Fair Question. Why Bother?
Well, I built this website, just because – I can.
Websites have always been a space where I’ve been both curious and comfortable. In 2013, I needed to take a state-level event national. So I taught myself enough HTML-CSS to build our website, bought hosting and it worked! That kickstarted a lasting curiosity. Since then, I’ve added to my arsenal and I’ve built a blog for a friend, an e-commerce site (complete with payment gateway, user tracking, and logistics integration) for my now-wife then-girlfriend, and several small personal projects.
Professionally, I’ve worked on a range of website initiatives such as the remodel of the Target.com Home page in 2023, a high-impact, high-visibility initiative focused on enhancing user experience at scale. In 2022, I led the refresh of the “Target in India” careers page. Earlier, in 2016, I contributed to the revamp of VMock.com’s website and blog (though it has since been redesigned), and in 2013, I did SEO and copywriting for a small coaching center’s site.
This website was again a fun project, since it allows me to express my personality beyond what I could in Resumes, Portfolio documents, or LinkedIn Profiles. It gives me a blank canvas to publish the way I want to, and have a presence on the web.
Let’s Talk a bit about this website on the technical front though…
The Basics
| Particular | Details | Remarks |
| Platform | WordPress | – |
| Hosting | Shared Linux Hosting through BigRock | Server Location – Mumbai |
| Domain | .me TLD | I have owned it since 2018, will continue to do so |
| Running through Zoho mail | SPF✅, DKIM✅ | |
| Analytics | Google Analytics ⚠️ | Site has too less traffic to bother about this ATP |
Performance (See Performance Tracker)
| Particular | Status | Remarks |
| HTML Caching | ✅ | Server side rendering can take time due to shared Linux Hosting. Caching makes load time faster and more consistent |
| Database Caching | ✅ | Server side rendering can take time due to shared Linux Hosting. Caching makes load time faster and more consistent |
| Image Compression | ⚠️ | Saves Bandwidth, Faster Load Times |
| Image Conversion | ⚠️ | Images converted and replaced by WebP |
| Image Resizing | ⚠️ | Saves Bandwidth, Faster Load Times |
| Responsive Image Placeholders | ✅ | Make sure page doesn’t shift till the images download |
| HTML Minify | ✅ | Faster load |
| JS Combine, Minify | ✅ | Faster load |
| CSS Combine, Minify | ✅ | Faster load |
| Browser Cache | ✅ | Browser caching stores static files locally in the user’s browser. Turn on this setting to reduce repeated requests for static files. |
Performance Test (See Performance Tracker for more results)
| TEST | GTMETRIX | PINGDOM | GOOGLE PAGESPEED INSIGHTS |
| Original Score (Before Optimisations) | C (71/100) | C (80/100) | Mobile – 66 | Desktop – 88 |
| Latest Score (as on 10/5/2025) | A (95/100) | A (96/100) | Mobile – 75 | Desktop – 97 |
Security
| Particular | Status | Remarks |
| Secure Socket Layer | ✅ | OpenSSL Certificate via LetsEncrypt |
| Admin URL Rewrite | ✅ | To avoid automated WordPress Brute Force attacks |
| Reverse Proxy / CDN | ❌ | Cloudflare was activated but it was slowing the site down. Reason: Cloudflare forces traffic from Singapore/China Datacenter instead of the closest one in Mumbai on free tier. Hosting Server is physically closer to most users who are in India. |
| WP meta Information removal | ✅ | WordPress adds critical information in public code; hide this information |
| Disable user enumeration | ✅ | To prevent external users/bots from fetching the user info with URLs like “/?author=1”, |
| Forced User Lockout | ✅ | Automatically logs out users within 60 minutes of login; prevents misuse by physical access to computers |
| Manual Approval of new site admins | ✅ | Requires manual approval of access to backend for fresh user |
| Update wp-config permissions | ✅ | Stricter rules for file access |
| Obfuscate default WP files | ✅ | Auto delete files such as readme.html, license.txt and wp-config-sample.php which are delivered with all WP installations & updates |
| Prevent Image Hotlinking | ✅ | Prevent images hosted on site to be linked elsewhere |
| Prevent PHP file edits from WP dashboard | ✅ | Disable the ability to edit PHP files via the dashboard. |
| XMLRPC Access Block | ✅ | Disable access to the WordPress xmlrpc.php file Hackers can exploit various vulnerabilities in the WordPress XML-RPC API such as 1) Denial of Service (DoS) attacks, 2) Hacking internal routers, 3) Scanning ports in internal networks to get info from various hosts. |
| Disable RSS and ATOM feeds | ✅ | Prevent automated scraping through ATOM and RSS |
| Disable WP REST API | ✅ | Not using any REST API functionality so disabling to prevent potential exploits |
| PHP Firewall | ✅ | Protection against XSS string- query exploits |
| .htaccess Firewall | ✅ | Basic firewall protection mechanisms on site: 1) Protect htaccess file by denying access to it. 2) Disable the server signature. 3) Limit file upload size (100MB). 4) Protect wp-config.php file by denying access to it. |
| Bot Identification and filtering Firewall | ✅ | Block bots which are impersonating as a Googlebot but actually aren’t; Ban POST requests that have a blank user-agent and referer: |
| CAPTCHA on Login Page | ✅ | Simple Math Captcha to avoid low level brute force attacks |
| Honeypot on Login Page | ✅ | Fools robots into filling data on a dummy form field. This field is visible to robots and not humans. Since robots usually fill in every input field on a form, they will also submit a value for the special hidden honeypot field. |
Design & Accessibility
| Particular | Status | Remarks |
| Responsive Tests | ✅ | Passed |
| Background – Text Contrast | ✅ | Passed |
| Images with alt text | ⚠️ | On Roadmap |