There are two major drawbacks of using WordPress for your web design and development projects. The first is that it often loads more resources than your website needs. The second is that WordPress has significant security risks due to it being the most popular CMS. In this post, I will provide you with 6 code snippets that you can copy/paste into your functions.php file to improve your site’s speed and security.
These code snippets have been compiled from an awesome thread from Builder Society. This is one of the best, if not the best, digital marketing forums. You can find even more copy/pasteable code there that I left out of this post.
Setup a child theme in WordPress before editing the functions.php file
You need to setup a child theme in WordPress before you start editing your functions.php file otherwise all of your work will be lost when there’s a WordPress update.
Many premium theme creators have child themes prepared for you that you can just download and install like any other theme. If your theme creators don’t provide one, follow the instructions in the video guide from wpbeginner.
WordPress security code snippets
The first snippets remove your WordPress version footprint. This makes it more difficult for a hacker or a bot to scrape your website and detect what version of WordPress you run to.
remove_action('wp_head', 'wp_generator');function remove_wpversion_cssjs( $src ) {
if ( strpos( $src, 'ver=' ) )
$src = remove_query_arg( 'ver', $src );
return $src;
}
add_filter( 'style_loader_src', 'remove_wpversion_cssjs', 999 );
add_filter( 'script_loader_src', 'remove_wpversion_cssjs', 999 );This snippet removes login error messages (like "wrong password") so that unsophisticated bots won’t get the feedback they need to continuously attempt logins.
add_filter('login_errors',create_function('$a', "return null;"));WordPress speed code snippets
This code replaces the WP Jquery with Google’s CDN version. This improves your website’s speed and reliability under heavy traffic because you get to use Google’s closest server to load Jquery instead of your own. Chances are, Google has better servers than you and I (no offense).
add_action('init','jquery_register');
function jquery_register() {
if(!is_admin()) {
wp_deregister_script('jquery');
wp_register_script('jquery',('https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js'),false,null,true);
wp_enqueue_script('jquery');
}
}This code helps to prevent database bloat by limiting the number of stored revisions to your posts. If you need to be able to access far back in your revision history you’re probably better off skipping this one or changing the 10 to whatever number best suits your needs.
if(!defined('WP_POST_REVISIONS')) define('WP_POST_REVISIONS',10);This next snippet also helps to remove database bloat by eliminating storage for AIM, YIM, and Jabber.
function remove_default_userfields( $contactmethods ) {
unset($contactmethods['aim']);
unset($contactmethods['jabber']);
unset($contactmethods['yim']);
return $contactmethods;
}
add_filter('user_contactmethods','remove_default_userfields',10,1);Want more?
You can find more niche and advanced snippets in the original thread. If you’d like help implementing any of these code snippets please contact me.
