How to safely install and configure WordPress

Transcription

How to safely install and configure WordPress
How to safely install and configure
WordPress
Version 2 (updated for WordPress 3.9)
Leonie Winson - Line and Form
Web:
Twitter:
Email:
www.lineandform.co.uk
https://twitter.com/leoniejane
[email protected]
© 2014 Line and Form
2
Contents
Introduction ...................................................................................................................................... 5
Installing WordPress from your Web Hosting control panel ............................................................. 6
To login to your new installation ...................................................................................................... 8
Switching between website and dashboard ..................................................................................... 9
Now configure the WordPress Settings .......................................................................................... 10
Settings > General ....................................................................................................................... 10
Settings > Reading ....................................................................................................................... 10
Settings > Discussion ................................................................................................................... 11
Settings > Permalinks .................................................................................................................. 11
Installing Your Theme ..................................................................................................................... 12
Choosing a theme ........................................................................................................................... 13
Good Theme developers ............................................................................................................. 13
Installing WordPress Plugins ....................................................................................................... 14
To install a new Plugin go to: .......................................................................................................... 14
Recommended WordPress Plugins ................................................................................................. 15
Improve the standard text widget .............................................................................................. 15
Improve search ........................................................................................................................... 15
Security and Spam ...................................................................................................................... 15
Create More Sophisticated Layouts ............................................................................................ 16
Backup your website ................................................................................................................... 17
Make WordPress run faster ........................................................................................................ 17
Search Engine Optimisation ........................................................................................................ 18
Add Forms ................................................................................................................................... 18
Any further questions? ................................................................................................................... 19
Want to know more about WordPress ........................................................................................... 19
© 2014 Line and Form
3
© 2014 Line and Form
4
Introduction
This guide is aimed at those going for a DIY install of WordPress. I will go over some basic safety tips
and some recommendations for the best themes and plugins.
I won’t cover all of the installation steps, as most web hosts now offer a one click install for
WordPress, but I will give you some basic tips to stop you making the most common mistakes. The
majority of the guide is about configuring WordPress, installing themes and choosing plugins
safely. I include my list of recommended plugins at the end.
If you want to manually install WordPress you can look at the very good installation notes provided
by in the WordPress Codex:
http://codex.wordpress.org/Installing_WordPress
Or check out the guide by Siteground.com:
http://www.siteground.com/tutorials/wordpress/wordpress-installation.htm)
Top Tip: Look out for the Leonie Jane cartoons. These are inserted next to Top Tips. I highlight
little features of WordPress that are extra useful or often missed.
© 2014 Line and Form
5
Installing WordPress from your Web
Hosting control panel
The easiest way to get WordPress up and running is to use a one click install solution if it is provided
by your web hosting.
1. In Heart Internet, the hosting I recommend to all my clients, you can log in to your eXtend
control panel to do this.
Scroll down to the ‘CGI scripts’ area and double click on the WordPress logo. Simply choose
the directory you want to place all the files and click ‘Install now’. Follow the on screen
instructions to finish the set up.
Different hosting companies label their quick install differently but here are some examples
of where to look.
If your hosting uses cPanel scroll down to Software and services and look for the
QuickInstall, Softaculous, or Site Software icon, depending on your hosting companies setup.
You will often find WordPress under Blog Software.
2. Click on the WordPress icon and follow the online instructions
© 2014 Line and Form
6
3. You will come to the Welcome screen for the famous ‘5 minute WordPress install’. See the
screenshot below for a basic overview of how to fill it in.
© 2014 Line and Form
7
To login to your new installation
To login to the admin for your website go to:
http://www.your-domain.co.uk/wp-admin/
Replace www.your-domain.co.uk with the
domain name for your website.
© 2014 Line and Form
8
Switching between website and dashboard
When logged in you can switch between dashboard and website by hovering over the site name in
the toolbar.
Top tip:
If you lose your dashboard toolbar, when switching between website and dashboard, as
if you have been logged out, just refresh the page. Sometimes the browser can mess with
the cache and cookie of your website that lets WordPress know you are logged in.
Refresh and the dashboard often just reappears.
© 2014 Line and Form
9
Now configure the WordPress Settings
Start at the Settings menu where you will configure most of your
basic settings to control how your website works and functions.
I recommend checking all settings are correct, but I will highlight the main
things to check in the following section.
Settings > General

“Anyone can register” should be unchecked.
This settings prevents open registration via the backend /wp-login/

Change Blog Title & Tag Line
Your blog is unique and you might want to give it a nice title and tag line

Setup your Timezone, Date & Time Format
setup the timezone for your country and change the date & time format that suits you
best.
Settings > Reading

By default WordPress will display the latest posts on the home page, however you can
also show a static page instead.

