Part III: WordPress Setup

As I am operating my localhost server on a Mac operating system, I am unable to install the Windows-only Instant WordPress application. Instead I installed XAMPP, an open source web server solution package consisting of the Apache HTTP Server, MySQL database, and PHP and Perl script interpreters. Following this, I added the WordPress module by Bitnami to enable me to create a local WordPress website with XAMPP.

By establishing a local server environment on my computer, I can save time if I were to regularly test and develop themes and plugins.

After installing XAMPP, I opened and ran the MySQL Database, ProFTPD, and the Apache Web Server. I accessed the phpMyAdmin interface and created a database named ‘wordpress’.

Once the WordPress module is unzipped, I placed the ‘wordpress’ folder into the ‘htdocs’ directory of my XAMPP application (in my case, it was located in C:/xampp).

Next is the installation of WordPress. I typed in the following URL to a new browser tab: http://localhost/wordpress.

I filled in the form as required for the successful installation of WordPress on my localhost server. From them on, I could access the Dashboard for my new CMS-powered WordPress site.

Secure your WordPress installation against spam, hacking and hardware failure

Securing WordPress installation against spam, hacking and hardware failure can be done by installing the right plugins.

Plugins are readily available from the website. After downloading each plugin, the folders are unzipped and placed into the ‘plugins’ folder of the parent ‘wordpress’ directory within ‘htdocs’. In my case, the ‘plugins’ folder is located in C:/xampp/xamppfiles/htdocs/wordpress/wp-content/plugins.

The next step is to access the Plugins page in the localhost WordPress dashboard (http://localhost/wordpress/wp-admin/plugins.php). The security plugins can be activated directly from that page by clicking on ‘Activate’ on each required plugin.

I downloaded and installed the following plugins for added security to my WordPress website:

All in One WP Security and Firewall:

This plugin reduces security risks by checking for vulnerabilities and by enforcing the latest recommended WordPress security practices. It allows users to apply firewall rules without breaking the functionality of their websites.

The plugin features a number of protective measures, including:

  • User accounts security
  • User login security
  • User registration security
  • Database security
  • File system security
  • htaccess and wp-config.php file backup and restore
  • Blacklist functionality
  • Firewall functionality
  • Brute force login attack prevention
  • Whols lookup
  • Security scanner
  • Comment spam security
  • Front-end text copy protection
  • Regular updates and additions of new security features
  • Compatibility with mot popular WordPress plugins
  • Plugin support


Akismet is a popular plugin which checks comments against the Akismet Web service for spam content. It allows users to review the spam content under the website’s ‘Comments’ admin screen. As of June 2015, the plugin has been downloaded over 31 million times.

The major features of this plugin include:

  • Automatic checking of comments and filtration of suspicious content
  • Provision of status history with each comment caught or cleared by Akismet or site moderators
  • Exposure of hidden or misleading links by showing URLS in the comment body
  • Displaying approved comments for each user
  • Discard function that allows the site moderator to block the worst spam, which saves disk space and increases site speed

Login LockDown

Login LockDown records the IP address and timestamp of each failed login attempt. If the plugin detects that there are a number of failed login attempts within a short period of time from the same IP range, then the login function is disabled for requests originating from that IP range, thereby preventing brute force password discovery.

Configure WordPress option and theme

The WordPress dashboard allowed me to make many modifications to the layout and look of my website.

By installing a theme, I am able to drastically change the appearance of my website to suit my needs. For my website, Bazaar Ceramics, I have chosen the Stay theme for its simplicity, emphasis on displaying large images, and for its ease of use and navigation.

The installation of the Stay theme, or any other WordPress theme is similar to the process of installing plugins. I downloaded the theme from, unzipped the file, and placed the corresponding folder in the ‘themes’ WordPress folder, as opposed to the folder titled ‘plugins’. The address of the folder for my computer is C:/xampp/xamppfiles/htdocs/wordpress/wp-content/themes.

The next step is to access the Themes page in the localhost WordPress dashboard (http://localhost/wordpress/wp-admin/themes.php). The preferred theme can be activated directly from that page by clicking on ‘Activate’.

Connecting WordPress to services and social networks

There are many ways to promote your WordPress website to social networks.

One way is to use the ‘Publicize’ function, which can be found under ‘Settings’ in the Dashboard. Publicize allows users to connect their blog or website to popular social networking sites and automatically share each new post with their social media connections or followers. Users are given the option to ‘Connect’ to Facebook, Google+, Twitter, LinkedIn, Tumblr, and/or Path.

Publicize in 'Settings'.  Source: WordPress.
Publicize in ‘Settings’. Source: WordPress.

Adding sharing buttons can promote users’ blogs and websites, by allowing visitors to share posts. Also found under ‘Settings’, some of the available services include:

  • Email
  • Print
  • LinkedIn
  • Reddit
  • Tumblr
  • Pinterest
  • Pocket

Improve and test the performance of your WordPress installation.

Regularly removing unnecessary themes, plugins, and other content is one of the means to enhance WordPress performance. Installing certain plugins can improve website performance.

For my Bazaar Ceramics website, I installed three  plugins designed to test or optimise WordPress performance and to improve SEO. They are the WP-DB Manager, WordPress SEO by Yoast, and P3 (Plugin Performance Profiler).

The WP-DB Manager  allows users to optimise, repair, backup, restore, and delete databases. It also supports the automatic scheduling of backing up and optimising databases.

WordPress SEO by Yoast takes care of all the technical optimisation in publishing WordPress content. It assists the user with writing better content.

P3 (Plugin Performance Profiler) creates a profile of the user’s WordPress site plugin performance by measuring the impact of plugins on the site’s load time.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: