WordPress is a great blogging tool – there is no doubt about that. But there are settings that you should change every time you set up a new installation. Here are the customisations I always make, and why you need to make them also.
Remember that some of these customisations are for security, as well as making sure that your blog looks its best and is attractive to visitors. Both of these are essential. You do not want anyone to successfully attack your blog, nor do you want visitors to take one look at it and walk away. So read the list and add your own ideas via the comments!
1 – Admin User
The new version of WordPress prompts you to change the password, but ideally you should delete the admin id! Full details on my blog, but basically it makes it harder for hackers to guess the logon details.
So go into user maintenance and create a new user id. Some pointers:
- allocate a user name that is easy to remember, difficult to guess
- allocate a nickname that is different to the user name
- give this new user name full admin permissions
- once you have created it, go back in and select to display the name publicly as the nickname, not the username – this prevents us giving away what it has been changed to
Then logo off, log back on as the new username and use that to delete the admin user.
You are now 1 step closer to a safer WordPress.
Step 2 – Describe Your Blog
Go to settings, then general and give your blog a title and a tag line. People will almost certainly see these when they visit your site and ‘just another WordPress blog’ doesn’t sell your blog to them!
Step 3 – Activate Akismet
This used to be a standalone pluggin, but it is no a part of the basic installation so it is easy to forget it. Go to your list of pluggins, activate Akismet and then follow the instructions to obtain an API key if you don’t already have one and enter it.
Just do it! No questions, this is compulsory, else you will have a blog full of spam comments! Akismet is the pluggin tool that will delete all of these spam comments and clean up your site for you. When it detects spam, it squirrels it away to safety for you to review and then deletes it automatically a little later.
But please, do not show off publicaly how many spam comments have been caught, else spammers will use your blog to test how to get around Akismet…
Step 4 – Remove Unnecessary Weight
Whilst you are in pluggins, delete Hello Dolly. Go to pages and delete the about us page (or re-write it so that it is relevant) and go to the posts page and either delete or rewrite the initial post. Also delete the first ‘this is a comment’ comment.
Step 5 – Make It Look More Personal
Browse WordPress under extend then themes and find a theme that you like the looks of, or search for free wordpress themes and download a couple of suitable themes that way.
Once you find a few that you like, download and unzip them then load them to your blog and through the appearance menu, have a play with the themes and see which one suits your needs the best.
Step 6 – Update Your Pings
Pings tell a whole variety of important websites that you have updated your blog, so use pings for the best exposure. All that you need to do is to go to settings and then writing and add a list of ping services to the relevant box.
Where do you get a list of suitable services? Well, thanks to Vladimir Prelovac who maintains a list over on his website – http://www.prelovac.com/vladimir/wordpress-ping-list.
Step 7 – No Pingbacks
Whilst it is good to know who is linking back, if you are writing articles in the future and these are pointing back at your individual pages (good practice), then you will get your comments filled with Pingbacks – I know! Go to settings, then discussion and turn off pingbacks.
Step 8 – Pluggins
Finally, it is time to start adding those essential pluggins, but this list has gone on for long enough so we will save that for another day!
Keith Lunt
