For almost 20 years I tend to have been the go-to guy when people run in to software problems with their PC. Along that journey I have fixed a number of computers and helped bring them back up to speed and make them safe and secure.

The purpose of this post is to share with you the tools that I regularly use as well as the best practices that I have found relating to being secure when online.

This post is not a step-by-step way to clean an already infected and slow machine. Instead, these ideas are presented to help you be secure so that you avoid being infected by a virus or be the victim of a phishing scam.

Use OpenDNS

OpenDNS is a free service that is designed to protect your home network. There is no software to install for OpenDNS. Instead, you make a small configuration change on your router which means that any device connected to it wired or wirelessly will be protected from various websites which includes adult themed as well as sites aimed to steal information from you or install a virus on your PC.

There are two free options when signing up for OpenDNS. The first is OpenDNS Home which aims to make browsing the web faster, give parental controls to parents for children and provide phishing protection and identity theft protection. The second option is called OpenDNS Family Shield which does all that the Home service does but adds in blocks to adult websites.

Lets take a look at what OpenDNS does in more detail. Note that there may be other similar services. I just happen to like OpenDNS because it’s free and works well. If you know of another DNS service aimed to protect a PC then feel free to post a mini review in the comments below.

Blocking Websites and Phishing/ID Theft Attempts

The biggest risk you have when being connected to the internet are emails that you receive which appear to be from banks, Paypal, popular shopping sites like eBay, Amazon and even friends as well as websites that you visit that carry a virus or malware. OpenDNS attempts to tackle both these problems by keeping a 24/7 updated list of problem sites. With you installing OpenDNS on a router, the service automatically intercepts any call to a webpage that might be bad and serves you a warning page instead. This alone is a great way to stop malware or a virus from attacking your PC.

One of the services included for free with OpenDNS is Phishing Protection. Phishing is the term used where someone sends you a fake email from your bank and entices you to click through to a fake website and log in to your bank. Essentially, because the email is fake and it has sent you to an identical (but fake) website, you are not logging in to an online bank but instead are simply providing your username and password to someone else so that they can log in and have full access to your bank account. The same applies for PayPal, Amazon, eBay and many other services that are connected to your bank card. Although accessing your account just to steal money is mentioned above, it isn’t the only reason. Some fake bank emails just want you to visit a webpage so that your PC is infected with malware which can then use your PC to launch an attack on another system or steel files and all your keystrokes so they can get a lot more information from you.

The built in phishing service attempts to block these sorts of websites. It is backed by a company called PhishTank who collect real time information about scams and phishing attempts and add the bad websites to a block list. OpenDNS utilises this block list and if you click on a link, you should be lucky and see a warning telling you to go back. This service also blocks other forms of identity theft.

One bit of extra advice I’ll give here is that if your bank emails and gives you a link to log in and read something or check an option, do not use the link. Instead just go to the web browser and load up the webpage by typing in the URL (or using a book mark). If the message is important enough then after logging in, it will be presented to you. Do not click links in emails to Paypal, Amazon or your online bank unless you know for sure that it came from one of those organisations.

Windows Updates – Keeping your PC Patched

Moving on, the next subject is Windows Updates. One thing I regularly see when fixing friends PCs is the amount of Windows Updates that need to be installed. I’ve seen some cases where none were installed other than perhaps SP1 which came with the operating system. Windows Updates are easy to install on whatever Windows operating system you use. Assuming you have XP or above because Windows 2000/ME and older no longer qualify for security updates.

Make sure that you go to the control panel and Windows Updates and set them to be automatically installed when available. After doing that, run the Windows Update from the Start menu to make sure you are current with your updates. Installing updates will ensure that you are patched from all the known vulnerabilities. When I say updates, I mean all critical updates such as service packs and other individual updates.

Software Updates

As well as Windows Updates, it is worth also checking updates for all of your software. The majority of software has a link, usually within the Help menu, that allows you to check for updates. Office occasionally gets updated to fix vulnerabilities in Outlook as well as other software. Keeping your software current helps prevent malicious attacks from hitting your PC.

I mentioned software updates here. With that, always make sure you are running one of the latest supported web browser. I recommend Chrome or Firefox and then when you are notified an update is available, install it. Using an out of date browser is a high risk as a number of scripting type attacks can be done which will allow unwanted software to be installed. By using the latest versions of your browser, you help prevent malicious websites from installing software you don’t want. That is of course if OpenDNS hasn’t already prevented this from happening. Either way, it’s still best to use the latest software and even more so when it comes down to the web browser.

