Bloggers, both novice and advanced, usually use one blogging platform or another to make their website work efficiently. Among the many blogging platforms is WordPress, an impressive blogging platform with over 40 million posts a month, one that is used around the world, with support in over 120 languages. Just a few of the major players using WordPress as their preferred blogging platform are: UPS, CNN, CBS Radio, TechCrunch, NBC Sports and TED.
However, because of this widespread use, WordPress has recently become a target of brute force attacks. These are criminal activities are aimed at getting access to WordPress websites at the administrator level.
Signs of your WP site being signaled for attack, even when not fully infiltrated, are extreme slowdowns, significantly large web page downloads, and in an extreme case, your being blocked from website access.
This does not mean, however, that slow website load times are a definite indication of a brute force attack. These slowdowns can also be affected by other issues, such as high traffic, inefficient files, too much media or too many images and the WordPress handler you use.
1 – Update
Though updates may seem challenging, especially for inexperienced WordPress users, they are important. Developers constantly update the platform and create security patches so it’s important you keep your WordPress installation up to date. It is a simple process, just log into the cPanel of your hosting account and upgrade there, or if you created a manual installation, download the latest version of WordPress and follow the installation instructions offered on WordPress.org.
2 – Plugins
Although plugins are very useful, too much of a good thing can hurt. You want to update plugins, and make sure you install a login limiter to prevent brute force attacks from taking up your bandwidth or worse, from gaining entrance to the website. Other than that, you want to watch the number of plugins you do install. Although there are thousands of plugins out there, and many of them very useful, the more you install the slower your site will load, so you should remove those that you aren’t actively using. You especially want to be careful with the following plugins as they do require a large amount of bandwidth: wp-forum, geo-mashup, wassup and wp-digg.
3 – Caching
Though a slow loading WordPress page can certainly be an indication of a brute force attack, it isn’t necessarily the reason for a load-page slowdown. Your page can load slowly because of a large amount of traffic, a large number of posts and heavy images. To prevent slowdowns, you should install a W3 total cache solution. High-traffic and numerous hits cause WordPress to degrade and slow down. A W3 cache stores your WordPress pages as static HTML files, allowing them to be accessed quickly when pulled up by viewers. It also reduces the amount of work for MySQL and manages the PHP recompilation more efficiently. A W3 total cache, or even the WP-Super-Cache reduces memory and CPU usage for a WordPress website by as much as 70 percent, thereby increasing the load time by as much as 50 percent.
4 – Don’t Overload Your Homepage
Naturally, the homepage of your site is likely to get the highest amount of traffic, so you need to compensate for this by not overloading your homepage with too many posts. WordPress, thinking of this issue, allows you to select the number of posts you want to display here, or allows you to select a few of your latest posts to populate the homepage. To prevent slowdowns, don’t use more than 8 to 10 posts on the front page.
5 – Beware of Images and Media
Note that the sizes of your images and media will also significantly slow your website load time, even to a point of your assuming you being victimized by a brute force attack. When your posts contain streaming media, large images and heavy advertisements, your site will take longer to load. So you want to downsize and limit the images on your WP website.
6 – SUPHP vs DSO
There are two basic handler types for WordPress: SUPHP and DSO. SUPHP makes the PHP files run under the specific user account, and although secure, this user account verification can cause the website to slow down. By contrast Dynamic Shared Object (DSO) runs faster but it runs under a ‘nobody’ user, which means you will need to make permission amendments to the files and directories need to be changed. Users who experience large amounts of traffic often find it beneficial to switch to DSO. But because of the complex directory changes, a DSO transfer needs to be handled by an experienced WordPress developer.
This article was brought to you by VPS.net, for dedicated server hosting, cloud servers and 24/7 support visit our site here vps.net