Installing Wordpress can be done via the below steps. Also included is recommended plugins to use.
- Download Wordpress from http://wordpress.org/latest.zip
- Unzip the latest.zip archive on your computer
- If Wordpress will be installed in its own folder:
- Rename the "wordpress" folder to "blog" or any other name that you want
- Upload the renamed folder to your site's storage area
- If Wordpress will be the primary script for your site:
- Upload the contents of the wordpress folder to your storage area
- Create a Database:
- Hsphere Control panel:
- Login to the control panel
- Go to Databases -> MySQL -> MySQL DB Wizard
- Follow the steps to create database
- Create a user
- Take note of the user and password, database name, and hostname
- Hsphere Control panel:
- Now go to http://example.com/ if you uploaded to be your primary site or http://example.com/blog if you uploaded as in a sub folder of your site -- replace example.com with your domain.
- You should now see the wordpress installer, follow the install steps.
- When it asks for database info, enter the information that you got in the database creation step above
- Ignore any steps that ask for FTP info
- When it asks for site name, etc, enter what you want
- When it asks for admin user name and password, make sure to use something unique and not "admin" . The password should be a complex password with numbers and lower and uppercase letters
- Complete any further install pages and confirmations
You should now have an installed copy of Wordpress.
Make sure to keep your Wordpress installs up to date. Out of date installs can be exploited and any exploited installs will be suspended by us.
Recommended Settings:
- Set Settings -> Permalinks to on with post name or month and post name or mix as your want
Recommended Plugins:
- W3 Total Cache - https://wordpress.org/plugins/w3-total-cache/-- This will help with page load speeds and lower server resources
- Enable all caching options after install
- Have browser caching on
- WP Mail SMTP- https://wordpress.org/plugins/wp-mail-smtp/ -- this is required for sending mail via wordpress
- Setup with SMTP authentication
- WordFence - https://wordpress.org/plugins/wordfence/ -- this will help with wordpress security
- Set up to throttle human and bot page loads to 20 or more pages loaded per minute - an average visitor will not visit more hten that in one minute
- Set to lock unknown users
- Set to block failed logins after 5 attempts
NOTES:
- Make sure to keep wordpress, plugins and themes updated. Any exploits caused by wordpress, plugins, or themes is a risk to your account's security and general services.
- If you use WP-DB-Backup for backups, make sure to secure the backup folder to prevent downloading of backups. With apache, this can be done via a .htaccess directive: deny from all
- Wordpress hardcodes the site url (http://example.com/ or http://example.com/blog) in to the database and many other entries in it . As such changing the URL afterwards can cause problems for some items and requires advanced steps in some cases. As such, it is important to select the location that will be best for now and in the future.