Improving WordPress Site Speed

(originally posted on Bring Your Own Design)

Most of us don’t need to serve up millions (or even hundreds) of pageviews a day, but, eventually you’ll run into a situation where your site is running slow. While the reasons for a slow-loading site are countless, there are a few things you can do to help increase your WordPress site speed.

Hosting

It’s easy to get tempted by cheap hosting. You can even find free WordPress hosting if you look hard enough! But, the old adage of “you get what you pay for” definitely applies to the web hosting world. Cheap hosts tend to overcrowd their servers, and one badly-behaving site can take down multiple others! For mission-critical sites, we recommend using a managed hosting provider like WPEngine or Synthesis (if you’re on StudioPress Genesis). If you’re handy with a command line, a managed VPS like A Small Orange offers is probably your best bet.

Content Delivery Networks (CDNs)

If you have a lot of images or other media, a CDN is the way to go. Content Delivery Networks are basically copies of your local files that exist in different locales for faster access around the world. For example, if you have a site that is popular in Europe, but your hosting is based in the US, it would make a lot of sense to use something like MaxCDN or Amazon Cloudfront to cache files on one of their locations in Europe for quick access from that part of the world.

While speed is the ultimate payoff with CDNs, cost can be a beneficial factor as well. Most CDNs will allow you to store gigabytes of data for pennies, compared to the much higher prices of purchasing additional storage and bandwidth from your hosting provider.

To help you manage using a CDN with WordPress, we’d suggest W3 Total Cache. While it is a full-fledged optimization plugin, it can be used only for the CDN functionality (but you really should use the other stuff too!).

Minify, Static-fy

Minifying your static files will make an incremental improvement on site loading speed, but all those small improvements really can add up in the long run! HTML, CSS, and Javascript can all be minified, and you can even combine your CSS and Javascript files for even more improvements.

W3 Total Cache is our favorite for handling those tasks. Another thing that it does well is generate static files to serve up, instead of hitting the database on every single request. This method works best on sites with pages that don’t change much, but even busy blogs can benefit from it.

NGINX

Here’s where we get into the really heavy stuff. If you’ve outgrown managed hosting, and are running a VPS, you’ll definitely want to swap out Apache for NGINX. Many of the biggest and most popular WordPress-based sites run on it (because it’s simply just faster than Apache for WordPress). Another huge advantage for WordPress site speed is being able to easily use APC and memcached on NGINX. With a VPS, you’re typically on your own to get these things running, but some VPS hosts offer configurations like this as an option or a paid service. Either way, it’s well worth it to squeeze the extra speed out of your installation.

Plugins (or rather, getting rid of them)

Many people make the big mistake of overdoing plugins. Even for the simplest task, a plugin has to make a database call, which slows loading of the page. Simple things like social media buttons can be coded directly into the template to save resources. Offloading plugin functionality to the theme really does make a huge difference in speed.

Finally…

While this is by no means a comprehensive list of to-do items, it certainly will give you a solid set of ideas and tools to work with on making your WordPress site faster. Is there a trick or tip that you think should be included? If so, leave us a comment!

Share our post by clicking on your favorite social site below!

WordPress Theme Bloat: Premium Themes and Layout Builders

(originally posted on Bring Your Own Design)

Inspired by a thread on Reddit, let’s look at one of the main complaints about WordPress these days: bloated installations that run slow.

One of WordPress’s greatest strengths is the fact that anyone can purchase or download a premade theme and have a “custom” website up in a short span of time. It’s also one of the things that can cause the most headache for more experienced users. Many theme developers are obsessed with cramming as much functionality into a theme as possible in order to attract the greatest number of potential users. The byproduct of that is a theme that causes the site to load slowly, causes conflicts with plugins, or is simply difficult to arrange the content the way you want.

The vast majority of users who buy layout builder themes probably don’t actually need them. With custom-built WordPress themes, just about any layout can be accommodated through the use of widget areas and custom post types; both of which are built-in functions of WordPress. The will cut down on the number of running functions in the back end of the site, and speed up how quickly the site loads and increases the number of concurrent users it can serve.

Additionally, a custom WordPress theme can be geared towards serving exactly the sort of content that the site needs. Instead of forcing your content into a pre-built theme’s layout, a custom built theme can be laid out in a way that makes sense for the information you want to communicate to your users. Using the custom post type functions, you can configure custom “things” for displaying and managing on your site. Most pre-built themes don’t use custom post types, and the ones that do use them have a lot of added overhead with functions that make them possible to configure in a theme manager.

Finally, a growing reason many companies prefer custom built WordPress themes is for search engine optimization. Although many pre-built themes have SEO functions built in, they tend to be extremely basic, or even outdated. It’s also more difficult to add functionality to premium themes in regards to things like OpenGraph code, A/B testing, or heatmap tracking. Custom built themes give you the space to choose where and how you’d add these sorts of things, and it makes it easier to troubleshoot when it’s not working properly.

