WordPress has become the most famous overloading high CPU script in the world. This is mainly thanks to it's popularity with new users. The good news is, even as a new user, optimizing WordPress is pretty easy if you take some time and follow the steps below. And don't be afraid to ask us to do this. We are happy to jump in and take care of these for you. Just add a ticket :)
We listed each optimization for WordPress in order of most helpful.
Before starting, we suggest making a full back up of your cPanel or the WordPress website with the database.
- Update everything
Old plugins, WordPress versions, or outdated themes, are the main reason for overloading and hacking issues. You should be updating everything in your WordPress at least once a month and a good Theme should be updated at least every 6 months. In your cPanel under Softaculous, you can set auto update for your plugins, themes, and WordPress core. We highly suggest doing this or having us do this for you.
- Update your PHP version in your cPanel
You may have newer PHP versions available. You can check for this in your cPanel in the multiPHP section. Always start with the newest PHP version, and only change to older versions if you have to. PHP version changes take about a minute to update, you will need to click refresh on your browser page to see that the changes are working o.k.
- Install the essential plugins
We recommend and use two plugins with all our WordPress Installation.
1. First is All in one security. With this plugin we turn on as much as we can like Block Spambots, basic firewall, debug log file, all additional firewall rules, 6G blacklist, Internet bots, Login lockdown, file permissions, and more.
2. Next we always add WP-Optimize and turn on all optimizations, auto compress new images, page caching!, and minify. We also like disable comments, and disable new user notify.
- Make smaller pages and/or add Lazy Load
Making your pages smaller will have a major impact on your load. In fact splitting your page in half will normally lower more than half your load use. If you are still dead set on a long page than at least add a lazy Load plug. The common amount of posts on a page is 5, anything over that is at risk of having CPU load issues.
- Remove tags
Tags seem like a great way to tell Google what SEO traffic to send to your site. The truth is Google has said many times it does not use tags for SEO purposes. Being the third most common reason for overloading WordPress and with no real SEO benefit removing tags is a great way to lower your CPU and load use. We suggest that when you remove tags, to make sure and use sufficient categories to help your visitors navigate well.
- Trim off the fat
Always remove any plugins and themes not being used besides the latest default WordPress theme (And the one you use of course). You can always add them back later. Less files, themes, and plugins means the smoother your WordPress will run. It's a good rule of thumb for plugins to stay under lucky number 7.
- Remove admin-ajax
It's too detailed to explain how to disable admin-ajax in this list, but we have put together a nice blog post showing how you can here: Remove Admin-Ajax
- Remove wp-cron
It's also too detailed to explain how to disable wp-cron in this list, but we have put together a nice blog post showing how you can here: Disable wp-cron.php
- Limit login attempts
It is important to block hackers and attackers. There is multiple plugins for this, but All in one security is the best plugin that has this option.
- Keep media compressed well
Having large images and media requires more time to load which adds more CPU load use. WP-Optimize has an option to optimize images automatically we recommend turning on. We still recommend compressing your images before uploading them to WordPress.
- (optional) Disable Comments RB
If you don't want people to leave comments on your website you need to add a plugin. Disable comments RB is the best and most simple. Be careful with plugins that have several option you don't need. This can lead to wasted CPU use.
- (optional) WP Force SSL & HTTPS Redirect
Some themes do not redirect to SSL and with the new SSL requirements by all major browsers you want to make sure your WordPress website is being redirected correctly. WP Force SSL & HTTPS Redirect is the best and most simple plugin to do this. I would check if your website is already being redirected before adding it.
- (optional) Add the Akismet plugin
This will block spam and junk, but the verdict is still out if it will help lower CPU use. In fact some say it's causes more CPU use. If you installed All in one security and turned on Spambot protection, you should be fine. There is a free version for Akismet. Just scroll to zero when it asks for how much you want to pay. You do have to get the free key and register it.
- (optional) Disable WordPress XML-RPC with .htaccess
You can disable all xmlrpc.php requests from the .htaccess file before the request is even passed onto WordPress.
Simply paste the following code in your .htaccess file:
Block WordPress xmlrpc.php requests
deny from all
allow from 184.108.40.206
There is many other ways to help WordPress, these are just the top ones that really should be done to any new WordPress installation.