You hate slow websites, your visitors do too.
Studies have shown that 47% of users expect pages to load in two seconds or less. Also, they found that 40% of users will abandon a website completely if it’s taking 3 seconds or more.
It’s not just users, Google also uses page speed as a ranking factor when deciding which order to place websites in the search results. Slower pages equate to worse rankings.
Take a moment to test your website using this tool – https://tools.pingdom.com/
Run two tests, one on your homepage and another on an inner page. I recommend two tests because the homepage is usually the most complex page on any website and not a good representation of the website as a whole.
For media-heavy pages which feature a lot of images or video, your target should be 2 seconds and below. For pages that are mostly text (like this one) you should be looking for closer to 1 second.
If you are falling short of those targets then the information below is going to be very valuable to you. On the other hand if you already have a fast website you might still benefit from the information – a study for Walmart found that for every 100 ms of improvement, they grew incremental revenue by up to 1%.
A Different Approach
Most lists on “how to speed up your website” are effectively a collection of twenty-plus best practices thrown together with no consideration given to a) the work required to implement the recommendations, or b) the impact of each recommendation.
The problem is that without any context on the amount of effort required and the potential impact you can’t make an education decision on which recommendations to prioritize. You could spend hours implementing a recommendation that increases speed by 1% while ignoring another that could have been done in less time and have a much larger impact.
That’s why I’ve taken a different approach in this guide. Recommendations are first organised by impact, then difficulty.
High and Medium Impact recommendations will give the biggest bang for your buck and that’s where you should start. Only once those recommendations have been explored should you consider the Low Impact items.
A Helping Hand
There are two premium plugins which you can use to automatically implement 80% of the recommendations, potentially saving you hours of work. They are not strictly required to implement any of the below, but they will save you a lot of time compared to the modest cost.
1. WP Rocket is a caching plugin, but unlike most of it’s competitors it doesn’t require a ton of set up and configuration to reap the benefits. In fact WP Rocket reports that you will get 80% of the optimization just by enabling the plugin, without any configuration.
WP Rocket is the only cache plugin which integrates more than 80% of web performance best practices even without any options activated.
2. Perfmatters is a lightweight performance plugin that enables you to implement 20+ performance optimizations in just a couple of clicks. As you will discover in this guide, it’s possible to achieve the same outcome by piecing together free plugins. But for a low cost ($25) you can have one plugin handle everything, and have the peace of mind that the plugin is backed by an experienced development team with a focus on optimization.
How To Speed Up WordPress
I’ve grouped the recommendations by impact (high, medium, low and none) and then ordered each group by difficulty. As you will see there are only a few things you can do that will have a high impact and most of them are difficult to implement. While that may not be encouraging to hear, it does reflect the honest reality of website performance which many other guides choose to omit.
- A Different Approach
- How To Speed Up WordPress
- High Impact
- Medium Impact
- Implement Static Caching
- Use a CDN (Content Delivery Network)
- Optimize Images
- Lazy Load Images
- Optimize Font Performance
- Combine HTTP Requests
- Low Impact
- Enable GZIP Compression
- Minify Assets
- Clean The Database
- Remove Query Strings
- Disable Embeds
- Disable Emoji
- Host Gravatars Locally
- Disable or Limit Post Revisions
- Delete Old Post Revisions
- Use Resource Hints (Prefetch)
- Audit Your WordPress Theme
- Little or No Impact
- Update WordPress
- Disable XML-RPC
- Remove WordPress Version Meta Tag
- Remove wlwmanifest link
- Remove RSD link
- Remove WordPress Shortlink
- Disable RSS feed
Keeping your PHP version up to date is important for security and the smooth operation of your website. It also brings substantial performance improvements – roughly speaking PHP 7 is twice as fast as its predecessor PHP 5.6. That doesn’t mean your website will be twice as fast if you upgrade from PHP 5.6 to 7 as there are other factors at play, but it should make a considerable difference.
