Website Blueprint for an Awesome WordPress Site
It takes some time for the average user to get a clear picture on the most suitable solutions to develop a personal or business website. Choosing the right platform, software and tools can be a difficult task especially if you’re new to web development.
This website blueprint provides direction for building a professional site with WordPress.
I decided to write this article as an overview of how I developed my website and which tools and services I use. The purpose is to offer direction and guidance in case you want to build a similar one.
This webpage does not contain affiliate links or ads. It is not a sponsored post either.
The recommendations for services, products and tools listed in this website blueprint are based on my personal experience. They are provided considering the overall quality, functionality, level of customization, reliability, security and support.
Although the recommendations listed within this article should represent a good choice for your website, you may consider other options based on your specific requirements. If you need additional website functionality, feel free to browse WordPress repository.
There are countless web hosting companies out there. Power Hosting is my favourite hosting provider since many years ago when I was hosted on their first datacenter. Now I host all my websites with them.
Power Hosting provides high-performance infrastructure, generous resources, rock-solid security, fast and highly-qualified support, free migrations and other cool features at affordable prices.
The company was founded by two passionate and highly-rated freelance system engineers. Their top-quality hosting solutions, affordable prices and professional customer-oriented support led to an accelerated company growth. I expect Power Hosting to become an important player in the web hosting market very soon.
Power Hosting offers a very attractive 1.99€ / month (paid yearly) hosting plan for small websites. Check out their Shared Hosting Plans for more information.
WordPress is a free platform. The increasing popularity derives from its user-friendly interface, easy administration and flexibility to customize websites.
The website platform is also known for its famous 5-minute installation.
I use the self-hosted version of WordPress and not the WordPress.com service so that I have complete control of my website.
There is a plethora of free and premium (paid) WordPress themes available for all industries.
My website runs on the robust Genesis Framework developed by StudioPress, a company providing highest quality WordPress themes for years.
I love Genesis Framework because of the overall quality in terms of clean and optimized code, responsive design, cross-browser and cross-device functionality, on-site SEO, site speed, schema implementation and solid security.
I use a Genesis custom child theme called Business Pro which is developed by SEO Themes. I modified a few lines of code to adjust the website to my needs and to add a personal flavour.
If you are looking for the perfect design for your website, take a look at StudioPress WordPress Themes Catalog and enjoy the power and flexibility of Genesis Framework.
Security is crucial for any website. You may consider your site not worthy of being targeted by hackers, but actually websites are compromised all the time. To improve my website security posture and reduce the risk of a compromise, there are several considerations:
The security of my hosting environment is extremely important since website files are stored on the server. Hosting a website in a safe and secure environment makes it a lot easier for website owners to handle security.
This is one of the main reasons I trust Power Hosting to handle my site.
Their Power Security package is available for all hosting plans and provides multiple layers of protection against a wide range of possible threats at server level, including:
- Real-time security scanning to detect infected files or unauthorized access.
- Multiple-layers firewall to detect and block a wide range of attacks or intrusion attempts, including brute-force and DDoS attacks. Note: I also use a Cloudflare CDN Free Plan to ensure additional protection against Distributed Denial of Service (DDoS) attacks.
- Antivirus for files, email and real-time security scanning.
- Email anti-spam to prevent suspicious messages.
- Hotlink protection to prevent other websites from linking directly to files on my website.
- Backup system to restore the website in case something goes wrong.
Another reason I love Power Hosting is account isolation, which, from a security perspective, is a must-have feature for any hosting provider to prevent cross-contamination.
My hosting provider ensures account isolation for both security and resource usage reasons. In case a particular account is compromised or broken scripts use additional resources, other accounts are not affected.
WordPress Security Plugins
To complement my website security posture in addition to server-level features, I use three of most comprehensive and reliable WordPress security plugins available on the market:
1. Wordfence Security
Wordfence Security is the most popular WordPress security plugin. Wordfence offers several features that convinced me it’s a must-have plugin for all website installs:
- Powerful Web Application Firewall which identifies and blocks malicious traffic.