Change the number of posts that should be displayed on each page of your blog and
the number of posts that should be shown when someone subscribes to your RSS
feed.

You can also decide whether to show full or partial content in feeds, I suggest you
keep it as full content.
© 2014 Line and Form
10
Settings > Discussion

Decide here if you want people to be able to comment on pages and posts by default.
Settings > Permalinks

Set how your web addresses will be formed.
Anything other than default (i.e. yoursite.com/?p=123) so that your addresses are built with
keywords, from your titles and categories, making them more usable and search engine
friendly.
© 2014 Line and Form
11
Installing Your Theme
WordPress comes with some basic themes but in most cases you will want to choose a
different theme to make your website look a little unique from those using the default ones.
Installing a free theme
You can search for a theme from within WordPress itself by going to
Appearance > Themes > and clicking on the Add New Button.
To install one you only need to hover over the thumbnail of your chosen theme and click
install. However, this may not be the best approach for a secure and effective website in the
long term.
Installing a Premium Theme
Most commercial or premium themes come in a zip folder ready for you to install. Use the
Upload Theme button on the Add Theme screen.
Top Tip: I recommend doing some research first. One of the biggest mistakes
you can make is bog your install with too many themes that you decide not to use.
Even an inactive theme can be a security risk.
© 2014 Line and Form
12
Choosing a theme
A theme is the design and layout of your WordPress site. A good theme will be
flexible enough for you to insert logos and change colour schemes to reflect your
brand. It will also be built with security in mind. You can download new themes
from directly inside the dashboard of your WordPress site. Always click on the
‘details’ link before installing a new theme to check out its credibility and
compatibility with your site. There are a lot of free themes of varying quality.
1.
Check how many people have downloaded it.
2.
Are there any good reviews?
3.
Be aware that a distinctive free theme maybe used on a lot of other sites.
4.
If you decide to go for a commercial theme do some research on the designer.
5.
You need a theme that is regularly updated.
6.
Check the theme is designed for your version of WordPress.
7.
Ensure your theme is flexible enough to accept Plug-ins.
8.
If possible visit the designer’s home page and to do some research.
Good Theme developers

WooThemes woothemes.com – good for ecommerce

Elegant Themes elegantthemes.com – stylish and classic

Studiopress/Genesis studiopress.com More a framework than just a theme but lots of
functionality

ThemeForest themeforest.net - a shop rather than a single developer, so use with a
little more caution, but still a great resource for themes.
© 2014 Line and Form
13
Installing WordPress Plugins
Plug-ins are extensions to the functionality of WordPress. They can range from inserting code
for Google analytics, linking to your social media accounts or even a shopping cart to turn
your site into a fully functional on-line shop. There are a lot of free and commercial themes.
Do your research






