10 Tips to Get 100% Site Health Score in WordPress 5.2

dailydose
#1

Why do you need to care about it?

  • This is about website security and performance. Following this guide will ensure smooth operation of your WordPress site.

1. Update to WordPress 5.2

  • Login to Dashboard > Go to Update
  • Click on Update Now button and wait for few seconds. Do not press back or reload.
  • Check site health
    Check%20Site%20Health
  • I have managed to get awesome 100% result and I want to help achieve same.

2. Keep one default theme

  • You should keep latest default theme: Twenty Nineteen.
  • Delete unused (except Child and its parent theme), also please delete unused plugins.

3. Keep all themes and plugins up to date

  • If you do not update themes and plugin in timely manner, your website is most likely to get hacked and goes down. Google may warn Searcher showing “This site may be hacked”.
    image

4. Use latest version PHP 7.3

  • WordPress 5.2 also check either you are using secure and latest version of PHP or not.

  • Please do note, Your website can get hacked if your hosting are still using 5.x family.

  • Today, many plugins works great only with latest version of PHP. So, you must consider upgrading if possible.

  • If you compare PHP 7.3 to PHP 5.6, it can handle almost 3x as many requests (transactions) per second!


    (Source: Kinsta)

5. Use MariaDB 10.1 or later. Or, MySQL version 5.6 (at least)

  • I am using MariaDB latest version which supports UTF8MB4, is a database storage attribute that makes sure your site can store non-English text and other strings (for instance emoticons) without unexpected problems.
  • Managing a Cloud VPS? Learn how to install MariaDB. (Ref: step 20)

6. Use HTTPS

  • HTTPS requires valid SSL certificate at your website server.
  • Chrome will show Not Secure warning if you don’t use HTTPS and providing any kind of web form.

    (Source: EFF)
  • SSL improves security by encrypted connection, data integrity, providing support for HTTP/2, Geolocation, Push notification and higher trust value.
  • Implement HSTS along with it.
  • It’s a Google ranking factor.
  • Let’s Encrypt, Cloudflare SSL is also free. Still, there shouldn’t be any execuse for not using SSL.
  • Premium SSL valid for 1 year cost about $5.66/yr. Check https://www.ssls.com/

:point_right: Here’s a list of Managed WordPress hosting company that offers one-click Free SSL, latest version PHP and MySQL support.


7. Make sure Cron Job is not disabled

  • WordPress uses it checking for updates, publishing schedule posts, etc in the background.
  • You can check with “WP-Cron Status Checker” plugin.
  • Some hosting company such as Siteground, disable it for the performance reason, ask your host to enable it manually otherwise some function of WordPress will not work at all.

8. Turn of WordPress debugging

  • In wp-config.php, make sure WP_DEBUG constant is set to false. This is a default settings.
define( 'WP_DEBUG', false );
  • This thing prevent leaking WordPress server personal information.

9. Don’t disable Background updates

  • Doing so will put your site at greater risk of getting hacked.

10. Don’t disable Rest API.

  • Doing so will prevent WordPress to function properly. Some Android app also requires to be it enabled.
4 Likes
Shall I update to WordPress 5.2?
#3

Hello, can anyone help me fix this issue


@GulshanKumar
it showed in critical fixing after update

#4

I will help in fixing it. Can you follow below steps?

  1. Login to your hosting account
  2. Go to cPanel for your domain
  3. Open File Manager > public_html directory
  4. Edit wp-config.php file.
  5. Share with me in below response, last 5 lines of code.
  6. I will check code and let you know what need to be removed and fix.
#7
define('WP_DEBUG', false);
define( 'WP_MEMORY_LIMIT', '128M' );

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

# Disables all core updates. Added by SiteGround Autoupdate:
define( 'WP_AUTO_UPDATE_CORE', false );
#8

Should i change the last one to true?

#10


here is one more issue I have not been able to figure out

#11
# Disables all core updates. Added by SiteGround Autoupdate: 
define( 'WP_AUTO_UPDATE_CORE', false );

You need to remove this line to keep enabled Automatic Core updates.

#12

To enable ImageMagick php extention, create a php.ini file inside public_html directory with below code

extension=imagick.so

Save changes.

#13

That won’t hurt anything right?
I mean any vulnerability?

#14

By default WordPress can automatically update itself when a security or minor release is available.

That’s why, removing that code will be useful. If you keep WP_AUTO_UPDATE_CORE constant will ‘false’ value WordPress cannot apply security and minor updates to your site.

#15

got it… the above

didn’t work

#16

Also creting the php.ini , its removed as i deleted the site.this showed up after refresh


Also the caching plugin crashed after it

#17

I told as per this article. Please contact host for rest all issues.

#18

lol my site is crashed again
@GulshanKumar
please help sir

#19

Your website is loading fine.

The only thing I see that you have turned on Debugging. So it is showing some PHP *warning related to plugins. That’s completely normal. You should keep it turned off to hide it.

define( 'WP_DEBUG', false );

As written in the article, step 9.

#20

Also i checked gtmetrix today i got this http://prntscr.com/nlzu8y can you tell me why is it showing so and how to fix it?

#21

Sorry, I have no idea about it. That is not related to WordPress or this topic.

#22

No that is false only sir, the issue comes when i add the extension and gets removed as i remove it…
Is it something with sg optimizer or caching causing issue>

1 Like
#23

Good to know. It is default settings for it and it should be.

Please delete that php.ini file, do not try to implement yourself.

You can post to your hosting team. They can suggest better approach for it.

https://siteground.chat-assistance.com/chat

#24

Got it. Already done, they said its common issue with many clients today, they will update a fix soon. Till then just hold on the same

1 Like