Virus Scanners

Installing a virus scanner is usually mandatory for most people. I know a few who don’t use virus scanners as they are experienced in noticing and quickly fixing issues, but for the 99.9% of the rest of PC users, this is pretty much a given. Luckily there are some free options out there from the likes of AVG which will provide some decent protection to your PC. Although you can prevent a large amount of attacks coming to you by implementing OpenDNS and running the latest software, there’s still a risk there. If AVG is updated regularly by the user, it provides another protective barrier and can prevent the virus being installed, thus saving paying out money for someone to help fix your PC.

Malware Scanners

Although you might not want to run a virus and a malware scanner on your PC, I always like to have a few around which includes MalwareBytes and Spybot. If I suspect visiting a bad site, then I’ll run a scan to see if anything was installed and then use the software to remove the malware.

In Closing

Keeping your PC clean can be achieved by the few simple steps above and with being a bit more observant.
In summary, I’d like to remind you of the following:

1. Use OpenDNS – It’s free and can help block phishing and id theft.
2. Use Windows Update and set it to automatically run.
3. Update all your software, most importantly Outlook (if you use it) and your web browser(s).
4. Be careful when you open emails. Even though they might come from a friend, if the URL (link within) looks suspicious then don’t open it. If you do then hopefully OpenDNS blocks it or your virus scanner stops the effect. Ask yourself, why would my friend send me this email with little to no detail?
5. If your bank or an online store emails you then be cautious. If you do think a link is genuine (which it likely isn’t) then make sure it takes you to the correct website. If Amazon it will be something like https://www.amazon.com and not https://www.myamazon.com or www.amazons.com.
6. Install a virus scanner and have Malware scanners installed just in case.
7. I’ll throw in this one as a bonus… use two-step authentication where available. Google uses this, Dropbox does and more and more services are transitioning over. Banks often use devices like the PINSentry from Barclays to make up a new password each time you log in.

Update 11 Jan 2021: This site is back on WordPress again.

Update 21 Jan 2017: TechFright posts were merged in to MatthewNewill.com which runs on Jekyll. I also moved away from PowerVPS a few years ago and went with WebSynthesis for my other blog. I also use a shared MediaTemple account. Some of this content is now out of date.

TechFright.com runs on a VPS server from PowerVPS at the moment. The blog runs alongside several of my other blogs which some are occasionally updated and another is regularly updated. Most get a little amount of traffic each month while others get several hundred visitors a month and one gets a few thousand visitors a day. I run on the fuse basic hosting package which costs $109/month (although I used a coupon to get something like 20 or 25% off of that). I use Centos 5.8 on that VPS which comes with WHM and cPanel. I have used Window hosting extensively before moving to Linux a few years ago but find Linux far easier to work with when using WordPress (for example, rewriting URLs is easier). But, go with what you find familiar.

I want to keep my largest blog (a gadget blog) running as fast as possible with the cleanest code. To achieve this I go to what you might call extreme lengths to keep pages loading fast and WordPress working well. Here’s a few things that I have done to shave a few seconds off the page load speed.

The Genesis Framework

For a long time I was a big fan of the Thesis theme from DIY themes. Looking back through my emails, I purchased a developers licence in April 2008. Unfortunately, I just couldn’t get my site to look how I wanted it to look when wanting to redesign a few months ago, so I switched. I still think the Thesis framework works extremely well and still feel confident in using it from a technical standpoint. I can also manage hooks quite well now and customise the look of my websites, but unfortunately I just don’t have the skills to take the design to the next level and also found it difficult to find themes that I liked. For this reason I dropped Thesis in favour of the Genesis Framework. I did this because of the child themes that you can purchase for relatively cheap. The link just above there gives you a rundown of the technical aspect of Genesis.

I currently use several themes which include Freelance, Magazine, Minimum (I like this one!!) and one called Sample. Price wise, the framework and 1 theme seems to cost $79.95 but when you buy that, you can use it on unlimited sites. You can then also buy child themes at a discount and they usually cost around $20, again they come standard with the unlimited option.

Rather than messing with hooks, I tend to use the Genesis Simple Hooks plugin (for free) which allows you to paste PHP code in to the one of many hooks found in WordPress. I wont go in to the technicalities of using hooks instead of editing theme files, but in simple terms it prevents the need to modify the theme code making it easier to update your theme at a later date.

The page load speed isn’t really recognisable with the Genesis Framework, but the reason I use it is because it is a good foundation for a blog and this is important.

Replace Apache with Litespeed

This is perhaps one of the best enhancements that my blog received. Apache is the standard install at PowerVPS but I had recently read about Litespeed as a replacement for Apache. At the moment I am running on a trial licence for the next 10 or so days and at that point I will decide if I am going to lease a licence for it or opt for another host such as VPS.net that supports Litespeed for a small cost.

