WordPress 201

Howdy!My name is Jason Cosper .

I work for

Today, I'm going to teach you how to do some stuff.

Like improve your site's performance.

And make it more secure.

So let's get started...

Performance

How do we reduce load time?

Methods for Reducing Load TimeVisitor & server side cachingImage tweaks & optimizationJavaScript & CSS minification

We'll go ahead & begin with caching...

ALWAYS BE CACHING

Page Caching PluginsWP Super Cache W3 Total Cache

WP Super Cache vs. W3 Total Cache

Browser CachingI've adapted a set of .htaccess rules from HTML5 Boilerplate forthis.

There's no need to reinvent the wheel, right?

Now, let's tighten up those images...

Fun with(out) Photoshop

Compress Your Images LocallyImageOptim Radical Image Optimization Tool Smush.it

Compress Images on Your SiteWP Smush.it

Load Images As They're NeededLazy Load

Finally, let's cut the fat on your CSS & JavaScript...

gzip it!

Compressing Your CSS and JavaScriptWP Minify W3 Total Cache

Okay, that covers performance.

Now, let's focus on security.

But first, we'll cleanse our palate with a video .

Security

How can we lock WordPress down?

Methods for Securing WordPressBlock attacks at the server levelProtect your admin areaStaying on top of updates

How about we start with blocking attacks at the server level?

The ol' bob & weave

Who's already using a plugin?

Here's why that's not such a great idea...

Blocking Without Plugins5G BlacklistCloudFlare

Okay. Now let's chat about insulating your admin area...

Protect ya neck, kid

So, we want to keep unauthorized people from getting into your admin area.

But we also want to not be annoying to the site's contributors, right?

The Programable BouncersLogin Lockdown Auto Expire Passwords Google Authenticator

Note: Enabling all of these at once can make logging in an ordeal.

Let's finish this out with a conversation about updates...

Updating: Not just for weekends anymore

According to WPsecure , there were 186 exploits for WordPress and its plugins in 2011.

"But it's such a pain to stay on top of plugin updates!"

You know what's an even bigger pain? Cleaning up a hacked site.

Getting an email reminder though? That's no pain at all.

Update RemindersWP Updates Notifier

And that covers security.

Questions?

That's it! Thanks for hanging out.