- Malware scanner for blocking malicious requests.
- Protection against brute force attacks.
- Flawless WordPress integration.
Download Wordfence Security – Firewall & Malware Scan plugin (free version) from WordPress repository.
2. Sucuri Security
Sucuri Security is one of the most reliable WordPress solutions for complementing the security posture of your website. Sucuri is another plugin which is mandatory on my list for standard WordPress installs. The features I like most are:
- Security activity logging and audit.
- Monitoring the integrity of website files.
- Malware scanning and blacklist monitoring.
- Effective 1-click security hardening options.
- Security notifications via email.
Download Sucuri Security – Auditing, Malware Scanner and Security Hardening plugin (free version) from WordPress repository.
3. Anti-Malware Security and Brute-Force Firewall (GOTMLS)
Anti-Malware Security and Brute-Force Firewall, also known as GOTMLS (Get Off Those Maliciously Loaded Scripts!), is a top-rated plugin created by Eli Scheetz to help WordPress admins clean infected websites.
GOTMLS scans your website file system and removes known security threats and backdoor scripts. Also, the plugin automatically enables protection from Revolution Slider exploits, directory traversals, user enumeration and other known vulnerabilities.
Download Anti-Malware Security and Brute-Force Firewall plugin (free version) from WordPress repository.
- Although Wordfence, Sucuri and GOTMLS plugins have of few similar features at some point, my hosting resources allow me to use all three of them without influencing the overall website performance.
- Some of the security hardening techniques listed above may be implemented via .htaccess rules or wp-config.php, as detailed in Hardening WordPress guide on WordPress Codex. For beginners though, implementation via plugins is easier and safer.
- Although top-rated WordPress security plugins are able to provide top-level protection against brute-force attacks, I prefer to restrict access to my website wp-admin area based on IP addresses. You can read more details in my comprehensive WordPress Security Guide.
Akismet Anti-Spam prevents comment spam on my website. This plugin plays an important role in maintaining my website’s credibility since it prevents malicious content being published.
Akismet was developed by Matt Mullenweg, the founder of WordPress, and Automattic, a major contributing company to WordPress community.
Download Akismet Anti-Spam plugin (free version) from WordPress repository.
SSL Security Certificate
My website uses HyperText Transfer Protocol Secure (HTTPS) to create an secure (encrypted ) connection between the hosting server and your web browser. Therefore, your privacy and integrity of the data exchanged between the server and your browser is protected.
Website backups are very useful in case something goes wrong. Websites may get hacked or could break after an update.
I use two methods to regularly backup my site:
- Full backups via cPanel to create an archive of all of my website files, database and configuration.
- When it comes to WordPress backup plugins, I am a fan of UpdraftPlus, one of the most popular and highly-rated plugins. UpdraftPlus creates scheduled backups of my website and stores the archives on a secure off-site location.
Site Speed and Performance
Optimized site speed determines improved user experience, search engine rankings and better conversions.
As you can see in the image above, my 8 MB homepage loads in less than 0.9 seconds, which is awesome site speed. The homepage has a larger size because of the hero section with a video running in the background. Pages significantly smaller in size load a lot faster, in about 0.5 seconds or so.
My website performance comes from the overall quality of hosting environment, WordPress theme and plugins, a powerful caching plugin and image optimization techniques.
WordPress Caching Plugin
I use WP Rocket to make my website loading blazing fast and save server resources and bandwidth. WP Rocket is the most powerful and easy to use WordPress plugin for speeding up your WordPress website.
The plugin features caching, compression, database optimization, minification and concatenation, DNS prefetching, CDN integration and more.
WP Rocket has an user friendly dashboard and does not require any coding skills. Website performance is boosted with just a few clicks.
Read more details on WP Rocket Plans and Pricing.
Image optimization increases the website performance.
