]
Block unwanted users from your website using .htaccess
7. Deal with WordPress comment spam
You should be using a CAPTCHA plugin to protect against comment spam like WP-reCAPTCHA.
If your WordPress site already has comment spam you can clean up WordPress comment spam.
Find out who is comment spamming you
If you alread have comment spam you should remove it from your database, and then you can try to protect against further comment spam based off who is trying to spam you.
For instance, a WordPress site today had these unique IPs that were trying to spam them:
8 218.10.17.148
8 60.173.26.43
8 60.173.26.61
9 218.10.17.208
9 218.10.17.94
9 60.173.10.231
9 60.173.10.242
9 60.173.10.244
9 60.173.11.219
9 60.173.26.47
9 60.173.26.57
So we can see that there are a lot of unique IP addresses from the 60.173 range, and the 218.10 range that are trying to spam our comments at least 8 times each.
Now you can try to see where these IP addresses are from using a website like geoIPtool.com
In this case you'd end up looking at:
http://www.geoiptool.com/en/?IP=60.173
http://www.geoiptool.com/en/?IP=218.10
These ranges are all from China, so if that's not your target audience, there probably shouldn't be people from there commenting on your website.
Block IP ranges from accessing your website at all
You can outright deny these IP ranges in .htaccess with this:
Deny from 60.172
Deny from 218.10
Block IP ranges from commenting on your WordPress site
Or if you wanted to still allow people from these IP ranges to visit your site, but not comment on it, you could use these .htaccess rules:
ErrorDocument 503 "Commenting disabled"
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^60.173 [OR]
RewriteCond %{REMOTE_ADDR} ^218.10
RewriteCond %{REQUEST_URI} ^/wp-comments-post.php$
RewriteRule .* - [R=503,L]
Also read:
The Many Uses to Which You Can Put Your WordPress Website
What you should know about optimizing your WordPress website for speed
7 Security Tips for a WordPress Website
8. Limit or disable WordPress revisions
Although not as intensive as preventing requests in the first place, you can also disable or limit WordPress revisions to improve database performance as well.
Limit or disable WordPress revisions
Install and use the Better Delete Revision WordPress plugin
9. Update everything WordPress
To ensure everything is running optimally be sure to update regularly.
Update WordPress from admin dashboard
Update WordPress theme
Update WordPress plugin
10. Request further help from support
If all of this fails to help your WordPress website run faster and use up less resources, then a deeper investigation probably needs to be done on your access logs to see what's really being requested the most which could be causing problems for you.
Resource usage patterns typically come in waves, so it's important to enable raw access logs in cPanel for your account, so that if you need to contact support for further help, we have a lot of data to work with to recommend you something as a possible culprit of your high usage.
Once you have at least a full day of logs, feel free to contact techinal support for further help.
Advanced optimization for WordPress websites
Advanced optimization for WordPress websites: Optimizing your WordPress site may sound like a daunting task, but following this guide will help you take control of your site's performance. This can both reduce the CPU resources of your site and increase the overall speed of your WordPress site.
Evaluate Your Needs
The first thing you should do when considering optimization changes is to understand what direction you need to work in. Here are a few recommended tools that will help you find your starting line.
Google's PageSpeed Insights - This powerful tool will provide you with meaningful and direct recommendations on performance best practices that can be applied to your site. These recommendations often come with a step by step tutorial on how to accomplish the provided suggestion.
Pingdom Website Speed Test - Pingdom's speed test allows you to see what lies beneath your slow pages. You can use this tool to view recommendations and also to see what specific requests had to be completed in order to load the default page of your site. This is especially useful if you need to identify large or problematic files.
Limit Plugins
When you're working towards optimization, your next stop should be your plugins. Browse through your plugins and try to identify any that you can do without. This could mean that your site no longer uses the plugin, or you have found an alternative and no longer need the plugin.
For instance, if you have a plugin that locates broken links on your WordPress site, try searching for a browser based alternative, such as Broken Link Checker. A common rule of thumb with WordPress sites is "less is more" when it comes to plugins. Try to limit your site to stay under 20 plugins at a time. For additional information regarding WordPress plugins, please refer to the following article:
Plugins Advice
Work Smarter, not Harder
Size
A common reason for slow page speed is the actual size of the page in question. The larger the page, the harder the site has to work to execute each portion of the page. This includes loading any large photos or images you have incorporated into your site. Below is a general guideline to site size:
Excellent: Under 500kb
Good: Under 1mb
Acceptable: 1-3mb
Needs Improvement: Above 3mb
There are several ways to identify what images may need to be addressed and optimized, one of which is to use the tool mentioned above, Pingdom. You can run the speed test on your site and then sort by file size. This will give you an idea of what images you need to resize. Once you have your starting point, use a free image resizing tool such as picresize and replace the images as you resize them. It is good practice not to exceed 100kb if speed is your primary objective. Any new images you add should be optimized prior to uploading them to your WordPress site. Additionally, if your theme is utilizing a specific image for a header, don't rely on the theme to resize the image for you. If the featured image displays at 120 pixels in width, make sure you create the image or resize it to the exact size that will be displayed.
If you're looking for a quicker way to accomplish these optimizations, you can install the WP Smush.it plugin. This tool provides you the ability to compress image files while also stripping meta data from the image files. You can install this plugin and run it on your current media library. Once this plugin is active, any new image you add to your library will automatically be optimized as well.
For alternate optimization suggestions, you can use GTMetix, which is comparable to Pingdom.
Scripts
Using external scripts that rely on remote pages such as Facebook links, Twitter feeds, and external videos can impact the performance of your site. You'll want to limit these external tools as much as possible so your site is not held back by scripts you cannot control.
Features of the Greg's WordPress SEO plugin
Features of the Greg's WordPress SEO plugin: the Greg's High Performance SEO plugin focuses on genuine SEO characteristics, enabling you to optimize your site in each of the following areas:
Main title
Head section: description, keywords, robots indexing and following instructions, canonical URLs
Secondary title (visible in the page body)
Secondary description (visible in the page body)
Paged comments and duplicate content
Features of the Yoast WordPress SEO plugin
The WordPress SEO Plugin by Yoast is a complete SEO solution that incorporates a high range of SEO functionality. These features include the following:
- Post titles and meta descriptions
- Robots Meta configuration
- Canonical
- Breadcrumbs
- Permalink clean up
- XML Sitemaps
- RSS enhancements
- Robots.txt and .htaccess configurations
- Clean up head section
- API Docs
To identify the scripts of most impact on your site you can use Pingdom and GTMetrix as previously discussed. This will tell you how many remote files your site is loading.