One thing to be wary of is that PHP upgrades can include “breaking changes”, which means that if your theme or plugins contain code that hasn’t been tested with the latest versions it can cause problems.
Don’t let that dissuade you from upgrading to a modern version of PHP, the security and performance benefits are too great. Instead, research what options your host offers to mitigate the risk. Nowadays most hosts offer staging environments which allow you to test any changes safely. Also, since version 5.2 WordPress has also included Fatal Error Protection to reduce the risk of code errors bringing down your site.
Use High-Performance Hosting
Your choice of host will have a bigger impact on your site speed than 90% of items on this list.
If your hosting server takes an extra second longer to load your page than an alternative would, then there is no way you can overcome that with any of the recommendations below.
Unfortunately it’s also one of the hardest things to change. Many people are technically or contractually tied to their existing host. Some hosts (including Kinsta) offer a free migration service to help ease the technical difficulty of changing hosts.
In hosting you get what you pay for. Managed hosts (Kinsta, WPEngine, Pantheon) are more expensive but usually faster than the low-cost shared hosts (Siteground, Bluehost, Hostgator). I personally recommend Kinsta and Siteground to all my clients as in my experience they are the best in their respective price points, both in performance and support.
Limit Third-Party Scripts
A third-party script is one which connects to an external website or service and then executes code on your website. Google Adsense is a popular example.
The problem with third-party scripts is that your page speed is at the mercy of the provider. If they are taking three seconds to complete the request then your page will take three seconds longer to load.
There are ways to reduce the impact that third-party scripts have on your website. However, many third-parties, especially advertising networks, are very explicit in how they want you to implement their code. They tell you exactly where it must be placed and which code should load before or after it, which severely limits the steps you can take to reduce the performance impact.
Rather than trying to optimize the scripts, it’s more productive to check if you need them at all. It’s not uncommon to have lingering scripts that you are not using but haven’t removed yet. Common examples include:
- Tracking Scripts
- Advertising Scripts
- Social Network Embeds
At the start of this guide I told you to test your using perform a speed test, if you scroll down on the results page you will see a table detailing all the requests your page made. You can order the table by Load Time (descending) to see which requests are taking the longest. By identifying which requests are taking the longest you can audit whether they are required at all. If they are then speak to the provider to see if there is any way to optimize the delivery.
Audit Your Plugins
Most WordPress plugins are not built with performance in mind. Instead they are built and marketed around adding features and functionality to your website. Performance is a secondary consideration at best.
This means that for maximum performance you need to carefully audit each plugin you add to your website and assess the impact it is having.
- Is it adding third-party requests to the frontend?
- Does the frontend seem slower when it’s activated?
- Does wp-admin seem slower when it’s activated?
Unfortunately in WordPress there isn’t an easy way to see which plugins are slowing your site down. There are tools than can help but they are most for professional users, Debug Bar and New Relic are two examples.
A non-technical way to assess the impact of each plugin is to disable all plugins, perform a speed test and then re-activate them one at a time, making a note of the performance each time.
Implement Static Caching
There are two main types of caching: browser caching and static caching.
Browser caching is mostly handled by the browser and fairly optimized, so we worry about that for now.
Static caching on the other hand can result in huge performance gains when implemented properly. That’s what we will be focusing on.
Some background: WordPress builds your pages from a combination of template files (header, footer, etc.) and content from the database (post content, menus, comments, widgets, and so on). This process is called “dynamically generating” the page and is repeated for each pageview. On the server level it’s an expensive process, that’s why when you ask the server to do it hundreds of times at once (a traffic spike) your website can crash.
A more optimized solution is to build the page once, store it in an efficient format (static HTML) and then serve that file to every visitor, instead of dynamically generating the page each time. On a basic level that’s an explanation of what static caching is.
