@byebyebaby 249779 wrote:
but do those plugins not slow down my website a lot?
Every plugin will degrade performance a little.
However given you’ve already been hacked, I’d be more concerned about taking steps to stop being hacked again and less concerned about a few seconds of extra load time, which can be reduced by implementing gzip compression for example.
This is not html!
Add it to your first line in your .htacess file.
[HTML]
# BEGIN Compress text files
AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/css text/javascript application/javascript application/x-javascript application/x-httpd-php
# END Compress text files
# BEGIN Expire headers
ExpiresActive On
ExpiresDefault “access plus 5 seconds”
ExpiresByType image/x-icon “access plus 2592000 seconds”
ExpiresByType image/jpeg “access plus 2592000 seconds”
ExpiresByType image/png “access plus 2592000 seconds”
ExpiresByType image/gif “access plus 2592000 seconds”
ExpiresByType application/x-shockwave-flash “access plus 2592000 seconds”
ExpiresByType text/css “access plus 6048000 seconds”
ExpiresByType text/javascript “access plus 2160000 seconds”
ExpiresByType application/javascript “access plus 2160000 seconds”
ExpiresByType application/x-javascript “access plus 2160000 seconds”
ExpiresByType text/html “access plus 600 seconds”
ExpiresByType application/xhtml+xml “access plus 600 seconds”
# END Expire headers
# BEGIN Cache-Control Headers
Header set Cache-Control “public”
Header set Cache-Control “public”
Header set Cache-Control “private”
Header set Cache-Control “private, must-revalidate”
# END Cache-Control Headers
[/HTML]
Next I’d recommend adding this to your htaccess file:
[HTML]
order allow,deny
deny from all
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ – [F,L]
[/HTML]
To save adding a blank html/php page to every directory, you can use this to prevent anyone seeing what’s in a directory. Bare in mind this can cause a 500 error as it doesn’t work on all hosting. So it’s a add it and check thing.:
[HTML]
Options All -Indexes
[/HTML]