While WordPress has evolved into a massively popular Content Management System (CMS), people still make mistakes when they put it to use—it’s only human. Whether you work at a digital agency that focuses on WordPress projects, or you’re a content creator using WordPress to build world-class content, there may be some missteps you’re making that you’re unaware of.
- Installing too many plugins
- Not optimizing for SEO
- Neglecting to back-up a site
- Not changing the default permalink structure
- Ignoring WordPress core, theme, and plugin updates.
- Changing a post's URL after it's been published
- Using bad (or no) visuals
- Not resizing images for web upload
- Adding customizations to a parent theme
- Failure to use a staging environment
- Using the default admin username
- Using a weak password
- Failing to be selective about who gets admin privileges
- Accidently blocking search engines
- Using poor/cheap web hosting
1. Installing too many plugins.
Think minimal when it comes to installing plugins. The WordPress Plugin repository contains more than 50,000 plugins, which might make you feel like a kid in a candy store and want to try them all. But if you install too many plugins, it’ll cause your site to bloat and run slower than a herd of snails traveling through peanut butter. (Okay...maybe not that slow, but you get the gist.)
Wisely choose the plugins you install, and be sure to uninstall those not in use. Ask yourself, is this necessary to the functionality of my client’s site (or my site)?
See here for more in-depth tips on how to pick the right WordPress plugins.
2. Not optimizing content for SEO.
Publishing a piece of content without putting thought into SEO is simply a missed opportunity. To increase traffic and make sure your content is found by search engines, it’s crucial you prepare your written content and images with SEO in mind.
3. Neglecting to back-up a site.
Failure to consistently back-up your clients’ sites is like spending months writing a novel and never hitting “save” on your valued work. Creating a backup of your work is crucial so you don’t lose anything should an outage or other issue occur.
5. Ignoring WordPress core, theme, and plugin updates.
Running an outdated version of WordPress is like opening the front door of your site to hackers.
Plugins, themes, and WordPress sites that aren’t up-to-date present security vulnerabilities—these outdated files are traceable, and basically let the bad guys in.
Be sure to keep your client’s plugins, themes, and WordPress core up to date. Within your dashboard, next to “Updates” and “Plugins” there will be a number that appears if any of your plugins (or WordPress core) need to be updated.
Certain hosting providers, like WP Engine, will automatically update WordPress core for your clients’ site(s), making your life easier. WP Engine also offers Smart Plugin Manager, which takes the hassle out of plugin maintenance by performing plugin updates automatically.
6. Changing a post’s URL after it’s been published.
It can be tempting to go into an article and change its URL when updating an old blog post or page, but this is something you and your clients should 100% avoid. By changing the post slug, you break all existing links to that post, and any old links will lose traffic and present a bad user experience, often in the form of a 404 error page.
Before publishing an article, be certain the post slug is the way you want it. In addition, if you’ve installed Yoast SEO, it’ll give you tips for URL optimization, like removing “stop” words and shortening the post slug.
7. Using bad (or no) visuals.
Images are imperative to holding a reader’s attention within a text-heavy article. Studies show content with visuals gets 94% more views than those without. In addition, the human brain processes visuals 60,000 times faster than text. Therefore, you should include images within your content as deemed appropriate to gain readership.
If paying for a stock photography membership is out of the question, there are numerous free image options out there. Unsplash.com supplies high-quality, professional imagery, but other options include Flickr.com and more. Just be sure to give attribution to the photographer when required.
8. Not resizing images for web upload.
Images are often the culprit to a slow site and you should seriously consider preparing your images for upload by reducing their size. This can be done either by using an editor like Adobe® Photoshop, or a plugin to resize images so they’re not taking up a huge chunk of space and causing your site to run super slow.
