What is in this article
Using WordPress Site Health Page
- Hover over ‘Tools’ and select ‘Site Health’
- You should see a page like the one depicted.
- You’ll noticed there are a few recommended security improvements.
Manage Warnings #1
- Select ‘Only parts of you site are using HTTPS’.
- Select ‘Update your site addresses’
- Assuming you created an SSL certificate for your site, replace the ‘http://’ in ‘WordPress Address (URL)’ and ‘Site Address (URL)’ with ‘https://’.
- Select ‘Save Changes’
- You will need to login again
Manage Warnings #2
- Select ‘Tools|Site Health’ again.
- You should now only see three recommended improvements.
- Select ‘The authorisation header is missing’.
- Select ‘Flush permalinks’.
- Select your preferred permalink style (search engines won’t like you if you change it later).
Manage Warnings #3
- Once again, select ‘Tools|Site Health’
- You should be down to two ‘recommended improvements’.
- Select ‘You should remove inactive themes.’
- Select ‘Manage your themes’.
- For all themes you don’t want to use, select the theme’s thumbnail, then select ‘Delete’
- For every theme you find interesting, select ‘Update now’, then select the theme.
- Select ‘Enable auto-updates’.
Manage Warnings #4
- Once more select ‘Tools|Site Health’.
- Select ‘You should remove inactive plugins’.
- Select ‘Manage your plugins’.
- For the ‘Hello Dolly’ plugin, select ‘Delete’.
- If you want to use the ‘Akismet Anti-Spam’ plugin, select ‘update now’, otherwise select ‘Delete’ for the plugin.
- If you keep the ‘Akismet’ plugin, you will need to configure it (not covered in this presentation).
Site Health Verified
- Verify that ‘Tools|Site Health’ shows a checkmark and ‘Great job! Everything is running smoothly here.’
- If you view the actual site you should see something such as the following screenshot.
Additional Security Measures
- If not using Akismet Anti-Spam plugin, go to ‘Settings|Discussion’ and make sure that under ‘Before a comment appears’, ‘Comment must be manually approved’ is checked.
- While this means you have to moderate every comment, it is essential to avoid nasty spam appearing on your site.
- By nasty I mean not only spam that promotes ‘the nasty’, but malware, conspiracy theories, comments in languages that you (and/or most of your readers) don’t know, and normal spam that will ruin your search engine rankings (such as they are).