Static caching has two benefits. The first is that it makes your pages quicker to load as there is less work for the server to do. The second benefit is that because the server isn’t working as hard it can serve more visitors at once. That means with static caching your website is both faster and better equipped to handle high traffic events.
Adding a static cache to your website is as simple as enabling a plugin. I recommend either Cache Enabler (free) or WP Rocket (Premium). Some hosts also offer their own solutions – Siteground has a plugin and Kinsta features a built-in caching-system.
Use a CDN (Content Delivery Network)
Like caching, CDNs can cause confusion because there are different solutions using the same name. One feature all CDNs share is that they have servers scattered across the globe which they can distribute your content from. In comparison your website is likely hosted on one server in one place (example: San Francisco, USA).
The Cloudflare network spans over 200 cities in more than 100 countries.
Proximity matters when measuring page speed, if a user is located in Europe but your server is in the USA, then it will take longer to load that page than if the same user was in the USA (all else being equal).
Reverse Proxy CDNs offer much more than just the hosting of your static files. They also provide security by acting as a guard between your website and potential attackers. By checking traffic before it hits your server they are able to eliminate a lot of bot and malicious traffic. Cloudflare is the most well-known example of a reverse proxy CDN.
Cloudflare’s 51 Tbps network blocks an average of 72 billion threats per day, including some of the largest DDoS attacks in history.
Unless your host has a CDN built-in (like Kinsta does) then your best bet is to use Cloudflare. It’s completely free and the set up is fairly simple. You just need access to your domain registrar account to change the nameservers.
Images imported from cameras, mobile phones and stock photography websites are often super high quality and multiple MBs in size, which is big in website terms. However, in most cases they can be compressed to less than 30% of their original size without any noticeable loss in quality.
There are two ways to optimize your images. The first option is to use an online tool such as tinypng.com to optimize images individually before you upload them to WordPress. The second option is to use an image optimization service which performs the optimization automatically whenever you upload an image to WordPress.
An added benefit of the second approach is that you can also optimize all your pre-existing images with the click of a button. If you are going to go down this route I suggest looking into ShortPixel. They are free for up to 100 images per month and their paid plans start at just $5/month for 5000 images.
Lazy Load Images
Images are usually the heaviest elements (in KBs) on a page. Especially if you use a lot of them. Lazy loading is the process of not loading images until they are on or near the visible part of the screen.
Lazy loading has proven to be a worthwhile strategy for improving performance, so much so that browser companies are now beginning to implement the functionality directly into the browser.
Optimize Font Performance
Fonts are an example of a third-party request, a topic we’ve already explored. However, they are a particularly big request, especially when used incorrectly, and require a different method of optimization. So I’m covering them separately.
In the past I’ve wrote extensively on how to optimize Google Fonts performance. Here’s the short version:
- Remove unnecessary font requests using this plugin – https://wordpress.org/plugins/disable-remove-google-fonts/
- If you are going to use Google Fonts then add them using Fonts Plugin as it’s built with performance in mind.
- Remove font variants that won’t be used using Selective Font Loading.
- Host the fonts locally so you are not reliant on Google’s third-party server.
Combine HTTP Requests
In the past it was the case that the browser could only process a limited amount of requests at once and the rest would wait in a queue. This limitation meant that the number of requests was causing a bottleneck, not just the size of each request.
Request size does directly affect load time but combining HTTP requests isn’t related to that so we won’t be exploring it here.
This led to an optimization technique called “combining requests”, where you would combine all of the .css/.js files into one (bigger) .css/.js file and reference that in the code instead. Additionally, the combining process could be easily automated using a plugin.
Nowadays most websites and servers support a protocol called HTTP/2 which doesn’t limit simultaneous requests and can instead process them all at once. This mostly negates the need for combining requests. A better solution is to work on removing unnecessary requests entirely and minimizing the size of the remaining requests.
