How to safely install and configure WordPress
Transcription
How to safely install and configure WordPress
How to safely install and configure WordPress Version 2 (updated for WordPress 3.9) Leonie Winson - Line and Form Web: Twitter: Email: www.lineandform.co.uk https://twitter.com/leoniejane [email protected] © 2014 Line and Form 2 Contents Introduction ...................................................................................................................................... 5 Installing WordPress from your Web Hosting control panel ............................................................. 6 To login to your new installation ...................................................................................................... 8 Switching between website and dashboard ..................................................................................... 9 Now configure the WordPress Settings .......................................................................................... 10 Settings > General ....................................................................................................................... 10 Settings > Reading ....................................................................................................................... 10 Settings > Discussion ................................................................................................................... 11 Settings > Permalinks .................................................................................................................. 11 Installing Your Theme ..................................................................................................................... 12 Choosing a theme ........................................................................................................................... 13 Good Theme developers ............................................................................................................. 13 Installing WordPress Plugins ....................................................................................................... 14 To install a new Plugin go to: .......................................................................................................... 14 Recommended WordPress Plugins ................................................................................................. 15 Improve the standard text widget .............................................................................................. 15 Improve search ........................................................................................................................... 15 Security and Spam ...................................................................................................................... 15 Create More Sophisticated Layouts ............................................................................................ 16 Backup your website ................................................................................................................... 17 Make WordPress run faster ........................................................................................................ 17 Search Engine Optimisation ........................................................................................................ 18 Add Forms ................................................................................................................................... 18 Any further questions? ................................................................................................................... 19 Want to know more about WordPress ........................................................................................... 19 © 2014 Line and Form 3 © 2014 Line and Form 4 Introduction This guide is aimed at those going for a DIY install of WordPress. I will go over some basic safety tips and some recommendations for the best themes and plugins. I won’t cover all of the installation steps, as most web hosts now offer a one click install for WordPress, but I will give you some basic tips to stop you making the most common mistakes. The majority of the guide is about configuring WordPress, installing themes and choosing plugins safely. I include my list of recommended plugins at the end. If you want to manually install WordPress you can look at the very good installation notes provided by in the WordPress Codex: http://codex.wordpress.org/Installing_WordPress Or check out the guide by Siteground.com: http://www.siteground.com/tutorials/wordpress/wordpress-installation.htm) Top Tip: Look out for the Leonie Jane cartoons. These are inserted next to Top Tips. I highlight little features of WordPress that are extra useful or often missed. © 2014 Line and Form 5 Installing WordPress from your Web Hosting control panel The easiest way to get WordPress up and running is to use a one click install solution if it is provided by your web hosting. 1. In Heart Internet, the hosting I recommend to all my clients, you can log in to your eXtend control panel to do this. Scroll down to the ‘CGI scripts’ area and double click on the WordPress logo. Simply choose the directory you want to place all the files and click ‘Install now’. Follow the on screen instructions to finish the set up. Different hosting companies label their quick install differently but here are some examples of where to look. If your hosting uses cPanel scroll down to Software and services and look for the QuickInstall, Softaculous, or Site Software icon, depending on your hosting companies setup. You will often find WordPress under Blog Software. 