WordPress Tips

I’ve mainly decided to make this post of WordPress Tips so that I have a few quirks that I usually need to add to WordPress after a fresh installation. However, why just hide it away somewhere like Google Drive, or Dropbox, when I can share it with the world! After all, if you work with WordPress on any level, you’ll want to read this page!

Tip #1: Install a proper security plugin

I’m not sure how I never got hacked back in the day, but adding a proper security plugin is something you should do for every site you build, even demos. This way you’ll know the demo will work with all plugins. There are 2 main plugins I like to use…

Bulletproof Security: Bulletproof Security is my go to security plugin. It adds login security, login and error tracking via log files which are all automated and emailed to you directly from the site after a brief setup. Also you can set the blockout time for failed login attempts. I usually put it on at least 24 hours. You can always override this manually and remove a block on anyone at any time, so having a 24 hour lockout on the site for a failed login really helps to deter the bots that are attempting to brute force their way past the login screen.

Bulletproof Security also comes with an automated database backup utility, which will save to the directory you select on your web server, independent of the site installation.

The one downside to Bulletproof Security is that it edits files on the server that can cause problems, especially if you manually move the site after setting up BS. This will cause problems with the plugin and you will have to remove it and start over, or even install a different security plugin, or even worse, contact your web hosting company to help resolve the issue.

Wordfence Security: Wordfence was my first security plugin. It was great forever, until I felt that it just wasn’t pulling its weight anymore. After installing Wordfence I’d almost immediately have email notifications of brute force attempts on my login page. It was just starting to get too coincidental that these were starting right after installing the app, especially on new sites that were not even live long enough to be found.

All the downsides put aside, Wordfence is still a great security app. It includes a firewall, login blocking/tracking, security scanning and more. You can read all the features over at the download page.

Tip #3: Automatic Image Optimization

Whether you have limited space on your web server, or you just want your pages to load faster (and who doesn’t?) then you should get WP Smush. I discovered this plugin recently and its just fantastic. WP Smush will automatically compress all uploaded media images. Also, if you already have a page with tons of media that hasn’t been optimized, WP Smush has a batch option that will scan all media and “Smush” it.

Okay, so now you’ve got WordPress all setup, but you’re getting errors for apprently no reason…

Issue #1: HTTP Error when uploading media to WordPress

With a fresh install of WordPress, you’ll sometimes get an “HTTP Error” when uploading media to your new site. And that’s all that you get for info on trying to fix this one. Just “HTTP Error” and that’s it. No actual error information.

I’ve had to tackle this one a lot in my WordPress development and the best solution is adding the following code to your theme’s functions.php file. So this is a theme specific solution. If you find yourself switching themes then the error comes back, well that would be normal as we’re editing the functions.php file for your current live theme. Okay, here’s the code…

add_filter( 'wp_image_editors', 'change_graphic_lib' );

function change_graphic_lib($array) {
return array( 'WP_Image_Editor_GD', 'WP_Image_Editor_Imagick' );

You can put that anywhere in your functions.php file, but I usually go for the end of the file to keep my code separate from the original theme code.

error: Content is protected !!