Thankfully WordPress is a stable and secure platform which has been around for 20 years now and is powering over 50% of websites on the internet today.
As a website owner/administrator it’s important to know though, that just like running any machine, it’s important that checks are peformed at least monthly. Here are some things to keep an eye on when you perform those tasks.
Plugin / Theme & WordPress Version Updates
It’s very important to make sure plugins, theme files and WordPress versions are updated regularly. Old files can quickly lead to performance, interoperability and security issues. Remove any unused plugins and avoid installing plugins that haven’t been tested with your version of WordPress. It’s important to make backups of your site before making any changes (see next section).
Keep at least 3 full backups of your site and your database files over a 28 day period. There are many plugins that offer backup solutions but from the point of view of reliability, use your hosting providers service. It’s worth paying extra to avail of the ability to do a one-touch-restore and get the vendor support on offer.
Webspace can fill up quickly on webservers. This can happen as a result of image uploads, locally stored backups and log files which can quickly use up your Gigs and lead to service interruption. Sometimes the culprit is obvious but other times, running commands from FTP command line to find large files is necessary.
Most site owners are unaware of the silent probes and attacks that happen on their website on a daily basis. Needless to say, if a hacker manages to login as an administrator, it’s not good news. Downtime, defaced websites, slow performance and inaccessible websites are all possible when security is breached.
Limiting the number of site administrators, choosing strong passwords, enabling 2 factor authentication and buying an SSL cert are really a must nowadays. Using a plugin like WordFence which has some powerful security features like a web app firewall is also highly recommended. Hosting providers usually offer an SSL certificate service for a fee. SSL is required for eCommerce sites and has the benefit of telling browsers that your site is secure.
Also on the security side are plugins like Google Recapcha and anti-spam plugins like Cleantalk which are very effective in combating spammers. Spam is a leading cause of ransomware which makes the control element all the more important.
More advanced security features like DNSSEC and DDOS protection can also be configured at the Zone record level for your domain.
Site speed is more important than ever from a user experience and a google ranking perspective. Mobile devices are particularly sensitive to loading slow sites over 3G and 4G. Choosing the right hosting plan is fundamentally important here but so also is checking website load times regularly with sites like Pingdom and GTMetrix. Sometimes simple fixes can dramatically reduce load times on your site.
It’s also important to monitor Google search console for errors. Depending on the errors, Google may not index pages on your site or even blacklist your site without your knowledge, if you’re not monitoring the console.
Read our related article on Website Performance for more information on this topic.
As a site owner/operator, there is an expectation of compliance with legal requirements like GDPR, Cookie Laws, consumer rights and your own T&C’s for service. Over time, laws change and contracts need to be updated which all need to be reflected on your website policy pages.
It’s important to monitor regulatory changes with tools like Google Alerts to ensure that your up to date.
For more information about managing your site, visit our Maintenance Services page page for more information.