One of the awesome things about WordPress is that it’s a dynamic publishing system that uses a database to store your site’s information: posts, options, plugin and theme settings – all of this data is stored in your site’s database. It’s like the brain of your WordPress installation. Unfortunately the WordPress database is also a prime target in many website attacks. Spammers and other bad guys target various database tables with automated scripts, SQL injection, and other malicious code. Needless to say it’s critical to protect your database and keep recent backups. One of the smartest ways to protect your site’s database is to change the default table prefix to something obscure and difficult to guess. Sort of like a password.
There are many ways to customize the WordPress Dashboard. Over the years, the Dashboard has evolved into a highly flexible information portal, enabling an overall, big-picture view of the main components of your site, while also providing granular data on everything from recent comments and plugin updates to incoming links and WordPress news. And that’s just the default functionality, there are also a ton of dashboard widgets and plugins available in the WordPress Plugin Directory that you can use to transform your Dashboard into just about anything, or even disable it completely.
Once a WordPress powered site starts getting quite a bit of content, the default built-in search becomes fairly useless. It just isn't very smart. If you wrote a comprehensive article about He-Man, but since have written five other articles that just mentioned He-Man in passing, a search for "He-Man" will turn up your comprehensive article sixth. There have been various tweaks and plugins and whatnot to try and make this better. But why not leverage the best search engine ever written instead?
New WordPress-only snippets repository. Nice clean design, good functionality, quality content (like this gem). This one should be a winner. Update (2013/08/29): 404 link removed (
Save time by replacing your most commonly typed words and phrases with WordPress shortcodes. For example, if you are frequently typing your blog’s URL, you could place the following code your theme’s
In our recent post on pimping the wp-config.php file, we explain that using strong Security Keys is an important part of securing your WordPress installation. In this post, we want to zoom-in on Security Keys and look at what they are, how they work, and how to use them to greatly improve the security of your site.
WPCandy is back under Ryan Imel and it's been loaded with good stuff lately, including this great run-through of how to use Chris Shiflett's URL sentences idea in WordPress.
Update: (404 link removed 2014/11/02)
It’s here! Digging into WordPress Version 3.0 is here and it’s packed with goodness, including a new chapter on WordPress 3, updated core content, and a super-sleek new cover. Check it out:
Easily, the most important file in your WordPress installation is the
wp-config.php file. It serves as your site’s base configuration file, controlling key aspects of WordPress’ functionality and enabling WordPress to do mission-critical stuff like connect to the database. Without
wp-config.php, WordPress simply won’t work. So whenever you install WordPress, one of the first things to do is pimp your
wp-config.php with some custom WP configuration tricks.
Peter Wilson walks us through making sure print stylesheets are loaded after the rest of the page is loaded, so they don't hold up page rendering.
Update: (404 link removed 2014/08/07)
Pardon my ignorance here, but Rasmus starts talking about latency and concurrent requests about 16:30. He then mentions "one line of code" installation of something that sounds like "aqua code cache" that gives WordPress a 3x performance boost in response time / number of transactions per second. Anyone knows what he's talking about there, shoot a note and I'll update this permalink with the info. He goes on to talk about much more hardcore-PHP-nerd WordPress optimization stuff.
The scoop via Joost Schuur:
Rasmus is talking about an 'opcode cache'. It essentially caches the parsed PHP scripts in memory. That means PHP doesn't have to read it from disk or even convert the humanly readable PHP script code into executable machine code (opcode). The one he's referring to is APC, which is likely going to be included in the next big release of PHP. Xcache is another popular kind. I run it on my site and got about a 3x performance increase on page request server times, so the numbers add up. The W3 Total Cache WordPress plugin has the option of using Xache or APC to keep popular pages in memory via opcode caching.