2. Click on the WordPress icon and follow the online instructions © 2014 Line and Form 6 3. You will come to the Welcome screen for the famous ‘5 minute WordPress install’. See the screenshot below for a basic overview of how to fill it in. © 2014 Line and Form 7 To login to your new installation To login to the admin for your website go to: http://www.your-domain.co.uk/wp-admin/ Replace www.your-domain.co.uk with the domain name for your website. © 2014 Line and Form 8 Switching between website and dashboard When logged in you can switch between dashboard and website by hovering over the site name in the toolbar. Top tip: If you lose your dashboard toolbar, when switching between website and dashboard, as if you have been logged out, just refresh the page. Sometimes the browser can mess with the cache and cookie of your website that lets WordPress know you are logged in. Refresh and the dashboard often just reappears. © 2014 Line and Form 9 Now configure the WordPress Settings Start at the Settings menu where you will configure most of your basic settings to control how your website works and functions. I recommend checking all settings are correct, but I will highlight the main things to check in the following section. Settings > General “Anyone can register” should be unchecked. This settings prevents open registration via the backend /wp-login/ Change Blog Title & Tag Line Your blog is unique and you might want to give it a nice title and tag line Setup your Timezone, Date & Time Format setup the timezone for your country and change the date & time format that suits you best. Settings > Reading By default WordPress will display the latest posts on the home page, however you can also show a static page instead. Change the number of posts that should be displayed on each page of your blog and the number of posts that should be shown when someone subscribes to your RSS feed. You can also decide whether to show full or partial content in feeds, I suggest you keep it as full content. © 2014 Line and Form 10 Settings > Discussion Decide here if you want people to be able to comment on pages and posts by default. Settings > Permalinks Set how your web addresses will be formed. Anything other than default (i.e. yoursite.com/?p=123) so that your addresses are built with keywords, from your titles and categories, making them more usable and search engine friendly. © 2014 Line and Form 11 Installing Your Theme WordPress comes with some basic themes but in most cases you will want to choose a different theme to make your website look a little unique from those using the default ones. Installing a free theme You can search for a theme from within WordPress itself by going to Appearance > Themes > and clicking on the Add New Button. To install one you only need to hover over the thumbnail of your chosen theme and click install. However, this may not be the best approach for a secure and effective website in the long term. Installing a Premium Theme Most commercial or premium themes come in a zip folder ready for you to install. Use the Upload Theme button on the Add Theme screen. Top Tip: I recommend doing some research first. One of the biggest mistakes you can make is bog your install with too many themes that you decide not to use. Even an inactive theme can be a security risk. © 2014 Line and Form 12 Choosing a theme A theme is the design and layout of your WordPress site. A good theme will be flexible enough for you to insert logos and change colour schemes to reflect your brand. It will also be built with security in mind. You can download new themes from directly inside the dashboard of your WordPress site. Always click on the ‘details’ link before installing a new theme to check out its credibility and compatibility with your site. There are a lot of free themes of varying quality. 1. Check how many people have downloaded it. 2. Are there any good reviews? 3. Be aware that a distinctive free theme maybe used on a lot of other sites. 4. If you decide to go for a commercial theme do some research on the designer. 5. You need a theme that is regularly updated. 6. Check the theme is designed for your version of WordPress. 7. Ensure your theme is flexible enough to accept Plug-ins. 8. If possible visit the designer’s home page and to do some research. Good Theme developers WooThemes woothemes.com – good for ecommerce Elegant Themes elegantthemes.com – stylish and classic Studiopress/Genesis studiopress.com More a framework than just a theme but lots of functionality ThemeForest themeforest.net - a shop rather than a single developer, so use with a little more caution, but still a great resource for themes. © 2014 Line and Form 13 Installing WordPress Plugins Plug-ins are extensions to the functionality of WordPress. They can range from inserting code for Google analytics, linking to your social media accounts or even a shopping cart to turn your site into a fully functional on-line shop. There are a lot of free and commercial themes. Do your research Make