WordPress Security: 4 Easy Things You Can Do To Avoid Disaster

(originally posted on Bring Your Own Design)

WordPress SecurityIf you have a WordPress site, eventually you’ll become the target of a hacking attack. Whether it’s brute force, SQL injection, or something even more sinister, no one is safe. However, you don’t have to end up becoming a casualty as well. We’ve recovered more sites from attacks than we care to count, and more often than not, the initial intrusion was 100% preventable. It’s time to stop being lazy, and start being proactive about WordPress security! We’ve compiled a list of three things you need to do right now to help prevent becoming the next on the list of victims.

 

  1. Use strong passwords. Especially nowadays where the average person has anywhere from 7 to 30 online accounts, most people use the same passwords repeatedly, and they’re usually quite simple. This means if, by chance, one of your online accounts is compromised, it’s pretty easy for the rest to follow suit. There are a number of plugins available that will force strong passwords for your user accounts in WordPress, so take advantage of those. Also, don’t forget to change up the rest of your passwords often, and use smart self-policies when doing so.
  2. Invest in great hosting. It’s easy to get lured in by cheap hosting, but it’s truly a get-what-you-pay-for product. Proper WordPress hosting is going to be faster, easier to work with, and more secure, because it’s specifically tailored to run WordPress sites. The concessions that have to be made to run all types of software will be non-existent, and therefore, less chance of a security hole being exposed. We recommend managed WordPress hosting by companies like WPEngine and Synthesis.
  3. Use a firewall. You wouldn’t leave your vehicle unlocked and unattended on a busy city street, would you? Leaving your website up without an application-specific firewall is just as dangerous! Having a good firewall can prevent brute force login attacks, attempts to inject malicious code, and many other performance-degrading actions that hackers take to mess with your website. While the best firewall is always the one built into the server itself, you should also use a firewall plugin in WordPress to help catch the rest of the dirt. WordFence will help monitor and act on traffic in real-time, as well as scan your site on a schedule for unknown alterations and vulnerabilities that might have popped up. You can even go as far as blocking entire countries. Since many US-based sites don’t do business outside of the country, it could be beneficial to block incoming traffic from an entire country where a lot of hacking activity originates from.
  4. Backup, backup, backup! We’re consistently surprised how often we find sites that have no backup. When it comes to sites that have been hacked that we’ve repaired, the number is nearly 100%. Really, it’s not a surprising number at all; if you aren’t backing up regularly, you’re begging to get hacked. Many folks use BackupBuddy, but we prefer ManageWP. It has a ton of great features (like managed upgrades to WordPress and plugins, database cleaning, etc), and will let you back up to multiple sources like Amazon S3, Dropbox, and others.

It doesn’t matter whether or not you’re a WordPress developer, designer, or just a guy who has a blog. Anyone can do these four simple things. While the old saying of “if they really want it, they’ll find a way” holds some truth, these steps will put you well on your way to having bulletproof WordPress security for your site.

Responsive Design Is A No-Brainer For 2015

(originally posted on Bring Your Own Design)

If you ask most C-level executives, they assume because they can get to their company site from their tablet, that they’ve got a “mobile site”.

However, having a site that merely loads on a mobile device isn’t enough nowadays. Users expect a different, tailored experience when they visit a site from a mobile device. Tiny text and hard-to-activate menus are simply unacceptable byproducts of relying on desktop layouts to work on mobile.

Over 80% of the top 10,000 websites are still not using responsive design. With mobile usage now surpassing desktop usage, putting time and money into content creation, search optimization, and paid advertising can be a waste of resources when mobile users aren’t going to stick around when they don’t have a tailored experience.

Search results page showing sites with responsive design.
Notice the “mobile-friendly” tag on the mobile search engine results page.

Additionally, search results on Google now display whether or not your site is mobile-friendly or uses responsive design. Imagine if you’re looking for a nearby business while on your mobile phone, and of the two best results, only one shows that it’s a mobile site. The majority of users are going to click on the site that’s labeled as mobile-friendly first, and possibly skip the non-mobile site altogether!

Creating a mobile site is certainly an added cost when building a new website, or even just retrofitting your current site to use responsive design. But, the minor amount invested up front can translate to returns many times over if a customer can view a menu, find out if an item is in stock, or verify that you provide a service while they’re in the prime instant gratification mode and ready to pull the trigger.

For many situations, WordPress can be a great solution to solve the mobile site quandary. Themes can easily be made responsive without much (if any) affect on the back end of the site, and there are numerous options by the way of plugins for enhancing the mobile experience. Responsive menus, mobile-only content, localization, and many other functions are as simple as installing the appropriate plugin and configuring a few settings. There really is no excuse to have only a desktop site with WordPress!

Whether you decide to create a unique mobile experience for your users, or simply make your site take advantage of responsive design techniques, the payoff is pretty clear. Don’t turn away potential profits by turning your back on mobile users.