0/X
💻 Checklist of Checklist of Server & Hosting for Wordpress
-
Check PHP version is up to date
Why: New PHP runs faster and is more secure.
How to check: In Wordpress WP Admin → Tools → Site Health → Info → Server. Look at PHP version (should be ≥8.0).
How to implement: Ask your host or use cPanel to switch PHP. Vultr VPS with SSD NVMe can give you modern PHP easily. -
Check MySQL/MariaDB version
Why: New database versions process queries faster.
How to check: Same Site Health → Info → Database.
How to implement: Update database engine via your hosting control panel or ask support. -
Measure Time To First Byte (TTFB)
Why: Slow server start means slow page load.
How to check: Use webpagetest.org or GTmetrix “TTFB” value.
How to implement: Move to faster host, enable caching, use SSD NVMe drives. -
Enable SSL and HTTP/2
Why: HTTPS + HTTP/2 lets browser load many files faster and secures user data.
How to check: In browser address bar see “https://” and test on https://tools.keycdn.com/http2-test
How to implement: Get free Let’s Encrypt SSL from your host; enable HTTP/2 in server config or ask host. -
Confirm server storage is SSD NVMe
Why: NVMe storage reads and writes much faster than HDD.
How to check: Ask host support or check VPS specs (e.g. Vultr NVMe plans).
How to implement: Upgrade plan to SSD NVMe. -
Check server location and resources
Why: Closer server gives lower latency; enough CPU/RAM avoids slowdowns.
How to check: In host control panel view data-center region and resource usage.
How to implement: Choose region near your users; upgrade CPU/RAM if needed.
⚙️ Checklist of WordPress Settings
-
Ensure WP_DEBUG is off
Why: Debug mode slows WordPress site and shows errors to visitors.
How to check: In Wordpress wp-config.php look for define('WP_DEBUG', true).
How to implement: Change to define('WP_DEBUG', false) and save. -
Verify Site URL and WordPress URL match
Why: Wrong URLs cause redirects and extra requests.
How to check: WordPress Settings → General → WordPress Address and Site Address.
How to implement: Correct both to the same “https://your-domain”. -
Set correct timezone
Why: Wrong timezone affects caching schedule and post scheduling.
How to check: WordPress Settings → General → Timezone.
How to implement: Choose your city or appropriate UTC offset. -
Check permalink structure
Why: Plain “?p=123” is slower and bad for SEO.
How to check: WordPress Settings → Permalinks (should use “Post name”).
How to implement: Select “Post name” and save changes. -
Adjust reading settings
Why: Too many posts on home uses memory and slow queries.
How to check: WordPress Settings → Reading → “Blog pages show at most.”
How to implement: Set to 5–10 posts. -
Disable unused XML-RPC and RSS feeds
Why: They generate extra load or pose security risk.
How to check: Try /xmlrpc.php and /feed/ in browser.
How to implement: Use Disable XML-RPC plugin or add snippet to functions.php. -
Limit Heartbeat API frequency
Why: WP Heartbeat can use CPU if too frequent.
How to check: Install Wordpress Query Monitor → see Heartbeat hits.
How to implement: Use Heartbeat Control plugin to reduce to 60 s or disable on specific pages. -
Configure media settings
Why: Large default sizes waste storage and slow uploads.
How to check: Settings → Media → review image sizes.
How to implement: Adjust sizes or remove unused sizes in theme’s functions.php. -
Review discussion settings
Why: Heavy comment load can slow pages.
How to check: Wordpress Settings → Discussion → “Break comments into pages.”
How to implement: Enable pagination; set 50 comments per page. -
Enable Privacy/GDPR page
Why: Privacy tools may add scripts; need proper page to avoid extra loads.
How to check: Settings → Privacy.
How to implement: Create or assign a Privacy Policy page.
🔌 Checklist of Plugins for Wordpress
-
Remove unused plugins & themes
Why: Inactive code can add extra load or vulnerabilities.
How to check: Wordpress Plugins → Installed Plugins; Appearance → Themes.
How to implement: Delete unused items from WP Admin. -
Keep all plugins and theme up to date
Why: Updates often include performance fixes and security patches.
How to check: Dashboard → Updates.
How to implement: Click “Update now” or enable auto-updates. -
Identify slow plugins
Why: Some plugins add heavy queries or scripts.
How to check: Use Query Monitor or P3 Plugin Performance Profiler.
How to implement: Deactivate or replace slow plugin with a lighter alternative. -
Install must-have plugins
Why: Quality plugins handle core functions and boost speed.
How to check: Verify functionality in WP Admin → Plugins.
How to implement: Install and activate:- Caching: WP Rocket or W3 Total Cache
- Image optimization: Smush or ShortPixel
- SEO: Yoast SEO
- Security: Wordfence or Sucuri
- Backup: UpdraftPlus
- Database cleanup: WP-Optimize
🚀 Checklist of Performance Optimization for Wordpress
-
Enable page caching
Why: Caches full HTML to serve pages fast.
