WordPress has developed into a very popular Blog and CMS platform. We have hundreds of clients using it to power a wide variety of websites. However, WordPress is not without its faults. This article will attempt to provide some ideas for easing some WordPress’ tendancies to overuse CPU and memory resources. We will update this over time, but to start we have a couple good ideas that we would recommend you adopt immediately to ensure your site runs more efficiently.

1. Do not use WordPress’ built in cron job feature.

By default, WordPress will run cron jobs every so often. By default, it will do this whether you have specifically asked it to run a particular job, or not. cPanel, however, gives you access to native Linux cron, which is far better for task scheduling. Every WordPress user should completely disable the built in cron, because it will fire frequently when your site is accessed, or not at all if your site is not accessed, making it both a resource hog and unreliable.

To disable WordPress’ built in cron, and this line to the WordPress wp-config.php file:

define('DISABLE_WP_CRON', true);

You can put it above this line towards the bottom of wp-config.php:

/* That’s all, stop editing! Happy blogging. */

2. Disable AJAX/Heartbeat except for autosaving posts.

An even bigger problem than the built in cron is the frequency with which the WordPress administrative dashboard uses Ajax, which causes frequent POST requests back to the server–even if you’re simply logged into the admin with a page open doing nothing. This is particularly bad when someone logs in to edit something and then leaves it open for an extended period of time after finishing whatever work needed doing.

The solution for this is to figure out, if you don’t already know, the name of the theme in use by the site. Then you need to edit the functions.php file in the theme directory, and add this code to the very end before the closing php tag (?>):


add_action( 'init', 'my_deregister_heartbeat', 1 );
function my_deregister_heartbeat() {
global $pagenow;

if ( 'post.php' != $pagenow && 'post-new.php' != $pagenow )
wp_deregister_script('heartbeat');
}

3. Slow down crawlers/spiders

We block a lot of the abusive crawlers that hammer websites hard and/or do not honor robots.txt, but even still you may want to slow down the legitimate crawlers such as Google, Bing and Yahoo. A simple addition to robots.txt to slow them down (add to the top of robots.txt in your site root):

User-agent: *
Crawl-delay: 30

4. Require captcha or image verification for user submitted content

Nothing attracts comment spam bots like a comment form on a blog that has nothing to verify a human is posting. This is one of the worst situations you can put yourself in. Spam comment bots will swarm your site 24/7 if you don’t have your comment forms protected. You can even have moderation enabled for comments so that they don’t automatically show, and bots will still submit spam comments and consume your available resources, leaving your site unusable at times.

If you are reading this and don’t have some sort of verification on your comment forms, go take care of this right now! Stop what you are doing and go install captcha or something similar to protect your comment forms!

LEAVE A REPLY

Please enter your comment!
Please enter your name here