Use Child Themes and Plugins
A lot of newcomers to WordPress jump right in and begin altering their core theme files. This is often a clear mistake. All of your changes will vanish right after an update, and since plugins and themes are upgraded about as often as apps on your phone, this is often pretty frequently.
To get rid off this, create children of your plugins and themes. Not only will protect your changes, you can upgrade on your own time. The same steps utilized to create a child theme can be connected to making a child plugin, but let’s use creating a child theme as our example.
To get started making your child theme, create a new folder in your themes folder with a unique name and create a style.css file in it.
In WordPress, all theme parameters are stored within the style.css file as the primary comment block. Open the style.css from your original theme i.e the parent theme, to see an example of this.
Coming to your child theme, go ahead and copy that comment block from your original theme’s style.css to the new file and rename it. Including the template parameter to this header will link your new theme to the original. The Template parameter should point to the folder name of the initial theme, like so:
Presently, if you need to modify files of the original theme, copy them from the first theme’s folder and paste them into your child theme folder. WordPress will use original template files until & unless it sees the same file in your child theme.
So if you need to make changes to header.php, copy it from your original theme into your new child theme folder, and make the changes within the copy. For adding new or altered code, you moreover create a new functions file in your child theme and make your changes there.
This same file copying strategy goes for many plugins as well: create a folder with the same name as a plugin inside your child theme, after that following to the file structure of the original plugin folder, copy the files from the original plugin to your new folder and modify them. Most major plugins support this, but it’s always great to check with the author if you’re not sure.
Speed Things Up with Caching
WordPress optimized hosting services such as Siteground, or the more costly Wpengine, consequently support WordPress caching. In case your host is one that has WordPress particular caching available, it’s the most excellent choice.
For those running on a VPS server with root get to, Google PageSpeed could be a turn key caching and optimization solution by Google that works with Apache and nginx.
Talking of minification, minify your files yourself during development. Third party tools tend to break things more frequently than not, particularly during updates. Doing it yourself will give you more awareness and control of when and where things go wrong.
Pay Attention to Security
WordPress’s popularity makes it a highest target for hackers. In case you don’t upgrade regularly, you’re pretty much asking to get your website hacked.
Programmed updates are a small as well as unsafe for users with a lot of customizations and plugins, which is why I strongly recommend installing a few sort of security plugin.
I personally suggest iTheme Security, which executes security options like a password lockout and file monitoring. And Wordfence Security, a WordPress specific firewall for your website.
Three Developer Tools to Make Life Easier
WordPress has numerous plugins and add-ons to create your developer life a lot less demanding. In specific, I recommend:
WP-Cli
WP-Cli will let you work with WordPress using the command line. With this extraordinary tool you’ll upgrade and downgrade WordPress in seconds, as well as update plugins.
Outstandingly, once you find yourself moving to a different server, the built in search-replace command will take care of all the url changes for you, and it’s worth installing it simply because of that.
Advanced Database Cleaner
The Advanced Database Cleaner plugin cleans out spam comments and transients. You’ll indeed set up tasks to run automatically.
Query Monitor
When things are running slowly and you’re not sure what to fault, Query Monitor lets you see what queries are taking too long to execute, as well as show you PHP warnings and errors.
DON’T OVERDOSE ON PLUGINS
Yes, WordPress has tons of plugins, but that doesn’t mean you ought to use them all. The more plugins you’ve got, the bulkier your website and the slower your loading times, so don’t use plugins unless absolutely necessary.
If you merely need to add some custom fields to your posts (a functionality already included in WordPress) don’t overengineer the solution by installing the advanced custom field plugin, ACF.
In case you must use a lot of plugins, make sure you have got Plugin Organizer installed to oversee them. This great plugin lets you indicate what plugins are activated on which pages (you’ll indeed use regular expressions), and this specific loading will essentially speed up your website.
You’ll be able too use devices like P3 (Plugin Execution Profiler) to see what plugins are taking up most of your valuable resources.
SPRING CLEAN YOUR WORDPRESS FUNCTIONS
In spite of the fact that awesome, WordPress comes out of the box with a parcel of things that cannot be turned off within the settings. Here are few useful steps to take any fresh WordPress install and make it more secure and perform better:
Remove the WordPress Version
Get rid of the WordPress version number to create your site harder to be identified by hackers.
Remove Script Versions
Get freed of the version number after scripts. By default, WordPress includes versions to all your scripts. This will lead to issues with caching/minification plugins, as well as helps hackers identify your website way better
Restrict WooCommerce
Did you installed WooCommerce, and now the site is running slowly? Next step is to prevent WooCommerce from loading its scripts on non-WooCommerce pages:
Enable Shortcodes in a Widget Area
Attempting to use shortcodes in a widget area and getting nothing? Utilize shortcodes in gadget areas