How to check: View source; look for “”.
How to implement: Use WP Rocket, W3 Total Cache, or FastCGI cache on Nginx. -
Set browser-cache headers
Why: Browser reuses assets instead of re-downloading.
How to check: DevTools → Network → check Cache-Control header.
How to implement: Add in .htaccess or nginx.conf:location ~* \.(js|css|png|jpg|jpeg|gif|svg)$ { expires 30d; add_header Cache-Control "public"; } -
Configure Nginx for static asset caching
Why: Server-level caching is faster than PHP plugin.
How to check: Inspect headers for X-FastCGI-Cache.
How to implement: Enable fastcgi_cache_path and fastcgi_cache in nginx.conf. -
Set up object caching
Why: Caches DB queries in RAM (Redis/Memcached).
How to check: Use Wordpress Redis Object Cache plugin status.
How to implement: Install Redis on server; activate Redis Object Cache plugin. -
Use a CDN for static files
Why: Faster global delivery, offloads origin server.
How to check: Assets load from CDN domain.
How to implement: Sign up Cloudflare, BunnyCDN, or StackPath; configure via plugin. -
Minify and combine CSS/JS
Why: Smaller file sizes and fewer requests.
How to check: Source shows compressed files.
How to implement: Use WP Rocket, Autoptimize, or tools like terser. -
Remove unused CSS/JS
Why: Unused code still downloads and executes.
How to check: DevTools → Coverage tab.
How to implement: Use PurifyCSS, UnCSS, or Asset CleanUp plugin. -
Load JS with async or defer
Why: Prevent JS from blocking render.
How to check: DevTools → Network → blocking times.
How to implement: Enable “Load JS deferred” in plugin or add async/defer attributes. -
Inline critical CSS
Why: Above-the-fold styles load instantly.
How to check: PageSpeed Insights warns “render-blocking CSS”.
How to implement: Use WP Rocket critical CSS or Critical tool. -
Enable Gzip or Brotli
Why: Smaller transferred sizes.
How to check: DevTools → Response headers: content-encoding.
How to implement: Apache mod_deflate or Nginx gzip on; gzip_types. -
Optimize web fonts
Why: Fonts block text render if not set correctly.
How to check: PageSpeed Insights “Ensure text remains visible”.
How to implement: Preload fonts and set font-display: swap.
🗄️ Checklist of Database Optimization for Wordpress
-
Clean up old post revisions
Why: Revisions bloat wp_posts table.
How to check: Run SELECT COUNT(*) FROM wp_posts WHERE post_type='revision' in database.
How to implement: Use WP-Optimize or add define('WP_POST_REVISIONS', 3) in wp-config.php. -
Empty spam comments and trash
Why: Large comment tables slow queries.
How to check: Comments → Spam and Trash counts.
How to implement: Click “Empty Spam” and “Empty Trash” or schedule via WP-Optimize. -
Clear expired transients
Why: Orphaned transients remain in options table.
How to check: SELECT COUNT(*) FROM wp_options WHERE option_name LIKE '_transient_%'.
How to implement: Use WP-Optimize or Transients Manager plugin. -
Optimize database tables
Why: Defragment tables for faster reads.
How to check: Check table overhead in phpMyAdmin.
How to implement: Run Wordpress OPTIMIZE TABLE via WP-Optimize or SQL. -
Analyze and fix slow queries
Why: Slow queries block pages under load.
How to check: Enable MySQL slow query log or Query Monitor.
How to implement: Add indexes, remove inefficient plugins, or rewrite queries.
🔍 Checklist of SEO for Wordpress
-
Check meta titles and descriptions
Why: Unique meta helps avoid duplicates and boosts search appearance.
How to check: Use Yoast snippet preview or Plerdy SEO Chrome Extension.
How to implement: Edit in SEO plugin fields; use Plerdy to highlight issues. -
Verify heading tags (H1–H3)
Why: Proper heading structure aids crawling and readability.
How to check: Inspect HTML or run Plerdy SEO Analyzer.
How to implement: Ensure one H1, logical H2/H3 order in content. -
Ensure alt text on images
Why: Improves accessibility and SEO.
How to check: Plerdy highlights missing alt attributes.
How to implement: Add descriptive alt="…" in image tags. -
Review XML sitemap & robots.txt
Why: Guides bots to important pages and avoids slow pages.
How to check: Visit /sitemap.xml and /robots.txt; use Search Console tester.
How to implement: Generate via Yoast or Rank Math; edit robots.txt via plugin. -
Add schema markup for rich snippets
Why: Enhances search listing and click rate.
How to check: Google Rich Results Test.
How to implement: Use Schema Pro plugin or add JSON-LD manually. -
Use Plerdy SEO Chrome Extension
Why: Real-time on-page SEO audit and keyword tracking.
How to check: Install and run analyzer on any page.
How to implement: Fix issues directly in WP editor.
