How To Build a Fast, Secure, Affordable WordPress Website: The Ultimate Guide
Building a fast, secure, affordable WordPress website may seem like a pipe dream, but it isn’t nearly as difficult as you may think it is. Utilizing the right web hosts and tools, you can easily host a fast and secure WordPress website for as little as $1/month. Think I’m crazy? Read on and you’ll find out how achievable this is…
Let’s start with web hosts, first. What are the cheapest web hosts out there?
Namecheap – This is hands down the cheapest web host to start out with, with the first year of hosting only costing about $10, and domain names being as cheap as 88 cents. Every year after that it only goes up to $40 to renew, which just sweetens the deal even more. While Namecheap isn’t the fastest web hosting provider in this list, I’m going to tell you later how you can speed things up. The most important factor here is that Namecheap maintains 100% uptime, backed by a money-back guarantee, and excellent 24 hour support.
iPage – iPage costs a little more than Namecheap upfront to get its sweetly low price of $2/month web hosting. It is about $70 to get three years of web hosting for the price of $2 a month. If you don’t want to commit that much, though, no worries – even one year of web hosting only costs around $35, which puts you at a rate of about $3 a month. You also get free ad credits with your new account, as well as a free domain name. And if you’re not satisfied with their service, they will give you the rest of your money back with no questions asked.
Hostinger – Hostinger’s web hosting starts at an amazingly low price of $2/month as well when you purchase three years of hosting. Three months is also only about $4 a month, for a total of around $12. This web host also guarantees you’ll love their service in the first 30 days or will receive all your money back with no questions asked. To sweeten the deal, they offer a free SSL certificate and a domain name to go with your hosting.
InterServer – InterServer currently is running an amazingly cheap deal that gives you your web hosting service for only one cent for the first month. You can purchase the first month alone at this price, or get a year’s worth of hosting for around $50. InterServer also offers free website migration, a free domain, a free SSL certificate, and a 30-day money-back guarantee.
Once you’ve chosen a web host and installed WordPress, your real work begins. It’s time to First, we’re going to start by obtaining an SSL certificate if it isn’t included with your hosting for free. Make sure after you purchase the SSL certificate to install it and make sure http:// redirects to https:// for your domain. Then head on over to CloudFlare to create a free CDN account. Let it make a copy of your website’s DNS settings, then wait to receive an email letting you know it’s safe to switch over to CloudFlare’s CDN. Follow the instructions provided by CloudFlare to redirect your nameservers to their service.
Once you’ve made the switch, go to “Crypto” in the top menu of CloudFlare’s website and change the SSL setting to “flexible” since you’re already using an SSL certificate. If you don’t do this, it can lead to errors attempting to log in to your WordPress website.
By now, you’ve probably already noticed your website has sped up. CloudFlare also will improve your website’s security by protecting it against DDoS and helping to protect it against brute force attempts.
Now we are going to want to head for CPanel (or whatever your web hosting provider uses for its administration panel). Scroll down to “Software” and click on “Optimize Website”. Make sure that there’s a radio button next to “Compress Specified MIME Types” and save it. Next, go to “Select PHP Version” and make sure the latest version of PHP is selected (right now it’s at v7.x).
Server-side compression of your HTML and text makes your website’s data footprint smaller, so that it can transfer faster to the viewer’s computer, where it is decompressed. The latest version of PHP has made some giant leaps in performance, which the latest version of WordPress has been optimized to take advantage of.
Now we’re going to install some WordPress plugins:
Akismet Anti-Spam – You’re probably familiar with this one since it is one of the recommended plugins to install in WordPress. However, if you’re not familiar with it, you’ve been missing out on the best comment spam security around. Akismet is fully capable of catching 90% of the comment spam out there. It greatly reduces your need to moderate comments.
Loginizer – Loginizer has one task it does very well: it puts a cap on how many times you can attempt to log in to WordPress before your account gets temporarily locked. This prevents brute force attacks attempting to hack your password from ever being successful.
Wordfence Security – This extremely helpful security plugin for WordPress scans for vulnerabilities and malware, as well as hardening your WordPress installation to make it more secure. The paid version also protects your website against a blacklist of bad IPs.
WP Fastest Cache – This is hands down the easiest caching plugin you can install in WordPress. It only has two settings – on, and off. Caching creates static versions of your dynamic page content, so your server doesn’t have to process as much while displaying a page. If you would like to have more control over your caching features, you can install WP Super Cache alternatively.
Now you’ve done most of what you can do by default to speed up your WordPress installation and secure it – and you’ve done it all on the cheap! Its future speed and security now all lies in your hands. Practice good habits to keep your WordPress site running in tip top shape:
Install a fast theme – Some WordPress themes are riddled with errors, while others just employ too much fancy graphics and effects to be very fast. Make sure the theme you install is of high quality and doesn’t overkill on the fancy stuff. Mind you, sliding presentations are just fine if they’re coded nicely and utilize optimized images.
Optimize your graphics – Make sure you’re compressing images before you upload them to your WordPress website. Even just a 90% compression ratio on your images can make a huge difference in how fast your WordPress website displays the page.
Use a secure password with a password manager – Use a secure password that contains at least one uppercase letter, one lowercase letter, a symbol, and a number. Use nonsense words or phrases rather than words that can be looked up in a dictionary or search engine. Keep your password in a password manager, and don’t type it in so if your computer gets keylogger malware it can’t pick up on your password being typed in. Do this with your WordPress password, CPanel or administrative panel password, and your web hosting account password as well. An excellent password manager to use with a long history of keeping data secure is LastPass.
Consider using a static front page – This way visitors won’t crowd up and collect on your homepage, slowing your WordPress website down, but will navigate to the menus that are relevant for them.
Limit the amount of posts displayed on each page – WordPress sets this to 10 by default, but don’t be afraid to limit it more to help speed WordPress up.
Limit logins – You don’t have to allow people to create accounts on your WordPress website for them to comment. Allow other social media logins by installing the Jetpack plugin, and don’t allow new accounts to be created just for the sake of comments.
Minimize your use of plugins – The more plugins WordPress collects, the slower it gets. Don’t fall into the habit of disabling plugins and never uninstalling them. These still have an impact on WordPress performance even when they’re disabled.
Minimize your use of themes – The same goes for themes, as well. Uninstall old themes that you’re not using, and only keep the active theme installed.
Stay up to date – Keep all your plugins, themes, and WordPress updated. This not only will enhance the speed of your WordPress site, but will help keep WordPress secure as well.