sure the plug-in you are going to install is created by a reputable developer. How many times has it been downloaded? Are there any favourable reviews? Is it supported by your current version of WordPress? Is it still being supported and upgraded regularly? Visit the developer’s home page. To install a new Plugin go to: Plugins > Add new . © 2014 Line and Form 14 Recommended WordPress Plugins Depending on the functionality of your website there is probably a plugin out there to do everything you want. Here are my recommendations ordered under their main functions for your website. Improve the standard text widget Enhanced Text Widget The test widget that comes with WordPress is very useful, however it can only be used for text and HTML. The Enhanced Text Widget allows you to use additional languages such as CSS, JavaScript, Flash, and PHP. It even allows you to use WordPress shortcodes. http://wordpress.org/plugins/enhanced-text-widget/ Improve search Relevanssi One weakness for WordPress has always been its search functionality. Relevancssi goes quite someway to fill the gap with improved indexing and keyword highlighting. http://wordpress.org/plugins/relevanssi/ Security and Spam Akismet Akismet comes packaged with every single version of WordPress. It is not a full proof solution for combatting spam, however it will block the majority of spam that your website attracts. If you are using it for a commercial website you will have to pay for a yearly licence, https://wordpress.org/plugins/akismet/ Antispam Bee If you are looking for a free alternative to Akismet this is worth a try. Don’t be put off by the German summary the plugin itself can be installed in English. https://wordpress.org/plugins/antispam-bee/ © 2014 Line and Form 15 Login LockDown Accessing your admin area by guessing your administrator username and password remains a popular way for hackers to infiltrate your website. One way to discourage unauthorized users from logging into your website is Login LockDown. Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. https://wordpress.org/plugins/login-lockdown/ Limit Login Attempts Limit the number of login attempts possible both through normal login as well as using auth cookies. https://wordpress.org/plugins/limit-login-attempts/ Bad Behavior Deny automated spambots access to your PHP-based Web site . https://wordpress.org/plugins/bad-behavior/ Create More Sophisticated Layouts Page Builder by SiteOrigin A drag and drop, responsive page builder that simplifies building your website. http://wordpress.org/plugins/siteorigin-panels/ © 2014 Line and Form 16 Backup your website BackupBuddy Developed by iThemes, BackUpBuddy is a premium backup plugin that allows you to back up to Amazon, Dropbox, Rackspace, FTP, and more. Backups and restores are straight forward. The plugin costs a one off fee of $80 for two websites, $100 for ten websites, or $150 for unlimited websites. BackWPup Free - WordPress Backup Plugin A feature rich free back-up plugin will save back-ups on external Back-up services like Dropbox, S3, FTP and many more. https://wordpress.org/plugins/backwpup/ Make WordPress run faster W3 Total Cache or WP Super Cache Installing a cache plugin will make a big difference to the speed of your website. The two most popular cache plugins for WordPress are W3 Total Cache and WP Super Cache. They allow you to create static HTML copies of your pages that are displayed to visitors, which drastically reduces the time it takes to load a page. I personally find W3 Total Cache easier to configure and install. http://wordpress.org/extend/plugins/w3-total-cache/ http://wordpress.org/extend/plugins/wp-super-cache/ WP Smush.It WP Smush.It utilizes Yahoo’s Smush.it API to optimize your images in a number of ways. It will strip meta data from JPEG images, optimize JPEG compression, convert some GIF images to PNGs, and remove unused colours from indexed images. In other words it will help to make your website load faster by making you images file size smaller. http://wordpress.org/plugins/wp-smushit/ © 2014 Line and Form 17 Search Engine Optimisation WordPress SEO by Yoast or All In One SEO Pack Both WordPress SEO by Yoast and All In One SEO Pack will improve your website’s search engine presence. I personally use Yoast but have heard some good things about All in One SEO Pack as well. https://wordpress.org/plugins/wordpress-seo/ https://wordpress.org/plugins/all-in-one-seo-pack/ Add Forms Contact Form 7 or Gravity Forms Two of the best plugin solutions available for adding a contact form to your website. They have advanced features such as file uploads, ecommerce integration, and spam protection. Contact Form 7 is free while Gravity Forms is a premium plugin, so for some that may be the deciding factor. https://wordpress.org/plugins/contact-form-7/ http://www.gravityforms.com/ © 2014 Line and Form 18 Any further questions? Get in touch! Leonie Winson Line and Form Web: www.lineandform.co.uk Twitter:@leoniejane or https://twitter.com/leoniejane Email: [email protected] Want to know more about WordPress For more information about WordPress, the content management system your site is built in, you can also visit. http://codex.wordpress.org/WordPress_Lessons and of course keep an eye on the Line and Form blog! http://www.lineandform.co.uk/blog/ © 2014 Line and Form 19