The benefits are amazing with Litespeed. As I’m running the trial version I only get to utilise 2 CPUs of the 8 on the VPS, but the page load speed has increased as has the waiting time for a page to be served. While running Apache I was seeing a pause of about 3 – 4 seconds with the waiting…. in the status bar at the bottom of the page. Switching to Litespeed the waiting time is now below a second and overall, the blog and the admin area run a lot smoother.

I recommend trying Litespeed. It is quiet easy to install and I’ll do a tutorial on it at a later date for those who want to install it themselves.

W3 Total Cache

Caching is essential for almost all blogs. WordPress is quiet heavy in terms of how many requests are made to the database and how much PHP is needed to render every single page. Although a blog with modest traffic wont struggle without caching you’ll find that if you write something that hits Stumbleupon or gets linked to from a large blog, the blog will fall on its knees. So, install W3 Total Cache.

What it does is caches pages to either disk or some sort of memory cache like xcache or memcached. When a visitor hits the page for the first time, it renders the page the normal way by querying the database and pulling the images from the disk. The next time a visitor hits that same page, they get served a page from the cache. With pages and posts loading from RAM with Xcache, APC or memcached, it speeds up things a lot and takes load off the CPUs, doesn’t use as many concurrent connections to the MySQL database and doesn’t do much PHP scripting at all. A huge saving for a server. When hundreds of people descend on your post the server can generally handle it with W3 Total Cache because of the load being taken off the server.

You can also use W3 Total Cache to combine CSS and JS files with Minify as well as do Object caching, Browser caching and database caching (I recommend using some sort of memory cache rather than disk caching for database).

Memcached, APC or Xcache

Although caching to disk with W3 Total Cache is possible (there’s a basic and enhanced version), there are several free options that can be installed which as Memcached, APC and Xcache (there are a few others mentioned). Installing one of these is the better way to run caching because it takes the strain off the disk and puts it in to RAM. RAM is far quicker than a regular hard drive, so performance is also a notch higher with these. I’ll also do a post at a later date on how to install Memcached. Although WHM can do some of the installations with the click of a mouse, each of them still require you to edit php.ini to configure them the best way.

Use MaxCDN to Push Images, Theme files, CSS and JS across Continents

Because of how the internet works, the further you are away from a server the longer it takes to get the content to you. Adding a few milliseconds per packet of data soon adds up with a homepage that might be 2.5MB in size. A CDN (Content Delivery Network) aims to tackle that problem by placing servers in busy internet areas around the world. I opted for MaxCDN.com partly due to the price but also because of the good reviews and coverage.

By putting multiple servers around the world and having your blog push content to those servers, it allows someone in Seattle to load up most parts of your website from a server close by to Seatle. Likewise, if someone in the Netherlands loads up your website, a copy of most of the content is pushed on to a CDN server in the Netherlands and they load your site up as though they were local to the server. This cuts down a lot of transport time. Price wise, 1TB of traffic is valid for a single year at costs just $39.95. That low cost and high amount of traffic more than compensates due to the better experience your visitors get. If you run ads, you’ll likely also see revenues increase as well. In my experience, the quicker the page load time, the better the conversion because people like fast loading websites.

With MaxCDN and W3 Total Cache, the service is simple to set up and can be fully configured within an hour of purchasing the service. You also get the added benefit of setting up different domain names for the cdn so that you can have cdn1.yourdomain.com, cdn2.youdomain.com, cdn3.yourdomain.com. The reason you do this is because it spreads images, JS and CSS files around the different host names and speeds up page load. Typically a browser will only load 5 – 8 items at the same time from a single host name. If you have 40 images to download on your page, it will only do them in batches of 5 or so. If you run multiple hostnames it allows several blocks of 5 items to be downloaded simultaneously, thus loading the page faster.

Use the Smush.it plugin to Squash Image File Sizes

A lot of images you will upload will not be as small as they could be. Depending on where you get the images from you might see some that are far bigger than they need to be (referring to file size). Installing a plugin like Smush.it allows you to automatically smush images with a lossless tool. What that means is that your image filesize might end up being 10% to 90% smaller but yet, look identical. Lossless means it doesn’t lose any clarity when being compressed.

If you have an image heavy site, run the images through smush.it to cut down filesize. This of course means that a user has a lot less to download, and therefore the page will load quicker.

I also recommend grabbing all your theme images and running them through the smush.it tool linked above.

In Closing

Although each step only shaves a bit here and a bit there, it’s the combination of all these things that can make a site load in 2 seconds as opposed to 8 second. It’s difficult to put them in priority order because they each do something different, but my loose order would be caching, Litespeed, MaxCDN followed by smushit.

Do you have any other advice on what will help speed up a website? Post your ideas in the comments below.