The power of WordPress lies in the plugins. Plugins are programs that people have written to accomplish some common task. Plugins range from adding event calendars to sites to protecting your site’s security from hackers. This will give you a guide on how to locate and install plugins for your needs, and my recommendations that you install for all sites.
To begin installing plugins, click on the Plugins option on your WordPress Dashboard.
Since we are adding a new plugin, select the Add New option from the menu. This opens The aplty named Install Plugins page. From here we will first search for a plugin then install it. Note that the plugin we are about to install is fairly complex as far as plugins go.
At some point, somebody is going to try to hack your site, so the first thing I want to do is make it harder for them to succeed. In order to make it more challenging for them, lets get a security plugin. In the search box, type “security” and click the button. This is a tutorial only, and I do not accept any responsibility for your site’s protection.
1,000 results! If you have some knowledge about internet security then you should probably refine your search to find something that defends against precisely what you are concerned about. For most of us, BulletProof Security will do just fine. It will not defend you against everything, but it enjoys a good reputation online. Click the Install Now button, and when the dialog box asks you if you are sure click yes.
Now do not forget to activate your plugins! If you do not activate them, then they do not do anything.
Often you would be done at this point, but some plugins require you to configure them before they do anything. It is good policy to understand how the plugins you install work, so do not just install them willy-nilly, read up on them. BulletProof Security is an example of a plugin that has some additional work needed for it to work properly. Click the BPS Security option that is now at the bottom of your WordPress Dashboard menu.
I will reiterate here that you should really understand that which you are installing, and there are no less than five ReadMe buttons on the whole screen that I have excerpted below for a reason – because this is your site’s secuity and it is important to get right.
When you read the first ReadMe, it will explain that BPS will tell you which buttons at the top of the configuration screen you need to use. In fact, it states in nice big green letters which to use. Click each button in turn. (You may have to wait a moment between the two as gears turn behind the scenes). In the case of my demo, I am told to use the buttons to the far left.
Once you have created the two files you need, you need to activate your protection. Once you read the ReadMe files, you can select the activate radio button then click the Activate button. Repeat for the second info box as well.
Now there are two more dialog boxes below the ones in the image above. If you have read your ReadMe’s, and if you read the last two, you will know what to do. (This is your site’s security, YOU have to own it).
Now that you have installed your first plugin, and it was a hard one, you can handle any other one you want to install. On all of my sites I consider these the minimum that I need to install:
- Comes with your install of WordPress, but you need to activate it. This plugin defends you against comment spam.
- BulletProof Security
- What you just installed. Provides some defense against hackers.
- Do Follow
- WordPress comes by default as “no follow”. From Wikipedia: “nofollow is a value that can be assigned to the
relattribute of an HTML
aelement to instruct some search engines that a hyperlink should not influence the link target’s ranking in the search engine’s index.” You do not want this because you do want the search engines to know what you are about and the links in your site should be topically related, thereby enhancing the point of your site.
- MaxBlogPress Ping Optimizer
- Every time you edit anything on your site (even as minor as changing a comma in an existing post), WordPress will announce to the world that you have made a change. This is bad because if your site is constantly pinging out changes you can get filed as a spammer. This plugin will allow you to limit how often pings can go out.
- Simple CAPTCHA
- We all hate these, but they are the best defense against automated comments to your posts, which are 100% spam.
So that will get you started. Remember that if there is something you want your site to do functionally, somebody may have already made a plugin to do it.
Next: Create Additional Pages
Main Menu: How To Do WordPress