Caching Plugin

LiteSpeed cache logoI chose my web host carefully. My sites are hosted on a LiteSpeed web server, so I am able to use the remarkable free LiteSpeed Cache (LSC) plugin. LSC provides much more than just lightning-fast server-side caching. In also includes a suite of optimization tools such as: Database optimization; Image optimization – which seems to be equal to or better than the paid/premium versions of competing plugins; Connection to CloudFlare so I can put CF in development mode or purge the CF cache; and Miscellaneous settings like ‘Remove query strings from static resources’.

Using my two favorite website speed checkers, WebPageTest.org and GiftOfSpeed.com

  1. LSC Off | CF in Development Mode (baseline site)
  2. LSC On | CF in Development Mode (significant speed increase over baseline)
  3. LSC Off | CF Caching On (a significant speed increase over LSC)
  4. LSC On | CF Caching On (no significant speed change over CF alone)

A few observations:

  • On my relatively static sites like this one, I use a CloudFlare page rule for blazing site speed. On these sites I am not able to squeeze out any more speed by using a caching plugin – even an exceptional one like LSC. So why run LSC on these sites? Because of the other optimization features that LSC offers, and because it boosts site speed when CF is in development mode or doesn’t have a page cached for some reason.
  • On sites with dynamic content, I use CF with default cache settings. On those sites, I do get a nice increase in speed by using LSC in addition to CF.
  • Kinda funny how my Compress Images grade on WebPageTest jumped between A and B even though all tests used the same images. I guess my images must be borderline A- / B+.
  • Strait A’s on the final test. Yea me!

Many LSC features only work on sites hosted on LiteSpeed web server. For sites hosted on Apache, I like Comet Cache for its plug-and-play simplicity as well as performance. The very popular W3 Total Cache (W3TC) is another excellent choice.

Custom security plugin

custom WP security pluginWhen researching WP security, I come across a number of suggested additions to my child theme’s functions.php file. Examples include code to disable login hints, and to remove WordPress version information from metadata. These are helpful suggestions, but … is the functions.php file really the best place for these changes? My child theme should address theme-related changes, not general security issues. If I put these changes into functions.php, then at some point switch to a new theme, the changes would be lost.

Better to implement these changes in a custom WP security plugin. Doing so is much easier than it may sound. Summary description is below. For more detailed instructions please refer to the WPBeginner article What, Why, and How-To’s of Creating a Site-Specific WordPress Plugin.Custom security pluginI use a text editor – Windows Notepad in my case – to create a text file, something like the example below:

<?php
/*
Plugin Name: Example plugin name
Description: Example description
*/
/* Paste code snippets below this line */

/* Paste code snippets above this line */
?>

Rather than pasting suggested code snippets into functions.php, I paste them into the custom plugin file I am creating. I save the file using a meaningful name, something like custom-functions-by-kenny.php. Using SFTP or my host control panel file editor, I create a folder with the exact same name as my file, without the php extension of course, in my plugins folder. I upload my file into the new folder, then activate the plugin in my WP admin dashboard.