Enable GZIP Compression
GZIP is an effective form of compression that happens on the server-level. 50%+ reductions in size are not uncommon when enabling GZIP. The great news is that most hosts enable GZIP by default. Even if you are on cheaper shared hosting, there are usually simple ways to enable GZIP compression, ask your host about this.
Clean The Database
Some plugins interact with the database at all, but many do. Generally speaking, the more complex a plugin is, the more interaction it has with the database. WooCommerce for example stores a lot of information in the database and has its own table.
The more data that is stored in a database the bigger it becomes in size. The bigger the database is, the longer each interaction (query) with it takes. Large databases and complex queries can easily add multiple seconds to your page load time.
As your website grows and there is more data to store it’s inevitable that the database will grow, but what we don’t want to do is fill it with unused, unnecessary or expired data.
Here are some examples of data that can increase the database size without providing any benefit:
- Spam Comments
- Old Post Revisions
- Plugin Logs
The best plugin I’ve found for cleaning your database is Advanced DB Cleaner (free). It allows you to perform the basic cleaning tasks in a click and also explains each option so you can understand what is happening under the hood.
Another useful feature is that the plugin displays the size of each database table so you can see if any are spiralling out of control.
Remove Query Strings
The problem is that if the original file on the server changes there is no way for the browser to know and it will keep using the out of date version from the cache (until the cache is cleared or expires).
Query Strings solve this problem by appending a version number to the end of the file, like this:
When the code updates, the version number increments and the browser knows that using the version from the cache will no longer be valid.
This creates a new problem. Some CDNs are unable to cache files with query strings – thats why most speed test tools recommend you remove them.
WordPress includes a small script on each page that automatically embeds supported content when you paste a link to it. An example of this would be Tweets or Facebook posts. The script is named
wp-embed.min.js and while it’s small, if your website doesn’t utilize embeds then there is no need for the extra HTTP request.
WordPress includes a small script on each page that increases the compatability of emoji. The script is
wp-emoji-release.min.js and while it’s small it’s still unnecessary for most websites as they don’t use emoji.
Host Gravatars Locally
Gravatar is the service that WordPress uses to display personalized author and commentator avatars. Without Gravatar avatars would be impersonal place holders.
Gravatars are implemented in an optimized way by default, the images themselves are compressed and they use DNS prefetching.
Gravatar can add a lot of external HTTP requests to your page. For example if your page has 100 comments then that is 100 requests to the Gravatar API to retrieve them.
Ultimately it is up to you to decide wether it’s worth the performance cost to show user avatars instead of placeholders. To disable Gravatars you can use a plugin, or to potentially achieve the best of both worlds you can lazy load the avatars using the Perfmatters plugin.
Disable or Limit Post Revisions
Post revisions are an excellent feature of WordPress. Each time you update a post or page, the previous version is saved as a backup. By default there is no limit to the number of saved revisions a post can have.
It’s not unusual for a post to have 10+ revisions. Now imagine if you had 200 posts, that’s 2000+ revisions in the database. Post Revisions aren’t free, they come at the cost of increased database size, which can ultimately slow down your website.
A better solution is to place a sane limit on revisions, 3 is a good starting point. WordPress will then only keep the 3 most recent revisions and automatically delete older ones.
Delete Old Post Revisions
When you lower the limit on post revisions, WordPress won’t automatically remove the existing revisions that exceed this limit. Instead you will need to use the tools I shared in the Clean The Database section to remove those.
Use Resource Hints (Prefetch)
HTTP requests are broken up into different stages. The first stage is for the browser to figure out where to retrieve the data from so it can connect to the external server, that’s called a DNS Lookup.
DNS Lookups are performed when the browser is ready to start the HTTP request. As we can see from waterfall graphs browsers don’t load everything at once, instead they load different parts sequentially.
Modern browsers support an optimization called ‘DNS Prefetching’ where instead of performing the lookup as the requests starts, you can preemptively perform all the Lookups as soon as the page begins to load. Initiating them right away (and all at once) means the browser doesn’t have to wait when it reaches that part of the process.
