Top Plugins to Optimize and Secure WordPress

Speed Up and Secure

  1. WordFence
    Enable firewall, periodic scans, failed login block, secure passwords.
  2. WP Super Cache
    Speed up delivery of static content and pages: configure it for visitors to prevent overload by bots/crawlers.
  3. Use Google Libraries
    Load JS from CDN. Reduce load.
  4. WPS Hide Login
    Protect from brute login.
  5. Robots.txt File
    Edit the robots.txt file.
  6. Really Simple SSL
    Redirects pages to HTTPS (SSL required).
  7. Easy WP SMTP
    Use an account to send emails with necessary verifications to reduce spam filtering and lost emails.

Troubleshooting Tools

  1. P3 Plugin Performance Profiler
  2. Server IP & Memory Usage Display

Configuration

  • robots.txt

    User-agent: *
    Crawl-delay: 90
    Disallow: /wp-admin/
    Disallow: /wp-includes/
    Disallow: /streams/
    Disallow: /wp-login.php
    Disallow: /wp*

    User-agent: MJ12bot
    Disallow: /

Change php directives with suPHP

You need to create 2 files in public_html of website where suPHP is enabled. A .htaccess specifying path to php.ini configuration and a php.ini with directives.
You can change php settings and load extensions from a central php.ini for all site folders.

 

Example for account “account-name”. Make sure you update that in .htaccess content:

.htaccess

suPHP_ConfigPath /home/[account-name]/public_html

 

php.ini

register_globals = Off
extension=pdo.so

extension=pdo_sqlite.so
extension=sqlite.so
extension=pdo_mysql.so
extension=geoip.so