All images used on this website are resized to proper resolution and unnecessary image metadata is removed to reduce file size and ensure proper loading times. I use two methods to optimize images:
1. Image Optimization via Application
Radical Image Optimization Tool (RIOT) is a free but very powerful image optimization application. RIOT is simple to use and allows you to control compression, number of colors, metadata settings and much more. RIOT supports JPG, GIF and PNG image formats.
Download RIOT for Windows and start compressing your images.
2. Image Optimization via WordPress Plugin
ShortPixel is a freemium image compression plugin. ShortPixel is comprehensive but easy to use. The plugin claims up to 90% image compression rate and features lossy, glossy and lossless image optimization options. It supports JPG, PNG, GIF, PDF, WebP formats.
In my tests, ShortPixel has obtained the best results comparing to similar WordPress plugins.
You can compress up to 100 images / month using ShortPixel free plan.
Download ShortPixel Image Optimizer plugin (free version) from WordPress repository and optimize your images.
Monitoring Website Uptime and Availability
Uptime Robot is a cool free service which automatically monitors my website uptime every 5 minutes from several locations.
Uptime Robot checks website headers and status codes to detect any downtime. In case of 4XX / 5XX status codes, Uptime Robot makes several more checks to confirm the site is down and sends an email notification if downtime is validated.
Sign-up for Uptime Robot for free and start monitoring your website.
Search Engine Optimization (SEO)
The WordPress theme used on my website includes features such as clean and lightweight code for fast performance, responsive design and schema microdata to enhance the overall SEO compliance and contribute to achieving higher rankings.
I use Yoast SEO Premium plugin to improve my website’s overall SEO and boost my rankings in the search results. Yoast SEO helps me write better content and provides additional website improvement and optimization options.
Yoast SEO is the most popular WordPress SEO plugin. I use it on all my websites and it’s a must-have plugin for any website owner.
Download Yoast SEO plugin (free version) from WordPress repository.
Most of the images used on my website are downloaded from Pixabay, Unsplash or Pexels. On this websites you can find quality photos, illustrations, vector graphics or even videos. Most of them are free of copyrights.
Social Media Sharing and Follow
One way to increase readership is to implement site-wide social sharing buttons to make the content shareable. Social follow buttons increase social media following.
I use Monarch Social Media Plugin developed by Elegant Themes to display social sharing and follow buttons. Monarch is one of the most effective social media plugins for WordPress. It offers clean and customizable design and does not affect website performance.
The plugin supports 20+ social networks for sharing and 35+ networks for profiles, 5 different website locations for sharing buttons and 6 automatic pop-up and fly-in triggers. There is also an option to display the network names and the number of shares or followers.
Monarch also provides statistics for shares, follows, and likes that can be accessed via the dashboard.
Check Elegant Themes Membership for more details and pricing.
Building an email list is a must for any online business owner. The email list allows me to stay in touch with the subscribers who signed up to receive email updates.
MailChimp provides everything you need as a small business and it’s easy to use. They offer a free plan with up to 2,000 subscribers and 12,000 emails per month for starters.
Check MailChimp Free Plan if you’re starting your new business.
Contact page is one of the most important pages on every website since it’s a primary method for visitors to get in touch with website owners.
I use the powerful and flexible Ninja Forms plugin to easily create the contact forms on this website with the drag-and-drop form creator. Ninja Forms is free and can be downloaded from WordPress repository.
Download Ninja Forms plugin (free version) from WordPress repository.
I use Google Analytics to track my website’s traffic and user engagement. Google Analytics shows me how visitors came across the site, how long they stayed, what pieces of content kept them on my website and much more. I use the collected data to identify my website’ strengths and weaknesses and improvement opportunities.
Google Analytics is a free and very popular tool. Try it yourself if you haven’t done it already.
I use them to identify crawling errors, submit content to search engines for crawling, view the search queries that brought organic traffic, monitor backlinks and much more.
Google Search Console and Bing Webmaster Tools are both completely free and very useful for webmasters.