DNS Lookups don’t take a long time, usually between 0 and 100ms, so this optimization won’t have a massive effect, but it has no downsides so it’s worthwhile to do.
Some examples of resources you can prefetch:
- Tracking & Analytics
- Custom Fonts
Ideally the plugins responsible for the items above should handle the resource hints for you. In Fonts Plugin we add a DNS-Preconnect for fonts.gstatic.com and WordPress adds a DNS-Prefetch for gravatar.com. It is possible to implement your own resource hints using Perfmatters, but it’s highly-technical so I would avoid doing that unless strictly necessary.
DNS Lookups can be cached. If the browsers has already connected to a resource, Google Analytics for example, then a DNS Lookup will not be required next time the browser connects to the same resource, even on different websites.
Audit Your WordPress Theme
WordPress themes generally focus on the appearance of a website whereas plugins focus on functionality. As such there isn’t as much scope for damaging website performance. Although there are two exceptions:
1. Badly written themes
It’s hard to know if a theme is “badly written” without a full code review. Choosing themes from the wordpress.org/themes directory is a smart move as they have high standards for inclusion. Well-established theme providers like ThemeIsle, WPZoom and ThemeKingdom can also be relied on.
If you think your theme might be problematic, temporarily enable one of the default themes and see if your page speed improves. The default themes are very minimalist in code and features so provide a good baseline.
Little or No Impact
While it’s a good practice to keep WordPress up to date, there are not usually significant performance improvements between releases.
XML-RPC is a mechanism that facilitates the connection between applications and WordPress. Mobile writing apps that can publish directly to your website are an example of a tool that uses this connection.
In more recent times the WordPress REST API has been favored for this use-case. However the XML-RPC protocol still exists for legacy reasons.
There is nothing inherently wrong with XML-RPC from a performance or security standpoint. However, it does leave the door open to potential DDOS attacks. If you are not using any tools or services that require it then it makes sense to disable it.
Note: The Jetpack plugin uses XML-RPC so you may need to keep it enabled if you are using that plugin.
Remove WordPress Version Meta Tag
In the source code of your website WordPress outputs a line of code denoting the version you are using, it looks like this:
<meta name="generator" content="WordPress 4.9.15" />
Some people consider this a security risk, as it makes it very easy for
Remove wlwmanifest link
The wlwmanifest link is a meta tag that tells the Windows Live Writer software how to interact with WordPress. It looks like this:
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="https://fontsplugin.com/wp-includes/wlwmanifest.xml" />
If you don’t use Windows Live Writer this meta tag is useless, but there isn’t any benefit in removing it from a performance standpoint either.
Removing the wlwmanifest link is as simple as flipping the switch in Perfmatters:
Remove RSD link
The RSD (Really Simple Discovery) link is another WordPress feature that is added by default but very few people use.
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://outstandingsetup.com/xmlrpc.php?rsd" />
Remove WordPress Shortlink
By default WordPress creates a shortlink for every page on your website which redirects to the full URL. For example this page is
https://fontsplugin.com/speed-up-wordpress but you could also use
https://fontsplugin.com/?p=9586 to access it instead.
WordPress references the shortlink in the source code of your website like this:
<link rel='shortlink' href='https://fontsplugin.com/?p=9586' />
Disable RSS feed
Every WordPress website has a built-in RSS feed at
/feed, ours is
RSS Feeds can be used by readers to effectively subscribe to your website using a ‘Feed Reader’. They can also be used by software that needs to retrieve a simplified version of your content. For example tools that repost your content to Facebook.
At the start of this guide I set you some load time targets: one second (or less) for text-based pages and two seconds for media-heavy pages. If you focus on implementing the recommendations in this guide I’m confident that you will have no problem reaching those numbers.
This post contains affiliate links. When you buy through links on our site, we may earn an affiliate commission. This does not affect our recommendations in any way. We only recommend products we use and love.