Checklist for WordPress install

After reading a post on weblogtoolscollection.com about checklists for WordPress installs.

Note: This list shows some pointers for your WordPress install, nothing else and, it is a subject to change.

Before installation:

  • Change table prefix to differ from the default one for your WordPress installation (wp-config.php file). To mitigate zero-day SQL Injection attacks.


After Installation:

  • To your theme, functions.php file, add (for security reasons):

<?php remove_action (‘wp_head’, ‘wp_generator’); ?>

  • To your .htaccess file (WordPress main directory) add (for security reasons):

Options All -Indexes

  • Edit permalinks to:

%category%/%postname%/

  • Delete WordPress test data: post, comment, page, links.
  • Rename default post and link category to one of your liking.
  • Create another admin level user, then rename or delete default WordPress user: admin (security reasons).
  • Add a robots.txt file to your WordPress root directory.
  • Post management:
    • By default WordPress saves every post revision. After a while that will take up much space and clog your database. It is possible to tell wordpress to turn of post revisions (wp-config.php):

define(‘WP_POST_REVISIONS’, false);

But, there are times you need that functionality.  To get most out of both sides I use GD Press Tools. Not counting other functionality: It allows to delete old post revisions on demand.