For the UNF Faculty Template WordPress installation we have selected a few plugins that will come in handy right away. Below is what the Plugin page should look like after you have installed the Template:
Descriptions of the installed plugins:
- Akismet – This is the standard anti-spam plugin and will help you keep your site tidy and relatively spam-free. This plugin will automatically recognize unwanted comments on your blog as spam and filter them out. Unfortunately, blogs are kind of like email accounts. People (spam-bots) try to add comments to your website so they can get more links to their site. Spam blockers like Akismet help to automate the management of blog spam. It will even learn from the spam you get and refine itself so you’ll more easily remove unwanted spam and let legitimate comments through – with your approval of course. You can read more about blog spam in the article How to Identify and Control Blog Comment Spam. Akismet is free to use for non-commercial purposes. You’ll need what’s known as a API Key (kind of like a license code) for to use Akismet.
- Cookies for Comments – This is a plugin that essentially checks to see whether a commenter on your website is a spam-bot or not. A spam-bot (spam robot) will look for an easy way to submit a comment. Cookies for Comments will help detect a spam-bot and immediately move the comment to the spam area. In concert with Akismet this plugin helps eliminate dealing with spam comments. For more information, read the article How to Reduce WordPress Comment Spam with Cookies for Comments.
- Limit Login Attempts – So not only are their spam-bots out there, but also bots that try to gain access to your site. They’ll try to guess your username and password multiple times to see if they get in. That is why you first need to use a strong username and password. Limit Login Attempts will then limit the number of tries you have to get the username and password right. So you might think, well if people are trying all sorts of usernames and passwords on my site this we’ll prevent me from logging in right? No, because it checks what computer on the Internet is trying to access the login. It checks to see what IP address (the unique computer Internet number – every one is unique) the login is coming from and allows a total of 4 tries before it locks out the ability to login. This plugin, along with strong usernames and passwords, Really Simple SSL (below), and the Wordfence Security plugin (also below) will keep you site very secure.
- Really Simple SSL – Hackers either try to guess at logins or they try to capture information as it travels over the Internet or WiFi connections. Really Simple SSL will add strong encryption to your site to make it secure. In other words hackers won’t be able to look at streams of data trying to find usernames and passwords (or credit card & social security numbers) embedded in that data. It sets up a private connection between your visitor and your website, that way the visitor can be confident that any information they submit won’t be intercepted. This is obviously most important for sites that are selling things and taking credit card and other information. It will also help your Google search engine ranking. Visitors must use a web browser that supports SSL and HTTPS, but all the modern browsers do. You can read more about Why HTTPS Matters and How to Use SSL and HTTPS with WordPress.
- Subscribe To Comments – Subscribe to Comments is a plugin that enables commenters to sign up for e-mail notification of subsequent entries. This allows you to be notified if there is further conversations about a blog post.
- Wordfence Security – This is a multipurpose security plugin. This free version provides basic protections from hackers and detects various security issues on your site. It notifies you which IP addresses are trying to gain access to you site, and allows you to block those addresses. The Introduction to WordPress Security article, and the WordPress Security Learning Center are great resources for keeping your WordPress site secure.
- WordPress Importer – This plugin will allow you to import WordPress content (posts, pages, comments, etc.) from one WordPress site to another. For example, let’s say you’ve had a WordPress.com site for a while, but now you want to take advantage of the additional capabilities that a hosted WordPress site offers. You would export your content from your WordPress.com site, and then install the full WordPress software using your web hosting company, and then import your content into the new site.
One more plugin that we highly recommend is the JetPack plugin. It is a Swiss Army knife plugin that provides lots of capabilities for managing your site. We don’t install it by default because it does have a lot of moving parts, and so it’s best installed after you have used the WordPress system for a little while. We’ll have a separate document to describe some of its capabilities soon.
Finally, it is a good idea to have a WordPress.com account if you don’t have one already. You’ll need it to activate the Akismet plugin, and will be necessary to use the JetPack plugin as well.