If you’re working in Adobe® Photoshop, go to Image -> Image Size. Make sure the resolution is set to 72. You’ll then want to reduce the width of the image if applicable. 2,500 pixels on the wide side is ideal for displaying images at large on the screen—you can decrease this size to around 600 to 1,000 pixels on the wide side for regular site display. This will reduce the file size drastically, resulting in less bandwidth required to upload images whenever someone visits your client’s site.
Always set the resolution to 72 pixels/inch for web upload. If “Resample” is checked, the image’s dimensions will automatically be reduced when you adjust the resolution.
Another fix is to use a WordPress plugin that optimizes images for you, like WP Smush.
9. Adding customizations to a parent theme.
If you’re looking to customize a client’s theme, doing so could result in a whole lot of headache if you modify the theme directly. Changing a theme’s code can create unwanted changes and potentially cause downtime for your site.
10. Failure to use a staging environment.
Say you want to test a theme, plugin, or custom code on your client’s site. It would be unwise to make these changes directly to the live site—your clients won’t be too happy if their website crashes because you’re tweaking things on the back end.
Before deploying changes to the live site, the best practice is to use a staging environment to test any changes before going public.
Quality hosting providers like WP Engine offer free staging environments. Every site hosted on WP Engine has three different environments: development, staging, and production, providing customers the needed flexibility to build and test new projects. There are also a number of plugins that enable testing environments, or you can set one up yourself from scratch.
11. Using the default admin username.
By default, after WordPress is installed the username is “admin,” which is troublesome in terms of security. Hackers can easily guess that name and take control of your website.
During installation, you’ll be given the opportunity to change the admin name to something unique. If you’re already past the point of installation and need to change your default username, see here for some tips on removing the admin account in WordPress.
12. Using a weak password.
People usually create a weak password because they don’t want to forget it. However, a good password should be random and complex, not predictable or simple.
The easier your password is for you to remember, the easier it will be for hackers to perform brute-force attacks and guess your password.
A strong password should include a minimum of eight characters, an uppercase letter, a lowercase letter, a number, and a special character. Try using a strong password generator if you need help coming up with a hack-proof password. To protect your passwords even further, try enabling two-factor authentication.
13. Failing to be selective about who gets admin privileges.
Giving admin rights to just anybody is like giving a kid the keys to your car. It’s extremely important that you don’t give admin rights to the wrong person. You should only give admin rights to site owners and developers who work with the back end of the website.
14. Accidently blocking search engines.
Certain WordPress settings can impair your site’s ability to be found by search engines. If you’re ready for your site to be found by a larger audience, you’ll want to ensure that a certain box isn’t checked within your Settings to make it SEO-friendly.
To find out if you’ve made this mistake, look in your WordPress dashboard and go to Settings -> Reading. Make sure the box next to “Discourage search engines from indexing this site” is not checked. When this selection is checked, it suppresses the site’s pagerank, telling search engines not to inspect the site’s content. (You’ll want it checked if your site is still under development).
15. Using budget web hosting.
You might want to keep costs low, but choosing a generic web host to power WordPress site is like buying cheap fuel for a Ferrari. Your WordPress site represents your business, your brand, your portfolio, and so on. Poor performance and downtime reflect poorly on you and your brand and could end up costing you more money in the long run.
Find a hosting provider that specializes in building digital experiences on WordPress. Make sure your provider offers services for caching, uptime, security, amazing customer support, and expertise when it comes to building future-proof WordPress sites. Thousands of brands and agencies rely on WP Engine’s Digital Experience Platform for WordPress to power amazing websites for them and their clients. WP Engine also offers the largest Agency Partner Progam for WordPress, which means agencies can leverage amazing tools and partnerships to grow their customer base and delight current clients.
If you’re looking to migrate to high-quality hosting, WP Engine offers an Automated Migration plugin for a nearly effortless transition to our platform.
Check out WP Engine today to see the added layer of benefits you’ll get with our Digital Experience Platform for WordPress, and see what others have to say about the results they’ve seen since switching to WP Engine’s enterprise-grade platform.