Back to Posts List

Reliable WordPress Through Plugins

Share this article





Posted on August 3rd, 2012 by Victoria Pal in Tech

pluginsToday, WordPress is probably the most popular blogging platform. Updates roll-out frequently, undergoing constant development. With the majority of bloggers making WordPress their CMS of choice, one cannot help but wonder how safe it is?

Well, it is in fact pretty safe. Not that there are no security issues and exploits every now and then - there are. Fixes are usually available before code oversights become known to the masses. Due to its popularity many try to exploit WordPress, for one reason or another. Updating your installation up to the latest version is one way to avoid most common problems, but this is really the bare minimum you need to cover.

You need to be prepared for high server load (if you are on a shared hosting performance can be an issue), attacks, spam, and if everything goes wrong – to recover as quickly as possible. If you want to make your installation more reliable, while increasing its performance, then consider the tips we have for you.

Cache and CDN

OK, so why would caching be important to make your blog more reliable? That’s an easy one. Shared hosting can sometimes misbehave and underperform. Serving dynamic pages takes more resources than serving static content. Having frequently accessed pages cached (generated and saved as static content) will take load of your hosting provider and reduce the time it takes for the users to view your web page.

To enable caching on your WordPress installation you need to get one or more of the following plugins:

WP Super Cache

I’ve been using WP Super Cache for about 2 years. It works like a charm and it has tons of features. If you are looking for a one-plugin-has-it-all solution, this one is for you. Not only can you enable caching of your pages and post, but also set up a CDN for your static files (CSS, Javascrip and images). Reviews of this plugin are consistent – it speeds up response and loading times dramatically. One thing you need to keep in mind is that this plugin will not work well with similar plugins, such as DB Cache, its derivative DB Cache Reloaded and the most recent DB Cache Reloaded Fix (only one working with WordPress 3.4.1).

Hyper Cache

This plugin is one of the newer cache control tools you can find in the Plugin Directory. It is claimed that it might perform even better than WP Super Cache. There are benchmarks to back up this statement up. The plugin is intended for people with cheaper shared hosting solutions, where performance is sometimes a big issue.

DB Cache Reloaded Fix

This one will cache database queries to further improve the performance of your web pages. To achieve this, DB Cache Reloaded Fix decreases the number of queries to the DB, which makes your blog less resource hungry and helps you serve more visitors at once. A combination of this plugin and Hyper Cache is believed to offer the best results and shortest loading times.

CloudFlare

I’ve mentioned CDNs as one option to make your site load even faster. If you don’t want to go into all the hassle of adding new sub-domains and splitting resources between it and your main site, there is a 5 minute solution anyone could use – CloudFlare. If fact, any site can take advantage of it, WordPress or not.

CloudFlare can be implemented in under 10 minutes. It will improve your loading times while protecting you from most common attacks. The concept behind this content delivery network is quite brilliant. It servers cached copies of your pages and fights off third party attacks. Even if they are persistent, CloudFlare takes the hit for you. It can be integrated with your existing WordPress installation through their plugin.

It will save you bandwidth, make your site load faster, and provide rudimentary protection against a DDoS attack. Oh, yeah, and it is free.

Security

Slowly making our way down the list, we need to address security issues. WordPress is a common platform, third parties with malicious intent know their way around it pretty well. Plugin vulnerabilities, weak passwords, and obsolete software are the most common cause of problems.

There are some fairly easy to use tools to locate and test WordPress installations for security flaws. A combination of two tools, which run seamlessly on most Linux installations, is all that is required to generate and probe hundreds of installations for security flaws. Giving a hard time to anyone who tries to brute force their way into your blog is relevantly easy using only a single tool. After all, we don’t want to have more plugins than blog posts, do we?

Better WP Security

This plugin can easily be described as a security Swiss army knife. You can use only the features you want and work for you. Using a basic set of features will make your blog very hard to recognize, prevent brute force attacks and allow you to block agents and hosts who send trouble your way.

Your first line of defense is being hard to recognize. If your WordPress installation doesn’t give itself away to bot, you will already be protected from half the people who are after your blog. Changing the default user to anything different from “admin” is one of the first things this plugin does. If a bot tries to get inside your blog, by trying different usernames and passwords, it will have a hard time doing so if your usernames is not as generic as “admin”. Better WP Security kicks out the bot, or any host trying to login more than 5 times (you can change that number). If the host is banned more than 3 times, it will enter a blacklist.

Attempts to scan your blog will be detected, reported and blocked out. Now there is one downside to Better WP Plugin. Some features will require your server to have more than 128MB of RAM and this can be a problem with shared hosting.

Backup & Recovery

If all proactive means of protection fail, then the only thing left to do is to be reactive. Backing up your site frequently is the best, and most overlooked, way to save yourself hours of downtime. When it comes down to backups, one is never enough. Redundant data backup is the way to go. Using CodeGueard and WordPress Backup to DropBox is a perfect match. If your DropBox backup fails, you can always result to CodeGuard.

CodeGuard

With WordPress, I consider CodeGuard my last resort. The basic service is free up to the point where you really need the backup. You get daily file and database backups.  If you need your data you need to pay no more than $25 to access it. Their WordPress plugin makes the integration seamless and you can setup everything in your coffee break. If your blog is less than 2GB in size, sign up. You never know when you might need it.

WordPress Backup to Dropbox

This plugin will put DropBox to work. You can schedule your backups and send them directly to a folder in Dropbox. The tool is flexible and you can exclude folders you don’t really need. Backup on demand is also available, assuming you need to perform changes, but want to be extra cautious.  It is wise to schedule backups according to your time zone and perform then when there is no significant traffic, usually nighttime.

Maintenance Mode

Last on the list, but just as important as any other plugin we have mentioned, is “Maintenance Mode”. When you are tinkering with your WordPress theme, trying out new colors, custom pages and widgets, it is not a bad idea do have your site in maintenance mode. Visitors don’t need to see broken templates, errors and defaced websites. This plugin will present everyone but you with a nice message, saying your blog is currently undergoing scheduled maintenance, and it will be back online soon.

Taking it one step further, it will also let search engines know that your blog is still there, and instruct them to come back later to crawl its contents. If your site gets defaced, this should change your passwords and activate this plugin immediately. Users won’t be harmed and search engines won’t flag you for spam and links to inappropriate websites.

It would only take an hour of your time

If you spare and hour and implement the plugins from this post, you will have a site which loads faster, can handle more people at once, is better protected and can get back online even if the worst takes place.

If a plugin is working particularly well for you, share it in a comment below. We are eager to know what’s in your arsenal.

Do you want to know if your WordPress site is accessible all the time? Sign up for a 30-day free trial to test all our monitoring services absolutely free for one month.

Victoria Pal

Doesn't like queuing (particularly at Wimbledon). Likes travelling, tennis and reading. Loves working as a Project Manager at WebSitePulse.

comments powered by Disqus