The people who keep up with statistics tell us that over 30% of the sites on the internet are built with WordPress. That’s a major percentage. We believe the reason is that WordPress is such a great CMS platform that can be customized for almost anything. The huge variety of plugins and themes that can be used are awesome.
However, with this flexibility comes a need to be diligent in keeping WordPress up-to-date. We see many clients who have let their WordPress site sit on the internet unchanged for years. This is a bit dangerous.
You see, software breaks. Software has security holes that need to be plugged. Plus, on a positive note, software improves. If you don’t keep your site up-to-date, then you are inviting problems to hit your site. What you may not realize is that your site problems might affect others, especially if you use shared hosting.
1. Keep Your Software Up-To-Date
Updates to the WordPress Core Software, Themes, and Plugins are often changing. These changes occur to improve the software with new features, better management, fix bugs, and fixes to site security. This is true for any piece of software regardless of whether it is your word processing software like Microsoft Word, Adobe Photoshop, and yes, WordPress.
Most of the sites we support for our clients see several software changes in a given week. This includes changes to the WordPress Core, WordPress plugins, and WordPress themes.
2. Keep a Site Backup for at least the last 4 weeks.
We recommend weekly backups for your site. If you frequently change the site, then you may want to backup the site more often. If your site fails because of a hack, or a software failure then you will have a backup to restore the site. Without a backup, you could encounter hours and hours of repairing a site or sometimes you can lose a site entirely.
3. WordPress Security
No website is free from potential damage by malware or a hacker. We’ve seen the result of several sites damaged my malicious coders. Sometimes the site comes down. Sometimes you see warnings on Google search results that indicate the site may contain malware. Sometimes the hacker may send links on your site to a totally different website that contains malware or rated-x sites.
It is very important to wrap your site with proactive security that deters hackers. We don’t know of any security software that can absolutely guarantee that your site will be malware free, but you can put up a defense that helps protect your WordPress Site as much as possible.
4. Optimize the WordPress Database
With prolonged use and site changes, the database for your WordPress site can become bulky. In most cases, WordPress will keep copies of old versions of your pages and posts when you make an update to them. There are also other things that can cause your database to expand. Sometimes a bulky database can slow the site load speed down.
There are safe ways of optimizing your WordPress database and getting rid of old, unused, and deleted entries.
5. Watch Your Site Speed
There are a ton of reasons that your site speed can change over time. This includes large graphic images, bulky databases, old WordPress core, old plugins, old themes. New plugins and themes can cause speed issues. Your hosting service may affect the speed of your site delivery to users. We see older sites with older hosting services on old servers and old platforms that simply drag when loading.
With so many reasons for your site speed to be affected, you often need an expert to help you optimize the site for speed. Most often, we see speed issues with graphic images being too large. A good place to start is to use some photo optimization tools to make those image file sizes smaller.
If your site still runs slow after you remedy software and image issues, it might be time to take a look at different hosting options such as a dedicated server, CDN (Content Delivery Network), or Cloud hosting option.
6. Intelligently Manage Plugin Usage
For a given WordPress site there is one piece of core software and one theme. There are thousands of plugins. This is a good thing and a bad thing. It’s good that we have the flexibility to implement a variety of features without having to code something new. On the other hand, too many of these good things can cause your site to slow down. Sometimes, plugins conflict with one another. Too many plugins also invites more opportunity for security holes. So, you must keep the plugin usage to as much a minimum as possible. Get rid of unused plugins, replace old plugins with better ones, and don’t use too many of them on your site.
7. Keep Your Hosting Service Up-To-Date
Running the any website requires more software provided by your hosting service. Many hosting services do not automatically keep your hosting software up-to-date. They often keep several versions of a specific software available, such as PHP (and others), but they don’t automatically update it for you. As an example, we recently updated several clients from PHP 5 to PHP 7. Certainly, this is a big jump, but there are often good reasons for not updating to the newest version; like having to wait on plugins and themes to become compatible with newer versions.
However, support for older versions of software always disappear. We moved sites from PHP 5 to PHP 7 because the older version will no longer be supported in the near future. We have also been told PHP 7 helps many sites run faster.
8. Carefully Manage WordPress Site Users & Passwords
Most WordPress sites only need Administrative Users. If you choose to offer shopping services, on-line learning, etc, you could have hundreds or thousands of users. Site security becomes even more important. You should find methods to have your site users create passwords that are as secure as possible. It also helps to force them change the password on a regular basis.
Simple passwords just don’t do the job anymore especially since several national companies had their data breached revealing millions of users and passwords. There are a variety of options that can help with password security including SSL, 2-step verification, longer passwords with a variety of characters, and even selecting strange, unpredictable answers for those security questions.