Our best tips for a WordPress website
Whether you love or hate WordPress, its popularity cannot be ignored, and is the platform of choice for many designers and developers. While it has many pitfalls and dramas, when well-oiled and maintained, it can be a rather powerful development and publishing CRM.
Here are some tips we give our clients about their WordPress websites, and we’re going to share them with you too!
1) Have a great website host
We’re not going to endorse any hosting companies, however, we recommend you keep your website hosted where you are conducting business, or in your home country, rather than based on price alone. We all know the stereotype of the website hosting that is really cheap (and could be great as a backup/fall-back site) but ridiculously slow. While it might be lighter on the pocket, you will always lose in load times and ease of management.
2) Keep it updated (and do it now!)
One of the many traps we see in maintaining any online system, is the lack of ongoing updates and maintenance. Often, a website developer will deploy WordPress (or any other CRM system), and leave it for months on end, until they or another tech comes along to see pretty much every plugin pending an update.
We recommend keeping these systems up to date, whether through a managed hosting provider (we offer this by the way!), or by training a digital specialist in-house on how to keep everything up to date. It’s important to make a backup before you update mission-critical plugins and WordPress itself, just in case something breaks. Fortunately, both backup plugins, and automatic functions in platforms like CPanel, exist!
3) Keep WordPress secured
Many times, we find people who use the same password on every platform. We all know it’s not good to do, and yet everyone seems to do it! We recommend taking a look at this website – chances are, your password has been leaked at some point! WordPress, by default, offers a password suggestion system. We recommend either make use of this, or using a password generator in Chrome or any of the countless free generators out there.
If you need help with a password audit, or recovering your website from a hack, let us know.
4) Steer clear of ‘admin’ in WordPress
By default, WordPress (or WordPress hosting companies) may set you up with an account automatically. If you’ve been set up with an account (or there’s one present) by the username ‘admin‘, you will want to change this immediately! This can either be done by a quick database edit, or by making a new administrator account, logging into that, and deleting ‘admin‘.
5) Disable sign-ups for your website
This one’s a no-brainer. Unless you are explicitly wanting people to sign up to your website for an accounts based system, we highly recommend disabling the sign-up function in WordPress.
6) Remove the clutter
Does your plugins and themes library contain a tonne of junk you don’t use or have installed? We recommend removing what you don’t need, as it’s more points of failure, and unused plugins/themes only take up valuable space in your hosting plan. Keep it lean and mean.
7) Check your file permissions
While this point is a little more complicated to average users, the file permissions of your wordpress directory matter. You do not want people being able to access your wp-config file from the outside, because once they have it, it’s game over. The same goes for your folders, you’ll also want to disable indexes/folder access via .htaccess!
8) Use 2-factor Authentication
You see this all the time on Google, Facebook, Twitter, and any modern service. 2-factor authentication, or 2FA, is a great way to secure your website, and there’s plenty of ways to add it to your website. Both Wordfence and Jetpack are a great place to get started!
9) Keep your WordPress website legit
There are many reasons why you shouldn’t use ‘nulled’ wordpress plugins and themes. No matter where you stand on the morality of using them, they’re also massive security and privacy risks (we’ve seen many that include trojans and ransomware), and extremely damaging to SEO. You may also open yourself up to legal issues!
10) Have a great web developer
While we can give you our best tips for a WordPress website, we cannot recommend this enough. We’ll often see WordPress users who’ve gone with a cheap and unreliable developer in the past, who has left their install bloated, messy, buggy, and unsecured – and sometimes charged a fortune for it.
You need to choose a developer who knows what they’re doing, from working with you or your marketing team on design, to being able to code, solve problems, and implement improvements!