👥 Checklist of Usability for Wordpress
-
Verify responsive design on mobile
Why: Mobile speed and layout crucial for engagement.
How to check: DevTools → device toolbar or real devices.
How to implement: Adjust CSS media queries; use flexible grids. -
Check viewport meta tag
Why: Without it, mobile pages zoom incorrectly.
How to check: HTML head contains viewport tag.
How to implement: Add<meta name="viewport" content="width=device-width, initial-scale=1">in header. -
Ensure tap targets are big enough
Why: Small buttons cause mis-taps and frustration.
How to check: PageSpeed Insights “Tap targets too small”.
How to implement: Increase padding on links/buttons in CSS. -
Test navigation and menu flow
Why: Hard-to-find links add time and bounce.
How to check: Manually click through menus on mobile and desktop.
How to implement: Simplify menu; use clear labels. -
Use Plerdy Heatmaps & Session recordings
Why: See where real users click, scroll, or get stuck.
How to check: Review heatmaps and replay videos in Plerdy dashboard.
How to implement: Add Plerdy script to header; adjust CTAs or elements based on insights.
🔒 Checklist of Security for Wordpress
-
Enforce strong passwords & two-factor login
Why: Weak passwords let hackers in.
How to check: Users → test password strength; check 2FA status.
How to implement: Use Two Factor or Wordfence plugin. -
Limit login attempts & change login URL
Why: Blocks brute-force bots and hides admin.
How to check: Attempt wrong logins to trigger lockout.
How to implement: Use WPS Hide Login and Limit Login Attempts Reloaded. -
Harden file permissions & protect wp-config.php
Why: Prevent direct file access or injection.
How to check: SSH → ls -la permissions on wp-config.php.
How to implement: chmod 400 wp-config.php; add deny from all in .htaccess. -
Keep SSL/TLS certificate valid
Why: Expired cert breaks HTTPS and speed.
How to check: Browser lock icon; SSL Labs test.
How to implement: Auto-renew Let’s Encrypt or purchase cert. -
Install and configure security plugin
Why: Firewall and scans stop hacks early.
How to check: Wordpress Plugin dashboard → firewall status.
How to implement: Use Wordfence or Sucuri with scheduled scans. -
Scan for malware & vulnerabilities
Why: Hidden threats slow site or steal data.
How to check: Use Wordpress plugin scan or Sucuri SiteCheck.
How to implement: Remove malware, update code, block bad IPs. -
Secure database access & server SSH
Why: Prevent remote exploits.
How to check: Attempt DB or SSH login without key.
How to implement: Use SSH key auth; block DB port publicly; strong root password.
☁️ Checklist of CDN & Network for Wordpress
-
Set up CDN for images, CSS, JS
Why: Distribute load globally for faster fetch.
How to check: Wordpress DevTools → assets served from CDN domain.
How to implement: Use Cloudflare, BunnyCDN, or StackPath; configure via plugin. -
Check DNS lookup times
Why: Slow DNS adds delay to first byte.
How to check: GTmetrix or DNSPerf lookup report.
How to implement: Use Cloudflare DNS or Google Cloud DNS. -
Add preconnect or prefetch
Why: Browser warms connections to important origins.
How to check: PageSpeed Insights “Preconnect to required origins”.
How to implement: Add in head:<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link rel="dns-prefetch" href="//example.com">
🛠️ Checklist of Third-Party Scripts & Monitoring for Wordpress
-
List all external scripts
Why: Ads, analytics, widgets can block load.
How to check: DevTools → Network → filter by “JS”.
How to implement: Remove unused scripts in Wordpress theme or plugin settings. -
Load non-critical scripts async or delayed
Why: Nonessential JS no longer blocks render.
How to check: DevTools → script blocking time.
How to implement: Use WP Rocket “Delay JS” or add async/defer attributes. -
Remove or replace slow widgets
Why: Social or chat widgets often heavy.
How to check: GTmetrix waterfall → slow domains.
How to implement: Replace with static links or load after interaction. -
Run Google PageSpeed Insights
Why: Provides lab metrics and suggestions.
How to check: Test URL on pagespeed.web.dev.
How to implement: Address items under Opportunities and Diagnostics. -
Test with GTmetrix or Pingdom
Why: Different tools catch different issues.
How to check: Run tests on both platforms.
How to implement: Compare reports; adjust settings accordingly. -
Monitor real user Core Web Vitals
Why: Lab tests differ from true experience.
How to check: Chrome UX Report or Search Console Web Vitals.
How to implement: Use RUM plugin or Web Vitals JS script. -
Check server logs and error reports
Why: Hidden errors cause slow pages or downtime.
How to check: SSH → view /var/log/nginx/error.log or Apache error.log.
How to implement: Fix errors, adjust PHP settings, or contact host. -
Set up uptime and alert monitoring
Why: Know immediately if site goes down.
How to check: Use UptimeRobot or Pingdom alerts.
How to implement: Register URL monitor; configure email/SMS alerts.