When I started North Texas Web Design over 8 years ago, I had several decisions to make. As my main focus was custom web designs, my first decision was whether to specialize in Windows asp versus UNIX php (I opted for Windows asp and have never regretted it or looked back!). And while I'm proud of the work and projects I created for clients over the years, I observed the evolution of WordPress websites from being just a simple blogging software to being a very robust CMS (Content Management Software).
When I was repeatedly being asked to deliver responsive and mobile website, I decided it was time to add to my portfolio. In doing so, I played around with Joomla and Drupal, but I have to admit that was very disappointed in both as a CMS, so in early 2012, I began my venture into WordPress. I can honestly say that I quickly fell in love with WordPress – for lots of reasons.
From my perspective, WordPress is far better for most CMS applications than Joomla or Drupal, but more importantly, it's getting even better as more and more professional templates and plugins become available. But I'm straying from what I really wanted to share as I ventured into WordPress 2+ years ago.
My first few WordPress sites caused significant learning issues, primarily from the perspective of security. In other words, how was I supposed to keep WordPress sites (and database) from being compromised by Malware and/or viruses. As you might guess with my reference to a "learning curve", I had a bunch of issues before I was able to get everything under control.
I've found two key principles to securing WordPress websites, including proper server permissions as well as which WordPress plugins do the best job.
Regarding server permissions, if you're not careful, you're permissions will prohibit you or your client from making plugin updates because your permissions are set to tightly. However, if you set your permissions too weak, then you expose your domain and server and the MySQL database to unwanted viruses and SQL injection issues. It's imperative that you investigate and set permissions appropriate to prevent issues like SQL injections while at the same time allowing updates of plugins.
Now, regarding plugins, I've found a number of WordPress plugins that I really like. They all do a superb job and have done so for long enough that I'm comfortable in listing the plugins I use just about on every website.
Listed below are the WordPress Plugins I use on every website:
Antivirus – this is a very easy and intuitive plugin that protects your WordPress website from exploits malware and spam injections. I typically install and run this plugin immediately after I activate a theme.
Anti-Malware (Get Off Malicious Scripts) – this is a wonderful plugin that searches for Malware and other virus threats and vulnerabilities on your server, and can help you remove them.
Login Security Solution – this plugin is a MUST, as it guards against brute force attacks by tracking IP, name and passwords attempting to log into your Dashboard – and can shut down login privileges if/when brute force attacks occur.
Contact Form 7 – the ONLY contact plugin I use, even if the template comes with a built in email feature.
Really Simple CAPTCHA – works perfectly with Contact Form 7 and helps prevent unwanted emails from spider/bots.
Disable Comments – this is another wonderful plugin! As I build websites as opposed to BLOGS, my clients seldom if ever want to be bothered with comments. This plugin solves this issue beautifully.
BackUpWordPress – this is a simple, yet easy and effective way of backing up your WordPress database nightly – and it works great!
WordPress SEO by Yoast – this is the ONLY SEO plugin I use. It works GREAT and is constantly being improved.
WP Mail SMTP - This plugin reconfigures the wp_mail() function to use SMTP instead of mail() and creates an options page that allows you to specify various options. This plugin is essential if you host your WordPress website on a Windows server.
Caching Plugins –so important for WordPress websites. For this feature, I'm listing three plugins that I use. Why am I listing three plugins? I've found that depending on the template, not all caching plugins are compatible with all WordPress themes.
There are thousands of web designers that use WordPress to create really professional and beautiful websites, and no doubt they all have their list of favorite plugins. The plugins I've listed above work for me, so much so that I often don't look at other plugins that provide the same features. I hope you find the information I've shared in this article helpful. If you have any questions, please reach out to me at www.northtexaswebdesign.com.
When I was repeatedly being asked to deliver responsive and mobile website, I decided it was time to add to my portfolio. In doing so, I played around with Joomla and Drupal, but I have to admit that was very disappointed in both as a CMS, so in early 2012, I began my venture into WordPress. I can honestly say that I quickly fell in love with WordPress – for lots of reasons.
From my perspective, WordPress is far better for most CMS applications than Joomla or Drupal, but more importantly, it's getting even better as more and more professional templates and plugins become available. But I'm straying from what I really wanted to share as I ventured into WordPress 2+ years ago.
My first few WordPress sites caused significant learning issues, primarily from the perspective of security. In other words, how was I supposed to keep WordPress sites (and database) from being compromised by Malware and/or viruses. As you might guess with my reference to a "learning curve", I had a bunch of issues before I was able to get everything under control.
I've found two key principles to securing WordPress websites, including proper server permissions as well as which WordPress plugins do the best job.
Regarding server permissions, if you're not careful, you're permissions will prohibit you or your client from making plugin updates because your permissions are set to tightly. However, if you set your permissions too weak, then you expose your domain and server and the MySQL database to unwanted viruses and SQL injection issues. It's imperative that you investigate and set permissions appropriate to prevent issues like SQL injections while at the same time allowing updates of plugins.
Now, regarding plugins, I've found a number of WordPress plugins that I really like. They all do a superb job and have done so for long enough that I'm comfortable in listing the plugins I use just about on every website.
Listed below are the WordPress Plugins I use on every website:
Antivirus – this is a very easy and intuitive plugin that protects your WordPress website from exploits malware and spam injections. I typically install and run this plugin immediately after I activate a theme.
Anti-Malware (Get Off Malicious Scripts) – this is a wonderful plugin that searches for Malware and other virus threats and vulnerabilities on your server, and can help you remove them.
Login Security Solution – this plugin is a MUST, as it guards against brute force attacks by tracking IP, name and passwords attempting to log into your Dashboard – and can shut down login privileges if/when brute force attacks occur.
Contact Form 7 – the ONLY contact plugin I use, even if the template comes with a built in email feature.
Really Simple CAPTCHA – works perfectly with Contact Form 7 and helps prevent unwanted emails from spider/bots.
Disable Comments – this is another wonderful plugin! As I build websites as opposed to BLOGS, my clients seldom if ever want to be bothered with comments. This plugin solves this issue beautifully.
BackUpWordPress – this is a simple, yet easy and effective way of backing up your WordPress database nightly – and it works great!
WordPress SEO by Yoast – this is the ONLY SEO plugin I use. It works GREAT and is constantly being improved.
WP Mail SMTP - This plugin reconfigures the wp_mail() function to use SMTP instead of mail() and creates an options page that allows you to specify various options. This plugin is essential if you host your WordPress website on a Windows server.
Caching Plugins –so important for WordPress websites. For this feature, I'm listing three plugins that I use. Why am I listing three plugins? I've found that depending on the template, not all caching plugins are compatible with all WordPress themes.
- W3 Total Caching – a great caching plugin, but certainly not compatible with all WordPress themes.
- WP Super Cache – just like W3 Total Caching – this caching plugin works great if it works, but it also is not compatible with all WordPress themes.
- Quick Cache (Speed Without Compromise) – a very reliable and easy to implement caching plugin that's rapidly becoming my favorite caching plugin!
There are thousands of web designers that use WordPress to create really professional and beautiful websites, and no doubt they all have their list of favorite plugins. The plugins I've listed above work for me, so much so that I often don't look at other plugins that provide the same features. I hope you find the information I've shared in this article helpful. If you have any questions, please reach out to me at www.northtexaswebdesign.com.