You took the leap and installed WordPress to host your own blog because you want complete control over how it looks and works. Now, it’s time to power it up, lock it down and make your blog completely yours.
What You’re In For
With all the hype around cloud computing and no-configuration-required hosted services, you don’t hear about the joys of running great software on your own server very much. The fact is, if you’re just a casual user who doesn’t know if you’ll stick to blogging over the long haul, or if you don’t want to spend a little time maintaining WordPress, you should sign up for a hosted blog at WordPress.com or Blogger or TypePad. (Also, this tutorial is not for you.)
But if you’re willing to keep WordPress updated religiously, you get access to a whole world of WP plug-ins that add features to your site, the opportunity to create and tweak custom WordPress themes, and a huge sense of accomplishment. In version 2.8 and greater, keeping your installation up-to-date is a matter of clicking a link when you get notified to do so.
Everything you need to know about installing WordPress is right here. Got it up and running? Let’s get to customising.
Next up, configure how you want comments to work on your blog. Under Settings>Discussion, you can enable comments and set other advanced options, like whether or not users have to be logged into your site to comment, or if comments should automatically close on posts after a certain number of days, if user avatars show up, or what words in a comment should automatically mark it as spam.
Speaking of, spam comments is a ridiculously epic problem across the internet for all blogs, so how you set up comments will mean the difference between miserable hours spent gardening V14gRa and “check out my sexy webcam!!” comments or not. Coming from Lifehacker’s “must register to post here” model, I checked off “Users must be registered and logged in to comment”. If you don’t want to put up the registration hurdle in front of your commenters, make sure you install the Akisment spam-killing plug-in (more on that below).
WordPress Database Backup (Backup): Running your own server and database means that if things go wrong, it’s up to you to have a backup. This plug-in can email a full backup of your WordPress database on a schedule to an address you specify. I’ve had great success building my WordPress site locally with the backup this plug-in created; however, the other resident WP expert here on staff, The How-To Geek, recommends using the old-school cron job for “mysqldump -uUser -pPassword databasename > filename.bak” approach. No matter how you do it, to make sure you’re backing up both your blog’s database and files. It’s worth consulting with your blog hosting provider about the best way for you to do this, too.
FD Feedburner Plug-in (Feeds): Google-owned FeedBurner is a must-use for anyone who publishes RSS feeds, like your blog does. FeedBurner saves you bandwidth costs by hosting your blog’s feed and offers statistics about how many people are reading it; this plug-in will redirect your blog’s feed to FeedBurner for you.
WordPress.com Stats (Stats): See what posts are most popular using this up-to-the-minute statistics plug-in, right inside your WordPress dashboard. WordPress.com stats doesn’t count visits to your own blog, and unlike the richer Google Analytics service, there’s no day-long delay to see what’s happening on your site. To run this plug-in, you have to get a WordPress.com API key (it’s free) and enter it into the plug-in’s settings.
Search Meter (Stats): If you have a search box on your site, you’ll want Search Meter, a plug-in which shows you what readers are looking for and finding (or not) on your site. Search meter also offers widgets you can add to your site which shows readers what other readers are searching for.
WP SuperCache (Optimization): The first time a highly-trafficked site like Digg links to your blog, you’ll wish you had installed this plug-in, which maintains high-speed, database-call free “cached” copies of your WordPress pages on your server. Your site will run faster and won’t buckle under the strain of a lot of traffic if you’re caching it with this excellent plug-in.
Akismet (Comments Spam killer): Because comment spam can get so bad, WordPress now ships with the Akismet spam filtering plug-in. Since I’m requiring user registration to leave comments on my WordPress blog, I don’t have any experience with how good Akismet is (and haven’t had any spam at all), but word on the street is it’s absolutely essential for sites with open comments. Like WordPress.com stats, Akismet requires a WordPress.com API key.
Make Your WordPress Theme Yours
Once you’ve installed the theme you want by downloading the .zip file and putting it in your WordPress themes folder, you can dig into the CSS and markup and make it your own. WordPress offers a theme editor in its interface which lets you update files on the fly. While this is convenient, it’s also dangerous if you hit the wrong key, save the file, and don’t have a backup. My recommendation is to set up WordPress and your theme of choice on your own computer, edit it in your favourite text editor, and upload it to your live server when it’s perfect. I started my WordPress blog with Lucian Marin’s Journalist theme, and made it mine by adding colour to the header and tweaking how comments look.
If you’ve got patience and custom HTML you want to turn into a brand new WordPress theme, copy the default theme’s files into a new folder and get to hacking. The WordPress Codex is an invaluable resource for both starter reading and reference as you go. That is, when you get to the part where you’re thinking “WTF is wp_list_comments?”, Google it and you’ll find the function reference at the codex. It took me a full weekend of pretty intense theming work to get my first custom theme done and ready to go live, so give yourself some time, and most importantly, have fun with it. Here are some tips and links from my Twitter followers on creating a custom WordPress theme.
Sidebars and Widgets, Oh My!
Here’s a few more tips for advanced WordPress hackers who want to troubleshoot or try even more customisation:
- Use multiple custom sidebars: WordPress’ sidebar and widgets feature is very powerful and customisable; in fact, you can create and customise multiple sidebars or site zones to show up on different pages. (For example, the sidebar that shows up on a post page can look different than the one on the front page.
- Troubleshoot slowness and other problems with Firebug: Every web developer knows that the Firebug Firefox extension is absolutely essential when developing any site, and it’s true for WordPress, too. When my WP site went down because of multiple background 404’s doing resource-sucking searches, Firebug revealed the problem and so I knew how to fix it.
- Use tags to display content differently: You can use conditional tags to display different types of content on your blog in different ways, like a short link or big photograph. I use has_tag to display “quick links” with smaller inline headlines on my front page by assigning the tag “brief.”
- Set up a “staging” server: Once your blog’s up and running and live, you don’t want to make huge changes to it with the whole world watching. Set up WordPress on your local computer, hack away on your theme and/or plug-ins, then upload your changes when they’re complete and ready.
This post only scratches the surface of WordPress customisation possibilities. The good news is WordPress’ open nature and huge community means that you can find the answer to almost any WP question hitting up Google—or in worst case, asking the forums. Special thanks to the author of this CSS Tricks post who also writes the excellent Digging into WordPress, which I referenced for this post.
So what did I miss? What are your favourite WordPress tricks, hacks, themes, plug-ins, security measures, and widgets? Shout ’em out in the comments.
Gina Trapani, Lifehacker’s founding editor, loves herself a little WordPress hacking. Her feature Smarterware appears every Wednesday on Lifehacker.