25 Ways to Speed up a WordPress Website – Part 2
16) Disable pingbacks and trackbacks
Pingbacks and trackbacks are basic WordPress elements that notify you as and when your web page or blog receives a link. They may come across as efficient tools, but there are other tools like Google Webmaster which help in checking the links of your website.
Enabling them would put an unwanted load on your server because every time someone would try to link up to your website, it would generate requests from WordPress back and forth. These features are extensively misused while targeting a website with DDoS attacks.
Thus, disabling them will help you speed up your website.
17) Control the number of post revisions stored
You could install the Revision Control plugin to ensure that you keep post revisions to a minimum. It could be set to 2 or 3, so that you have something to resort to, in case you make a mistake, but it should not be kept too high so that you don’t clutter your back end with a number of posts that are not needed.
18) Set up monitoring for website errors and uptime
A popular saying goes like what gets measured gets managed. This is also true for website speed. Only if you are aware that there is a problem, you can take corrective action.
Many tools like Pingdom offer automatic monitoring to measure the speed of your website. They send you an email notification if your website gets too slow, once you register for it.
GTmetrix also has a service of monitoring key metrics like server response time and visual render time which is what Google and your visitors will really appreciate.
Uptime Robot helps you monitor numerous websites for free and notifies you immediately through an email or SMS for downtime or other serious issues on your website.
19) Disable hotlinking and leeching of your content
Hotlinking is a kind of bandwidth thievery. It usually happens when other websites give a direct link to the images on your website in their articles, thus, increasing the load on your server.
It refers to the method of making use of images that are not hosted on your own website, in your content. Instead of uploading an image from your media library, you give a link to another site, from where the image is loaded.
It takes away from your bandwidth because your server has to work to deliver the image to some other website and you get nothing out of it in terms of traffic.
Therefore, it is recommended to ensure that you disable hotlinking and leeching of your content. If you don’t, you are basically giving leechers free access to your bandwidth, hence decreasing your website performance for users visiting your website.
CloudFlare users can use Scrapeshield.
20) Avoid using sliders for better speed and conversions
Thus, since sliders don’t add real value to your website, it is recommended to choose a theme that gives you the freedom of not having to use sliders on your homepage.
21) Use a better social sharing plugin
To get the best speed, you could just display social sharing icons without the counts. But displaying the social counts might help with social proof and hence increase your traffic, so it might be okay to compromise a little on the loading speed for better business results.
Social Warfare is light and specially designed for social sharing. Also, it is optimized for speed and doesn’t slow down the website.
Sumo.com is a suite of tools, which loads the scripts for other tools too which causes the speed issue.
22) Remove query strings from static resources
Query strings is a term given to URLs that contain “?” or “&”.
Removing these query strings doesn’t increase the loading speed of your website, but it can help improve your score when testing using Pingdom or GTMetrix.
You can turn this option on inside WP Rocket.
23) Keep your website secure by enabling HTTPS and HTTP/2
Security is another WordPress speed up technique that often remains unnoticed. The resources that are being used to curb attacks cannot be used for processing the website’s code and processing queries to the database.
It is recommended to keep an eye on your access log to check for any excessive attempts to brute force attack your website. Sometimes, hackers like to see if they can break into websites or exploit vulnerable plugins to suck up your website’s resources, as a pastime.
Similarly, unethical competitors in your niche may launch Denial of Service (DoS) attacks that are designed to eat up your server’s resources and slow down your website so that visitors go to their website instead.
Hence, along with keeping WordPress and its components like plugins and theme updated, you should also keep a frequent check on your log files and server resources to see if there is an excessive load. Ideally, you would get an alert if the server load is too high so that you can investigate. Generally, excessive server load is caused by bots attacking your website.
You can safeguard yourself from brute force attacks and Distributed Denial of Service attacks (DDoS) attacks with the help of CloudFlare or Sucuri. It is not recommended to use only a plugin for security, because it will consume valuable resources using PHP, which will be expensive.
Thus, offloading security to CloudFlare or Sucuri would be less resource-intensive than using something like WordFence – an all in one security and firewall, which is a lighter alternative to WordFence, in case you’d like to use only a plugin. However, WordFence is recommended for security if the server has more resources.
If your website is still on HTTP, then it is recommended to get it upgraded to https (don’t use only plugins for this, else you might see some unexpected behavior).
24) Reduce external HTTP requests to a minimum
WordPress plugins and themes tend to generate plenty of HTTP requests, resulting in your website experiencing a drastic decrease in the page load speed.
To restrain this, you can easily reduce these external HTTP requests and keep them to a minimum by disabling scripts and styles that you don’t use. However, it should be kept in mind that you don’t remove all the scripts from your website.
25) Keep Your Site Secure
Apart from choosing a good hosting provider, it is highly recommended to ensure the following in order to keep your website secure:
• Avoid using nulled themes: Nulled themes are themes which are readily available for download for free, but illegally, which means you can’t find them on official market places. Typically, nulled themes can be found on dubious websites.
• Put a WordPress security plugin to place: Needless to say, a security plugin ensures the security of your website, inspects for malware, and monitors your website constantly to keep a regular check on the activities happening on your website.
• Using a strong password: This is essential as passwords form an integral part of website security and is an aspect that is overlooked. It is crucial to use a complex password or a password with a variety of numbers, letter combinations and symbolic characters like %, ! or @.
• Disable file editing: This should be done to ensure security in case a hacker gains access to your WordPress admin panel, which gives them a chance to infuse subtle, malicious code to your WordPress theme and plugins.
• Install an SSL Certificate: SSL has become a mandatory requirement, especially for sites that process sensitive information, like passwords or credit card details. Google too, has recognized the importance of an SSL certificate, and it gives websites with an SSL certificate a preferential placement in its search results.
• Change your WordPress login URL: It is strongly recommended to change your WordPress login URL, which is “yoursite.com/wp-admin” by default, as leaving it to its default settings would increase your chances of being targeted for a brute force attack to crack your username and password combination.
• Limit the number of login attempts: As a default setting, WordPress allows users to log in for as many times as they want. This makes you vulnerable to brute force attacks. Limiting the number of login attempts can save you from brute force attempts.
• Hide wp-config.php and .htaccess files: This would be of great help if you want to secure your WordPress website, as hiding them would prevent hackers from accessing them.
• Update your WordPress version: As mentioned earlier, updating WordPress regularly is a must to keep your website secure, as with every update, developers make changes, often adding updates to the security features. Also, updating to the latest version of WordPress will protect you from being a target for any pre-identified discrepancies that hackers could use to get access to your website.
Speed is a crucial factor for the success of a website as it influences the bounce rate, conversions, search rankings and much more. Even mere seconds can make a big difference.
Lowering your website’s loading time helps a great deal in improving the user experience of your visitors. It also improves the ranking of your website in the SERPs.
The goal is always to create a high-quality website that serves visitors in the best way possible. Besides, reduced bandwidth usage of your hosting and faster website-loading speed on the client-side will benefit you both in the short as well as in the long run.