Make sure the plug-in you are going to install is created by a reputable developer.
How many times has it been downloaded?
Are there any favourable reviews?
Is it supported by your current version of WordPress?
Is it still being supported and upgraded regularly?
Visit the developer’s home page.
To install a new Plugin go to:
Plugins > Add new
.
© 2014 Line and Form
14
Recommended WordPress Plugins
Depending on the functionality of your website there is probably a plugin out there to do everything
you want. Here are my recommendations ordered under their main functions for your website.
Improve the standard text widget
Enhanced Text Widget
The test widget that comes with WordPress is very useful, however it can only be used for
text and HTML. The Enhanced Text Widget allows you to use additional languages such as
CSS, JavaScript, Flash, and PHP. It even allows you to use WordPress shortcodes.
http://wordpress.org/plugins/enhanced-text-widget/
Improve search
Relevanssi
One weakness for WordPress has always been its search functionality. Relevancssi goes
quite someway to fill the gap with improved indexing and keyword highlighting.
http://wordpress.org/plugins/relevanssi/
Security and Spam
Akismet
Akismet comes packaged with every single version of WordPress. It is not a full proof
solution for combatting spam, however it will block the majority of spam that your website
attracts. If you are using it for a commercial website you will have to pay for a yearly
licence,
https://wordpress.org/plugins/akismet/
Antispam Bee
If you are looking for a free alternative to Akismet this is worth a try. Don’t be put off by
the German summary the plugin itself can be installed in English.
https://wordpress.org/plugins/antispam-bee/
© 2014 Line and Form
15
Login LockDown
Accessing your admin area by guessing your administrator username and password remains a
popular way for hackers to infiltrate your website. One way to discourage unauthorized users
from logging into your website is Login LockDown.
Login LockDown records the IP address and timestamp of every failed login attempt. If more
than a certain number of attempts are detected within a short period of time from the same IP
range, then the login function is disabled for all requests from that range.
https://wordpress.org/plugins/login-lockdown/
Limit Login Attempts
Limit the number of login attempts possible both through normal login as well as using auth
cookies.
https://wordpress.org/plugins/limit-login-attempts/
Bad Behavior
Deny automated spambots access to your PHP-based Web site
.
https://wordpress.org/plugins/bad-behavior/
Create More Sophisticated Layouts
Page Builder by SiteOrigin
A drag and drop, responsive page builder that simplifies building your website.
http://wordpress.org/plugins/siteorigin-panels/
© 2014 Line and Form
16
Backup your website
BackupBuddy
Developed by iThemes, BackUpBuddy is a premium backup plugin that allows you to back
up to Amazon, Dropbox, Rackspace, FTP, and more. Backups and restores are straight
forward. The plugin costs a one off fee of $80 for two websites, $100 for ten websites, or
$150 for unlimited websites.
BackWPup Free - WordPress Backup Plugin
A feature rich free back-up plugin will save back-ups on external Back-up services like
Dropbox, S3, FTP and many more.
https://wordpress.org/plugins/backwpup/
Make WordPress run faster
W3 Total Cache or WP Super Cache
Installing a cache plugin will make a big difference to the speed of your website. The two
most popular cache plugins for WordPress are W3 Total Cache and WP Super Cache. They
allow you to create static HTML copies of your pages that are displayed to visitors, which
drastically reduces the time it takes to load a page. I personally find W3 Total Cache easier
to configure and install.
http://wordpress.org/extend/plugins/w3-total-cache/
http://wordpress.org/extend/plugins/wp-super-cache/
WP Smush.It
WP Smush.It utilizes Yahoo’s Smush.it API to optimize your images in a number of ways. It
will strip meta data from JPEG images, optimize JPEG compression, convert some GIF
images to PNGs, and remove unused colours from indexed images.
In other words it will help to make your website load faster by making you images file size
smaller.
http://wordpress.org/plugins/wp-smushit/
© 2014 Line and Form
17
Search Engine Optimisation
WordPress SEO by Yoast or All In One SEO Pack
Both WordPress SEO by Yoast and All In One SEO Pack will improve your website’s search
engine presence. I personally use Yoast but have heard some good things about All in One
SEO Pack as well.
https://wordpress.org/plugins/wordpress-seo/
https://wordpress.org/plugins/all-in-one-seo-pack/
Add Forms
Contact Form 7 or Gravity Forms
Two of the best plugin solutions available for adding a contact form to your website. They
have advanced features such as file uploads, ecommerce integration, and spam protection.
Contact Form 7 is free while Gravity Forms is a premium plugin, so for some that may be the
deciding factor.
https://wordpress.org/plugins/contact-form-7/
http://www.gravityforms.com/
© 2014 Line and Form
18
Any further questions?
Get in touch!
Leonie Winson
Line and Form
Web: www.lineandform.co.uk
Twitter:@leoniejane or https://twitter.com/leoniejane
Email: [email protected]
Want to know more about WordPress
For more information about WordPress, the content management
system your site is built in, you can also visit.
http://codex.wordpress.org/WordPress_Lessons
and of course keep an eye on the Line and Form blog!
http://www.lineandform.co.uk/blog/
© 2014 Line and Form
19