Once you’ve got these things sorted you can start on the actual installation & configuration. Here goes.
Installation & basic configuration
- Follow ‘The Famous 5-Minute Installation’ guide written by the WordPress guys. There’s no point reproducing or rewriting this here – these instructions are as good as they come. This will get WordPress running. During this step I highly recommend editing wp-config.php and changing the $table_prefix to something other than wp_ – if you don’t the security scan plugin coming up will say you should’ve changed it … by then it’s too late without causing yourself some pain.
- Make sure your WordPress site works – all you should see at this point is the default ‘Hello World’ post and a single comment on that post.
- Delete the single existing comment and the ‘Hello World’ post – you don’t need them.
- Under Settings > Users setup a user account for yourself. Note that this username, depending on your theme choice, will be the author of any posts you write while logged in (assuming you don’t force the author name to be something else). For this reason you should decide now if you want it to be capitalised or not (mine is as my username is my name).
- Optional but recommended: If you know how to, use phpMyAdmin to change the login name for the default WordPress ‘admin’ account. This is a recommended action for increased security only. The table you’re looking for in your database is the $table_prefix setting mentioned above plus _users. E.g. if your $table_prefix is the default ‘wp_’ the table would be called ‘wp_users’.
- Extract the theme you downloaded earlier and upload it to /wp-content/themes/. Alternatively you can use the ‘Add New Themes’ link in the WordPress Dashboard but I’ve had issues once or twice with this. For that reason I always install themes via FTP.
- If your theme requires additional plugins upload them to /wp-content/plugins/. The Elegant Themes themes, in most cases, requires accompanying plugins. Make sure you upload and enable them before you enable the theme.
- If you haven’t already you can enable your selected theme now.
The list below is a list of the plugins I currently use on Digital Formula and that I think most blogs should have. It doesn’t contain plugins that I use specifically for this blog. Your list may be different – that part is up to you. Note that I’m not linking to any plugins as plugin authors sometimes change the location of their plugins. To find them you only need to use the ‘Add New’ link under ‘Plugins’ in the WordPress dashboard.
- Akismet. This plugin comes with WordPress and is basically the world-standard for WordPress comment spam protection. For it to work properly you’ll need to register a user account on WordPress.com and get an API key – choose the ‘Just a username, please.’ radio button near the bottom of the sign-up form otherwise you’ll be creating an entire blog, too. Once you’ve registered you can go to http://dashboard.wordpress.com/wp-admin/profile.php to get your API key – it’s near the top of the profile screen.
- cforms II by delicious:days. This is the best plugin I’ve found for creating custom contact/feedback/whatever forms I’ve seen yet..
- FeedBurner. This ties into the RSS feed links for your blog and allows you to manage all your feeds from one place as well as see how many subcribers you’ve got.
- Google Analyticator. Who doesn’t want to know how many visitors they get? Go to http://analytics.google.com, follow the easy-to-use sign-up instructions and note down the UA code. Install the Google Analyticator plugin and, in the settings page, paste the UA code you noted down a few minutes ago. Simple.
- Google XML Sitemaps. Again, pretty much the standard for making sure search engines can crawl your site effectively.
- Platinum SEO Pack. Maximises SEO (Search Engine Optimisation, sorry for my non-US spelling) and makes sure your site is as “find-able” as possible.
- SI CAPTCHA Anti-Spam. Another excellent plugin by Mike Challis. This one adds CAPTCHA functionality, by default, to your comment forms to try and minimise web bots sending you comment spam.
- WordPress Database Backup. Excellent backup plugin by Austin Matzko that allows you to carry out scheduled database backups and save them to your server or have them emailed to an email address of your choice.
- WP Security Scan. This one’s for scanning your WordPress installation to make sure it conforms to recommended security settings. If you didn’t change the $table_prefix in wp-config.php and rename the default ‘admin’ account as recommended earlier in this article, the WP Security Scan plugin will let you know in no uncertain terms that you SHOULD HAVE. It will also say that you should have an .htaccess in /wp-admin – go ahead and make one then upload it. There may also be some recommendations about setting file permissions on the various directories within your WordPress installation – I always change these but that sort of change is up to you.
- Yet Another Related Posts Plugin (YARPP). Does what it says – displays related posts when you view any post on the site.