WordPress performance and risk management tips

When I first started creating WordPress websites…

…I was just happy to be able to offer my clients an admin area, and visitors a consistent navigation and theme. Ten years ago, security, disaster recovery, redundancy, performance, and scaleability were things I thought about (that hasn’t changed), but modifications to address those issues weren’t easy to implement. One big thing has changed over the past 10 years– APIs have become commonplace for not only external services, but even WordPress itself. APIs drive about half of the recommendations below.

I’ve been working on a new project

As I worked through the intricacies of user flow, mail notifications, etc, it became apparent that I required a level of control that was beyond a managed hosting environment. So, I recently upgraded the site to a VPS, and have learned some pretty cool tricks along the way to harden the site against disaster and prepare for future growth.

Here’s a hit list of recommendations you can implement today to increase the performance of your WordPress website, and harden failure points.



I use WP Super Cache, and use mod_rewrite to serve cached files. I also pre-load my cache.


Gzip should be enabled in your .htaccess file. If it’s not, head over to grab the copy-pastable code from Torque.

Image optimization

I previously used Imsanity (which was legit), but compression and interface is a little simpler with WP Smush.

PHP 7+

I recently signed up for a VPS with cPanel, and love EasyApache4. It allows you to easily switch between versions of PHP on your server for testing purposes (on a per-site-basis). Now that I’ve migrated all of my VPS-hosted WordPress sites to PHP 7, I can remove previous versions of PHP and test bleeding edge versions as soon as they’re available.

Failure point mitigation

Off-site backup

I use Google Drive for off-site backups, and use ManageWP to manage the backup process.

Plugin / core updates

If I don’t have automatic plugin / core updates enabled on a particular site, I use ManageWP to notify me when sites have updates that need attention.

Email deliverability

Mandrill is an email deliverability solution that skips over the server, host, temporary outages, etc. It also helps with overall deliverability for transactional emails from both the website and the server. Mandrill makes a plugin that works well (WPMandrill), but if you have cPanel, follow these instructions to setup Mandrill server-wide. It’s freakin awesome.

That’s it. Have other tips? Leave them in the comments!

Leave a Reply

Your email address will not be published. Required fields are marked *