WordPress has become the most famous overloading high CPU script in the world. This is mainly thanks to its popularity with new users. The good news is, even as a new user, optimizing WordPress is pretty easy if you take some time and follow the steps below. And don't be afraid to ask us to do this. We are happy to jump in and take care of these for you. Just add a ticket :)
We listed each optimization for WordPress in order of the most helpful.
Before starting, we suggest making a full backup of your cPanel or the WordPress website with the database.
- Update everything
Old plugins, WordPress versions, or outdated themes, are the main reason for overloading and hacking issues. You should be updating everything in your WordPress at least once a month, and a good Theme should be updated at least every 6 months. In your cPanel under Softaculous, you can set auto-update for your plugins, themes, and WordPress core. We highly suggest doing this or having us do this for you. - Update your PHP version in your cPanel
You may have newer PHP versions available. You can check for this in your cPanel in the multiPHP section. Always start with the newest PHP version, and only change to older versions if you have to. PHP version changes take about a minute to update, you will need to click refresh on your browser page to see that the changes are working o.k. - Install the essential plugins
We recommend and use two plugins with all our WordPress installations.
1. First is Wordfence. With this plugin, we can turn on stuff like blocking spambots or even countries, basic firewall, debug log file, all additional firewall rules, Internet bots, Login lockdown, and more.
2. Next we always add the plugin Litespeed and turn on the recommended optimization setting, it will auto-compress new images, do the best page caching, minify, and much more.
3. For SEO, we use - Make smaller pages and/or add Lazy Load
Making your pages smaller will have a major impact on your load. Splitting your page in half will normally lower more than half your load use. If you are still dead set on a long page, then at least add a lazy Load plug. The common amount of posts on a page is 5, anything over that is at risk of having CPU load issues. - Remove tags
Tags seem like a great way to tell Google what SEO traffic to send to your site. The truth is, Google has said many times it does not use tags for SEO purposes. Being the third most common reason for overloading WordPress and with no real SEO benefit, removing tags is a great way to lower your CPU and load use. We suggest that when you remove tags, make sure to use sufficient categories to help your visitors navigate well. - Trim off the fat
Always remove any plugins and themes not being used besides the latest default WordPress theme (And the one you use of course). You can always add them back later. Fewer files, themes, and plugins means the smoother your WordPress will run. It's a good rule of thumb for plugins to stay under lucky number 7. - Remove admin-ajax
It's too detailed to explain how to disable admin-ajax in this list, but we have put together a nice blog post showing how you can here: Remove Admin-Ajax - Limit login attempts
It is important to block hackers and attackers. The Wordfence plugin has this option added by default. - Keep media compressed well
Having large images and media requires more time to load, which adds more CPU load use. WP-Optimize has the option to optimize images automatically, we recommend turning it on. We still recommend compressing your images before uploading them to WordPress. - Disable Comments RB (optional) (recommended)
If you don't want people to leave comments on your website, you need to add a plugin. Disable comments RB is the best and most simple. Be careful with plugins that have several options you don't need. This can lead to wasted CPU use. - WP Force SSL & HTTPS Redirect (optional)
Some themes do not redirect to SSL and with the new SSL requirements by all major browsers you want to make sure your WordPress website is being redirected correctly. WP Force SSL & HTTPS Redirect is the best and most simple plugin to do this. I would check if your website is already being redirected before adding it. - Disable the Akismet plugin (optional) (recommended)
This will block spam and junk, but the verdict is still out if it will help lower CPU use. Some say it causes more CPU use. If you installed All-in-one security and turned on Spambot protection, you should be fine. There is a free version for Akismet. Just scroll to zero when it asks for how much you want to pay. You do have to get the free key and register it. - Disable JetPack (optional) (recommended)
JetPack looks like a helpful plugin and being from Google, you would assume it's well-written. The reality is that more sites with JetPack overload and have issues. If you have a VPS or Dedicated server, then this might be fine. But on a normal Web Hosting account, it's best to not have it enabled. - Disable WordPress XML-RPC with .htaccess (optional to block comment SPAM)
You can disable all xmlrpc.php requests from the .htaccess file before the request is even passed onto WordPress. This blocks most comment SPAM, as the spammers use programs to auto submit comments with this method.
Simply paste the following code into your .htaccess file (you can add it anywhere in the file):
# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>
You can add this version if you have an IP you want to have access still.# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
allow from 123.123.123.123
</Files
There are many other ways to help WordPress, these are just the top ones that really should be done to any new WordPress installation.