How to optimize and speed up WordPress

If you’ve been reading the web recently you might already noticed that your site loading speed affect your search rankings as written by Google Websearch team. Although previously i’ve wrote about the same topic in the past, i decided that perhaps a rewrite with proper formatting would be better and although the title says WordPress, most of the instructions listed here can be applied to non WordPress based sites too

And before i begin, i need to mention that in order to use this you need to enable specific Apache Module or it’s not going to work at all. And i choose to not include the conditional check to make sure that the rule being applied is working as it should (assuming that you’ve typed everything correctly) or else you’ll get 500 Internal Server Error Message (if the required module is not enabled or being disabled by your web host) which is going to be useful especially if you’re in Shared Hosting. But unfortunately if you’re on shared hosting some of the tips here can’t be applied because of the limitation from shared hosting itself

And with the above said, let’s begin the WordPress Optimization ;)

Enable Deflate / Gzip

If you have full control of your server (VPS or Dedicated) or sure that mod_deflate and mod_setenvif is installed and enabled by your web host (Shared Hosting), by using this method you can reduce your page size and in the end your visitor will benefit from faster loading times due to smaller page size and all you have to do is just put this in your .htaccess file

WordPress 2.3, tags, categories … and duplicate content

Duplicate Content ?I guess you’ve already heard about the new tags feature (basically it’s just the same as site categories) that is built into the core of WordPress 2.3. But now if you’re wondering does the new tags function can really give you some benefit from Search Engine and your site visitors point of view ? The answer of course is depend on your site visitors itself and whether you care about duplicate content or not, so it’s up to you to decide it ;)

(more…)

4 things you should know to simplify your WordPress Upgrade process

For the past few days i’ve seen various support topics at WordPress.org support forums and it’s all thanks to the new release of WordPress 2.3 that introduces new database schema changes (and that’s why most of the questions asked is related to the database error message)

While personally i do not have any problems when upgrading WordPress, but i thought it’d be best to share these tips especially to those who want the easiest way to upgrade their wordpress installation even when you’re going to upgrade to another major version (such as from 2.0 to 2.1, 2.2 to 2.3, etc)

And here are the tips :

(more…)

How to protect wp-admin directory using htaccess

If pretty sure most of you who use WordPress knows that there are 1 important directory and 1 important files that can be accessed by anyone (assuming that you don’t have any plugins that record, disallow them from being accessed) called wp-admin and wp-login.php. And if you’ve been wondering on how to prevent / restrict access to that directory to yourself only, perhaps this simple guide can help you with that

Here’s the code that you should be copy paste to your root .htaccess file (where wp-login.php exist). And also as a note, i didn’t put any IfModule check here, so if you get 500 Internal Server Error after putting below code to your .htaccess file that means your hosting doesn’t allow you to use mod_rewrite. But if you’re able to use custom permalink on your WordPress site, that means mod_rewrite is enabled so you can use below code without problem ALSO this is designed for one man site only (in other words you block access from everyone else other than you to your WordPress dashboard), so make sure to adjust it accordingly if you allowed anyone else

# Redirect wp-admin and wp-login to specified address if not from specific ip
# Btw you're free to add additional directory as you see fit
# Note: This'll break your site if you have plugins/themes that depend on accessing admin-ajax.php
RewriteCond %{REQUEST_URI} wp-login|wp-admin
RewriteCond %{REMOTE_ADDR} !^123.456.789.
RewriteRule . http://www.domain.com/ [R,L]

# Or .. if you prefer to return 404 Not found instead of redirecting it, use below code instead
RewriteCond %{REQUEST_URI} wp-login.php|wp-admin
RewriteCond %{REMOTE_ADDR} !^123.456.789.
RewriteRule . - [R=404,L]

As an added bonus, because most webhosting enable autoindex by default (that can allow other to browse your directory structure if you don’t have index file defined), i’d suggest you to add below code to your .htaccess too

Fix for Search Everything WordPress Plugin

Finally i can activate the Search Everything plugin once again (i temporarily disabled it after upgrading to WordPress 2.1 because of producing duplicate results. Especially if the results can be found on multiple pages). And fortunately there’s someone already found a solution for this problem (many thanks to Tiago Pocinho by creating a fix for this problem)

To fix this problem, you can simply add below lines to the search everything plugin :

add_filter(‘posts_request’, ‘SE2_distinct’);
function SE2_distinct($query){
  global $wp_query;
 
  if (!empty($wp_query->query_vars[‘s’])) {
    if (strstr($where, ‘DISTINCT’)) {}
    else {
      $query = str_replace(‘SELECT’, ‘SELECT DISTINCT’, $query);
    }
  }
  return $query;
}

WordPress HTML Injection Vulnerability

Wow .. i just got back .. and i read a very interesting news about the recent wordpress html injection vulnerability issue that is exists on several .. um .. almost all versions of wordpress below 2.0.6 (well i dont know anything about the 1.x series of wordpress because i never use it before)

Fortunately there is already a fix for this problem and you can do it by applying the latest patch from WordPress Trac into the templates.php file in your wp-admin directory

As as a note, if you want to see a proof of concept regarding this wordpress issue, you can go to David Kierznowski homepage and see it by yourself

And yet another note, WordPress 2.0.6 RC2 has been released (from the WP-Testers Mailing Lists) and this new release candidate already include a fix for this problem

WordPress, Duplicate Content and Google

Google recently just published an article about duplicate content and how to avoid your site producing duplicate content on their blog

And i think most of you already know that if you’re using WordPress based CMS / blogging platform, you may find your category, and archive pages are duplicating your site content.

For some people they don’t really care about this because they rank well in Google without being penalized because of duplicate content, while some other also say that their site keep losing index from Google

By the way here’s what Google said to avoid having duplicate content on your site:

List of useful WordPress Plugins

Because i haven’t made a post about the recommended wordpress plugins to be used on a self hosted blog (because if you’re using wordpress.com account there’s no way you can use it), so i think this is the right time to post some of the most useful wordpress plugins .. okay here’s the list .. :

Note: I’ve tested all plugins listed here on WordPress 2.0.5 except for WP-Slimstat, and another note, i’m not using all of the plugins listed below here on my blog but i’ve tested them all on my private server *cough* i mean *cough* local server :P

Stats Tracking :