Shulou(Shulou.com)06/01 Report--

This article is about what you should do well after installing WordPress. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

How to optimize your WordPress website?

These recommendations are only for self-built WordPress sites and do not apply to WordPress.com. In addition, I assume that you set up WordPress on Apache. Let's get started:

1. Change the default media upload directory

The WordPress default will store all your pictures, files, and other uploaded files in the wp-content/uploads directory.

It's a good idea to store your images outside the WordPress directory, preferably under a subdomain. This has several advantages, your image URL will be shorter, daily WordPress backups will be more flexible, and most importantly, loading images from different servers will help improve the opening speed of web pages.

WordPress 3.5 (or later) no longer provides the option to change the default media upload directory, but you can use a plug-in to turn on this setting. At the same time, deselect this option-"arrange my uploaded files to be based on" month "and" year ".

two。 Remove unnecessary meta-data from your WordPress site

If you check the source code of your WordPress site, you can find that some meta tags are not necessary. For example, the version of WordPress you use will be displayed in the source code.

This information is a good tip for hackers looking for attacks on older or less secure WordPress sites. Completely remove the version number and other non-essential meta-data from your WordPress source code, just add this code to the landscape theme's functions.php file.

The code is as follows:

Remove_action (1wp_head1, 1wp_generator1)

Remove_action (1wp_head1, 1wlwmanifest_link1)

Remove_action (1wp_head1, 1rsd_link1)

The WLW-Manifest function (second line) is used by Windows Live Writer to download the style and landscape theme of your WordPress blog. Windows Live Writer users do not use the instant preview feature, so you can close this function.

3. Prevent users from directly browsing your WordPress directory structure

If you don't want anyone to view your WordPress file and folder list directly, add the following code to the existing .htaccess file in your WordPress.

Options All-Indexes

And confirm that the wp-content/themes and wp-content/plugins directories contain blank index.php files.

4. Disable the HTML function of WordPress echo

WordPress's echo message box is a small HTML editor, and visitors can use some standard HTML syntax like, to format their messages. They can even add hyperlinks to their messages. If you want to disable HTML in WordPress echo, just add the following code to your functions.php file.

Add_filter (1pre_comment_content1, 1wp_specialchars1); [/ code]

5. Turn off the WordPress article version feature

WordPress has a built-in version of the article that allows you to track changes so that you can go back to the previous version of the article at any time. The article version will also increase the size of the wp_posts table in WordPress because new content will be added with each revision.

To disable the article version in WordPress, open the wp-config.php in your WordPress directory and add the following code:

The code is as follows:

Define (1WP_POST_REVISIONS1, false)

In addition, if you want to retain the article version feature, you can limit only the number of revisions WordPress stores in the MySQL database and add the following code to wp-config.php: (3 is the number of article versions to be retained)

The code is as follows:

Define (1WP_POST_REVISIONS1, 3)

6. Change the time interval for automatic storage of articles

When you edit a blog post in WordPress's built-in editor, it will automatically save your drafts, which will help you quickly restore previously typed content when the browser is unfortunately disabled. Drafts are automatically saved every minute by default, but you can add the following code to change the automatic storage interval to 120 seconds (or 2 minutes):

The code is as follows:

Define (1AUTOSAVE_INTERVAL1, 120)

7. Hide other WordPress Feeds URLs

Your WordPress contains multiple RSS Feeds- blogs, articles, echoes, categories, collations, and other pages all have feeds-, which will be displayed in the source code of your blog using tagging.

If you only want to promote your main RSS Feeds, add the following code to your functions

.php file:

The code is as follows:

Remove_action (1wp_head1, 1feed_links1, 2)

Remove_action (1wp_head1, 1feed_links_extra1, 3)

8. Redirect all Feeds to your primary RSS Feed

In the previous step, we only removed unnecessary RSS Feeds from the page, but these RSS Feeds still exist. If you want to use a single RSS Feed such as FeedBurner and disable all other Feeds, add the following code to your .htaccess file. Remember to replace feed URL with your own URL.

