Optimization – Basics

This post contains basic outline for optimization tips and common tasks that are needed usually. They might not apply to all websites though!


Before optimization, it’s important to evaluate your site for load time and other metrics. Load your site on these test sites, at least twice, and take a screenshot before you start the optimization:

  1. Google PageSpeed (official domain only, not any third party)
  2. Gtmetrix
  3. Pingdom
  4. WebPageTest.org


Some optimization tasks specific to WordPress include:

  1. Install WP Server plugin to see the server load
  2. Turn off WordPress heartbeat by using any plugin like heartbeat control
  3. Setup W3 Total Cache
  4. Configure CDN (amazon cloudfront for example)

Server Side Cache

Caching and optimization can never be complete without server side caching. Make sure each server has these enabled:

  1. Memcached or Redis Cache
  2. Opcode cache

Both have a different task and are necessary for optimum performance.

If they’re not available on your server, ask your server guys to configure it for you or let me know.

SSL optimization and issues

Check the ssl errors, especially for insecure content within your SSL pages, here: https://www.whynopadlock.com/

Make sure that SSL works fine, that all non-ssl pages get redirected to ssl ones and that the ssl ones have a proper padlock with no insecure content warning in them.

If on WordPress, install this plugin: SSL Insecure Content Fixer

Images optimization

Optimize the images to improve the PageSpeed score and also to reduce the server load and page load time, by:

  1. Crop and resize the images to the required dimensions and then use on the website
  2. Preferably use .jpg images. Converting .png to .jpg might cause some images to distort that’s why don’t do it automatically and always check your converted images before using them
  3. Compress your .jpg images before using them. Some images might work very well even by loosing 50% of their quality or more.

Load minimum number of files

Do this by reducing the number of files linked to each page as resources, including css, javascript and images.

However, further reduce this by using these where ever possible:

  • Lazy load
  • Defer loading (for both images and javascript)
  • Async loading

Load fonts through CDN

This might sometimes give issues due to CORS policy of not allowing the fonts (like fontawesome) to be used cross domain. Solve this by using the code for apache or nginx, whichever is being used by your server:

# Apache config
<FilesMatch ".(eot|ttf|otf|woff)">
	Header set Access-Control-Allow-Origin "*"

# nginx config
if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)$){
	add_header Access-Control-Allow-Origin *;

For WordPress, install htaccess editor plugin to edit the htaccess file from the wordpress admin panel dashboard.

Loading all files through CDN

There are various ways to do that, but it’s important to load as many files from cdn as possible, static ones of course!

However remember to purge the files from the cdn whenever you change any file without changing their filename on your origin server.

Reduce bruteforce and DDOS attacks

This step is important while optimization your site, even if just for speed and performance and not for security (which you should though!).

The extra bruteforce and DDOS attacks are real time hits on your server and put extra load on it, making it unable to provide best timing and performance to the genuine visitors and customers to your website.

Prevent these by:

  • Applying .htaccess based server side login approval on login pages (preferred if you don’t allow non-admin users login)
  • Prevent logging attempts on nginx by limiting the direct access to the login path
    • For WordPress, use Theme My Login plugin (and then limiting the direct access to wp-login.php file)
  • Use security layers like cloudflare or sitelock

Check your site after optimisation

Always check the site for all common tasks after optimization is complete, even if you’re 100% sure that nothing would have broken during the process.

If you have any queries or issues, please let me know.

Leave a Reply

Your email address will not be published. Required fields are marked *