Social Networking

Users of social networks like Facebook and Twitter are very curious and love to click links making them sources for driving huge amounts of traffic. There are several plugins available for adding Facebook links to your blog posts automatically. One of the most downloaded and, in our opinion, better plugins is Add To Facebook. Twitter traffic is even more powerful. Two plugins that we recommend are TwitThis and TweetMeme.

Social Bookmarking

Allowing your users to easily add bookmarks to sites like StumbleUpon and del.icio.us can also be helpful in building traffic to your site. The well recognized king in this area is the Sociable plugin.

What We Use

Instead of cluttering the page with several plugins linking to all of these services we use ShareThis. You can customize the feel a little bit and it allows both Facebook and Twitter posting as well as social bookmarking.

HeadSpace2

The most important on page factor in SEO today appears to be your title tag. HeadSpace2 allows you to easily control the layout of all title tags on your WordPress blog. Along with title tag management you can control all of your description tags which, while not very important in SEO, can be very important in attracting people to click your site in the SERPs.

Redirection

What happens when you change a post’s URL? Do you know when your visitors are getting 404 errors? With Redirection you get everything you need to easily redirect posts and log any 404 errors.

Meta Robots

Until Meta Robots there hasn’t been an easy way to keep WordPress from allowing the indexing of certain pages on your blog. Now you can easily prevent the indexing of any pages/posts on your blog.

SEO Slugs

Including works like “in” and “the” in your post slugs doesn’t really do your SEO any good. SEO Slugs automatically removes all of these types of words from your slugs.

To install WP Google Analytics you just need to download the .zip file from the plugins directory, go to your WordPress admin dashboard and navigate to Plugins > New > Upload. Upload the .zip file and activate the plugin. You can then change the settings and insert your tracking code.

1. Change your admin username.
2. Use a hard to guess password.
3. Install Login LockDown

Changing your admin username

To do this you will need to login to cPanel and go to phpMyAdmin. Select your WordPress database and browse the wp_users table. Edit the first entry which should have the username “admin” and change the value to something else.

Use a hard to guess password

Your password should be at least 8 characters with a mix or upper case letters, lower case letters, numbers and special characters. If you would like a secure password generator you can find one here.

Install Login LockDown

Login LockDown allows you to set a threshold for failed login attempts before a user is blocked. From their WordPress plugin directory description:

Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.

Installing Login LockDown is just like any other plugin. Download the .zip file from the plugin directory. Go to your WordPress admin dashboard and navigate to Plugins > New > Upload. Upload the zip file and activate the plugin. You can the setup your rules.

Right now WP Security Scan covers:

-passwords
-file permissions
-database security
-version hiding
-WordPress admin protection/security

Future releases will also address:

*one-click change file/folder permissions
*test for XSS vulnerabilities
*intrusion detection/prevention
*lock out/log incorrect login attempts
*user enumeration protection
*.htaccess verification
*doc links

The Problem

If you get far enough in the upgrade process that the archive has been downloaded from WordPress and extracted and then hit an error (like bad permissions) WordPress is supposed to delete the new files. Instead it appears that it deletes all the files rendering your blog unusable.

Should BuyHTTP Customers Worry?

Thanks to our fully managed ownership/permissions system you should not run into this issue. Upgrading our blog using the automated tool could not have been easier. If you do run into this issue, thanks to BuyHTTP Data Vault you can restore all of your files in a matter of a few minutes and be back up and running. Then you can run a manual upgrade.

Follow this bug: Trac ticket # 10140

Found via WPEngineer.

Caching

There are two fairly prominent caching systems for WordPress: WP-Cache2 and WP Super Cache.

WP-Cache2 is often the first caching system you should try. It doesn’t require that you use the permalinks system, although you can if you want to and you don’t need to edit any files.

WP Super Cache does require the use of permalinks and you may need to make some manual file edits, but since it’s caching is more advanced it completely relieves the use of PHP to generate your page so it will get the site running faster than WP-Cache2 can.

WP-Cache2

WP Super Cache

File Requests

Perhaps even more than PHP processing, additional page requests can really slow your site down. PHP Speedy WordPress addresses this problem by turning all of your separate .js file downloads into one file. The developer has a screenshot showing the before speed at 8.41 seconds and the after at 687ms. That’s a pretty impressive improvement.

PHP Speedy WordPress

Get the newest version here.

With the installation of just a couple extensions you can vastly speed up your WordPress site.