The code is as follows:

RewriteEngine on

RewriteCond% {HTTP_USER_AGENT}! ^. * (FeedBurner | FeedValidator) [NC]

RewriteRule ^ feed/?.*$ http://feeds.freegroup.org/freegroup [LMagne NC Magee Renew301]

9. Hide the error message of the WordPress login screen

When you enter a user name that does not exist, or the wrong password to log in to WordPress, it will display a fairly detailed error message telling you that the user name or password is wrong, which is terrible.

Add the following code to the functions.php file to hide all login-related errors.

The code is as follows:

Function no_errors_please ()

{

Return 'GET OFF MY LAWN!! RIGHT NOW!'

}

Add_filter ('login_errors',' no_errors_please')

10. Enable the two-phase verification feature

It is strongly recommended that you start the two-phase verification. If someone gets your WordPress account password, they still need your phone to log in to the WordPress console.

Unlike Dropbox or Google,WordPress, there is no built-in two-phase verification feature, but you can use a plug-in to add it. Authy is a very popular two-phase authentication plug-in, although I like Authenticator because it can be used with Google's official Authenticator application.

11. Change the structure of a fixed URL

Do not use the fixed URL structure preset by WordPress, as this is not good for SEO.

Go to the WordPress console Settings-> fixed URL to change your WordPress fixed URL structure. In terms of search engine optimization and performance, the recommended structures are:

The code is as follows:

/% post_id%/%postname%

twelve。 Add lost favicon and touch icons

Your WordPress landscape theme may not contain site icons (favicon.ico) or Apple touch icons, but web browsers and RSS readers may still request these files from your server. The best way is to provide these files instead of sending back 404 errors.

Place a 16 × 16 favicon.ico and 144 × 144 apple-touch.png files in the root directory of your website. Then add the following code to your .htaccess to re-file all Apple touch icon requests to a specific file.

The code is as follows:

RedirectMatch 301 / apple-touch-icon (. *)? .png http://upload.chinaz.com//

13. Disable indexing WordPress programs

You want Google and other search engines to crawl your blog posts, but you don't want to index the programs you use for WordPress, plug-ins, and landscape topics.

Open the robots.txt under your WordPress home directory and add the following code to prevent search engines from indexing components in the WordPress background.

The code is as follows:

User-agent: *

Disallow: / wp-admin/

Disallow: / wp-includes/

Disallow: / wp-content/plugins/

Disallow: / wp-content/themes/

Disallow: / feed/

Disallow: * / feed/

14. Set Admin permissions to readers

If your WordPress account is "admin", create a new user name and give him system administrator privileges. Then log out of WordPress, log in with a new account, and set the "admin" permission from the system administrator to the reader.

You may want to consider deleting the account "admin" and then transferring any existing articles and pages to the new account. This is an important step for security because we don't want to give anyone a chance to guess the name of a user with WordPress administrator privileges.

15. Hide your XML Sitemaps from search engines

XML Sitemaps can help search engines better crawl your site content, but you don't want search engines to display your site map on the search results page.

Add the following code to your .htaccess to prevent XML Site

Mals is indexed by search engines:

Header set X-Robots-Tag "noindex"

16. Do not use WordPress's built-in search function

Make sure that your site search function is provided by Google custom search, do not use WordPress built-in search function.

WordPress searches usually return irrelevant results. Another benefit is that doing so reduces the load on your WordPress server and database, because search queries will be processed through Google.

In addition, if you plan to continue to use WordPress's built-in search function, use the Nice Search plug-in! It can create a better fixed URL (/ search/tutorials vs / s?tutorials) for your WordPress search page.

17. Protect your wp-admin directory with a password

You can simply add additional security to WordPress, such as protecting wp-admin directories with passwords. You must remember two sets of passwords to log in to WordPress-including your WordPress password and the password to protect the wp-admin directory.

18. Analyze and record 404 errors in Google

404 errors will miss the opportunity for users to access the site. You can use Google analysis to record your 404 errors, including details such as where they came from.

Add the following code to your Google analysis tracking code, after the _ gaq.push function:

The code is as follows:

_ gaq.push ([1_trackEvent1, 14041, _ document.location.pathname + _ document.location.search, document.referrer, 0, true]) 2

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.