Share your tips for bandwidth and security issues of WordPress Sites

Genesis

Administrator
For me high up on my own list are two major issues with WordPress:

(1) All those fancy photo sliders and stunning Word Press features eat bandwidth like any thing and one has to look carefully at one's bandwidth use in cPanel when it is a shared server and exceeding the maximum bandwidth could lead to suspension. So would be nice if people could share their experiences for managing their bandwidth.

(2) Security is a sensitive issue - no other Websites are as vulnerable for hacking and spamming as WordPress Websites are. Look at it this way. The hackers and spammers are sending bots every where to probe Websites for certain vulnerabilities and if any of those programs match our specifications, we're the next victim in line. Those bots are getting more and more sophisticated and plentiful which means we have to be more and more security aware. Thing is there are so many security plugins and software available for WordPress, and one is not always sure what they do and how good they are. So am hoping that you could share some of your experiences - what are you doing for securing your WordPress site?
 

mediauser

New member
I think it is great to use CloudFlare or Incapsula. It is easier to protect website from DDoS attack or spambots. On the other hand, we have a great DNS managing tool and we can decide (in CloudFlare) which subdomains are protected by CloudFlare servers and whitch subdomains are unprotected.

Tips for saving bandwidth? Uploading images on external servers. When we are uploading 1000 photos, that every of it takes 2 MB, we can save 20 GB of bandwidth, if every photo will be showed to 10 people.
 

Genesis

Administrator
I've had interesting experiences recently with bandwidth issues and WordPress. My security plugin was using bandwidth, which is not so good, however, not too much, and at least justification as the plugin, WordScreen, is really excellent. It for example picked up on a plugin in my WordPress site that was giving me problems. Right down to telling me it is critical and that it wasn't being used by my Website. And indeed it was when I checked it out. It was causing a spike in bandwidth. Once I deleted the offending plugin, everything was good again.

So plugins can really create awesome problems with bandwidth. WordPress Websites can really be a pain in this way, and those fancy sliders one should be careful with as well.
 

Serven

New member
I can really recommend WordFence Plugin for beefing up on WP security. I really like those alerts that they send when there are plugins acting out. One of the best plugins there are. Of course, when plugins act out, they do use plenty of bandwidth, so if one has something like WordFence to alert one when plugins have problems, that can save one from being suspended when bandwidth gets out of hand. :good:
 

smartstop

New member
Try these thing to Wordpress Site:

1. I agree with mediauser using CloudFlare will be best for security.

2. Rename WP-ADMIN, WP-CONTENT & WP-INCLUDE to something like this admin, content & include. Then change this name from all files of Wordpress Directory using Notpad++. Download Database and change this name from that database using Notpad++ and upload it again. Whenever you'll need to Upgrade to Wordpress or Plugin you'll need to download the latest version, change these name from all files in that wordpress or plugin folder. Change upload directory from admin panel. Using this method your website will not look like wordpress and will be safe.

3. Use Cache Plugin.

3. If you use video files then upload it youtube and then embed it in your wordpress site.

:drinks::drinks::drinks::drinks::drinks:
 

fancy

New member
One thing I don't like about wordpress, the updates are ENDLESS...
I have a custom wordpress plugin that I don't update with the programmer. That's going to be a problem, isn't it?

My recent experience with wordpress security issue:
So I noticed a sudden surge of people registering on my wordpress site. All spam accs and mostly disposable emails. So I installed WP security and followed some of the instructions in it.

One of the things I did was limit the number of times users can login before lockout. few days later, few ppl tried logging in and got locked out. If they wanted to get in, they would ask for password recover for sure, but didn't.

So if you get tonnes of spam accounts registered, how would you remove it? I installed WangGuard, scanned all the users for spam accounts and removed it.
 

Genesis

Administrator
I like WordFence. It's the first plugin I load after I've installed WordPress and I immediately set it up with my e-mail address and a scan. There is also a plugin for limiting login attempts. I use that one too. I then turn off all comments - closing the gates so to speak.
 

Yozora

Moderator
Another vote for WordFence. I especially like that they added an option to ban anyone who tries to log in with a certain username. This is great for IP banning anyone who tries to log in with the username "admin". As most people probably know, "admin" is the default username for the admin account, so you should always change it unless you want to be hacked.
 

fancy

New member
Genesis said:
I like WordFence. It's the first plugin I load after I've installed WordPress and I immediately set it up with my e-mail address and a scan. There is also a plugin for limiting login attempts. I use that one too. I then turn off all comments - closing the gates so to speak.

Decided to switch from all in one WP security plugin to WordFence. Already feel it's faster :search:? Love it, the scan works, the former didn't (for some reason).

So now I see this "Wordfence Falcon Engine" thing that claims 30 to 50 Times speed increase :shock:
If this is a caching feature, I probably should disable other caching plugins like ZenCache?

Wordfence deals with login protection very well. Lotsa features.

Actually, All in One WP Security isn't bad, it has options to prevent right click on your site. But I guess it's more of a jack of all trades, like Jetpack.
 

Genesis

Administrator
I haven't tried all in one. Haven't seen Wordfence Falcon Engine. Hopefully Wordfence will stay as it is, although I do find frequent e-mails trying to push me into the premium version. I've just learned my lesson with Malwarebytes paid version though. The free version is less intrusive than the paid version. And possibly Wordfence will be the same.
 

XENGS

New member
W3 Total Cache - It minifies css, html and javascript, and I think it also compresses the images for you. Plus it's got some options for external image uploading to really cut down on bandwidth useage. I really think it's a must for every Wordpress installation. Not only does it help on the bandwidth side, but it also puts less load on the server and helps pages load much faster.
You should also run a Google pagespeed insights test on your website. Usually it'll let you know about any uncompressed images or other things you can do to save up bandwidth and improve your site's speed - Even UI problems on mobile phones. Plus if you get a good score it helps in SEO :good:
Like others mentioned there's also CloudFlare which also helps a lot - As long as you can get the images to be low in size, loaded from an external source and user's browser to cache them all then there should be no problem in Bandwidth useage :)