Welcome to the continuation of my Wordpress Website Overhaul Part 2. If you haven't read part 1 you can go here to read it. In part one I spoke about getting the right theme and removing the plugins that you really do not need. Of course that can be subjective, but you do need to take a hard look at what plugins you just don't need. I am a register DISQUS user and was using it on my site. However, I really don't do that much commenting on the web and my site has very few comments (not that I don't get a lot of comments in the spam bucket that I delete). Of course the amounts of comments I get can change, but thinking about it, I really didn't need to be using DISQUS and of course it was adding to my site load times. I am now using the WordPress comment system and do not require registration. That can add to the spam on your site and the need for additional plugins to control. I felt that not requiring registration makes it easier to comment and more visitor friendly so for me that is the best route to take. I know a lot of people debate what comment system is best and it is probably more of a personal option and choice more than anything else.
The next thing you really need to consider is how to protect your site from the evil of the world. You don't want to host viruses, link to shocking sites, participate in pyramid schemes or have your website host shut you down! Like it or not you should try to lock your site down. Make your login password secure and look at plugins that can help keep access to your site secure. I use Login LockDown "Adds some extra security to WordPress by restricting the rate at which failed logins can be re-attempted from a given IP range". There are other plugins that you can look at and determine which is best for you.
For spam I use several plugins and most likely this is something that I will look at from time to time and perhaps try a few new plugins. I currently use;
- AVH First Defense Against Spam
- NoSpamNX (update: after 2 month Akismet and AVH have caught everything and NoSpamNX hasn't been needed/hasn't caught anything. I deleted it on 4/4/2013)
I also have a few other plugins related to security;
- BulletProof Security
- Wordpress Firewall 2
Finally I use a couple of plugins to help control splogging and junk email.
- Fast Secure Contact Form - "Includes CAPTCHA and Akismet support to block all common spammer tactics"
- WangGuard - "Remove the generator META tag, checks for blocked domains, Verifies that an associated Mail eXchange (MX) record exists for the email domain"
I had a plugin that provide a system health/info display on my dashboard, but I could get similar information from the BulletProof Security plugin so I was able to delete that plugin and still get the info from BPS.
I recommend you take the time to look again at the plugins you are running and see if there is any overlap in the functionality they are providing you. Look at other plugins not installed and see if perhaps they are better suited for your needs.
Look for part 3 of my WordPress Website Overhaul series.