by Nathan Allen •
03.06.2018
Senior Web Developer
WordPress is an easy-to-use, robust content management system (CMS) that is used on millions of websites around the world. It’s flexible, highly customizable, and can be used to create virtually any type of website you can imagine. These are just a few reasons it’s Firefly’s CMS of choice.
While WordPress does much of the heavy lifting for you when it comes to managing your website – giving you the ability to customize the appearance and features via themes and plugins – keeping your WordPress site secure, error-free, and fast isn’t automatic.
So why not learn from others’ mistakes? Here are seven things to avoid as you take the reins of a WordPress website.
Mistake #1: Choosing the Wrong Hosting Company
Where to host your WordPress site is perhaps the most important choice you’ll make before you even begin building your website. Choosing a hosting company can be tricky because there seem to be so many options. Shared hosting, virtual private servers, dedicated servers, and even WordPress-specific hosting; there’s a lot to choose from!
Your first instinct may be to go with the cheapest option to keep your costs low. Although there are companies that offer hosting for just a few dollars a month, the problems you’ll experience aren’t usually worth the savings.
A website that is slow or down all the time doesn’t reflect positively on your organization and could cost you donations and engagement in the long run. When comparing hosting companies, look at their customer support reviews, average uptime rating, and loading times.
Mistake #2: Backing Up Incorrectly or Not At All
If you don’t backup your website at all, you’re making a huge mistake. Running into an issue that requires a backup is not a matter of if, but when. Not only are backups important in case you lose data due to a server issue, but they can come in handy when you do plugin and core updates.
Regularly backing up your website is a good habit to form; backing up automatically on a daily basis is even better. Some hosting companies will even run scheduled backups for you.
If your hosting company doesn’t offer automatic backups, there are plugins and services that you can utilize. For smaller websites, we recommend BackWPUp. With this plugin you can back up your database and files to Dropbox or other services. For larger sites, we recommend the VaultPress service. This option isn’t free, but it can handle larger websites.
Even with automatic backups scheduled, we recommend performing a manual backup before any WordPress core or plugin updates, as this is when you’re more likely to experience a problem.
Mistake #3: Using Too Many Plugins
Anyone who has ever spent any time at the WordPress.org plugin repository knows there are tens of thousands of plugins available for free. But just because you can install a plugin doesn’t mean you should. The two big reasons:
- The more plugins you have installed, the greater the possibility is that you’ll end up with a plugin that doesn’t play nice with another component of your site.
- Using multiple plugins can also cause your website to run painfully slow. Since most plugins include their own stylesheets and scripts and cause multiple database queries, you want each of those calls to be necessary.
We recommend that plugins be limited to ones that are crucial to the operation of your website.
Mistake #4: Weak Usernames and Passwords
WordPress (unfairly) has a reputation for being less secure than other platforms, but most security problems are self-inflicted. Hackers looking to infiltrate your website often gain access through the use of a weak username or password.
The default username in WordPress is “admin,” and it’s a big mistake to keep that account. One of the first things you should do when you log into your website for the first time is create a new administrator and delete the “admin” one. This step makes it harder for hackers to brute-force their way into your site.
Another step you should take is to enforce a strong password policy for your administrator accounts. People often use simple passwords because they don’t want to forget them, but simple passwords can be cracked easily. Strong usernames and passwords from day one will mean fewer headaches or emergencies down the line.
Mistake #5: Wrong Permalinks Choices
Before you start creating posts on your WordPress site, it’s important to have your permalinks set to the option that will be most beneficial. By default, WordPress URL’s aren’t SEO friendly.
Most WordPress experts agree that for search engine optimization the “post name” setting is the best one to use as it uses the post’s title in the URL. That gives search engines more information on how to index it than the “plain” setting.
Some people select either the “day and name” or “month and name” options, but those include the date in the URL and can make your older post seem more dated than necessary. Keep your content relevant and findable with the most keyword-focused link setting.
Mistake #6: Failing to Optimize Images
Large images are a common reason why your site may be loading slowly. Most users will leave a site if it fails to load within 2 seconds, and a slow website could even hurt your search rankings.
While WordPress does often resize your images when creating thumbnails, there are times when it displays the original image size (like when the image is displayed in post or page content).
One option to optimize your images is to reduce the file size before uploading them to WordPress. The file size can be reduced by using image editing software like Canva or Photoshop. The resolution should be set to 72 dpi, and the width to roughly 1000 pixels or less.
There are also many plugins available in WordPress that will optimize images. The right one for you depends a lot on the type of site you’re managing and your technical abilities.
Mistake #7: Ignoring WordPress Core and Plugin Updates
The old adage “If it ain’t broke, don’t fix it” doesn’t apply to your WordPress site. Although it may seem logical to ignore updates if your website is already working correctly, you absolutely should apply updates as they become available. Along with new features, updates also include important security patches that keep your website secure.
The longer you wait between updates, the more likely those updates will cause problems. Issues tend to happen when you make a big leap between version numbers (e.g., from 3.8 to 4.9 as opposed to 4.8 to 4.9).
Updating is relatively risk-free if you backup your website beforehand (see mistake #2), or better yet: apply your updates on a staging environment first.
WordPress continues to be Firefly’s CMS of choice because of its flexibility, highly customizable code base, and ease of use. But as with any technology, regular maintenance is critical to keeping it running smoothly.
If you’d like to learn more about how to keep your WordPress website performance high or you need help staying on top of these tasks, it’s probably time to talk to someone at Firefly. Get in touch.
