It’s no surprise: there’s a lot to love about WordPress. As the content management system grows in popularity, more business owners and corporations are choosing to build their sites on WordPress.
But whether you’re new to WordPress or have been on the platform for many years, there are several principles you should follow in order to keep your WordPress website running smoothly.
The 10 Commandments of WordPress Sites
1. Thou Shalt Update Your Plugins
Every WordPress site runs on the core WordPress, a theme, and several plugins. All of these need to be updated from time to time, just like the software on your computer.
Neglecting these updates can leave your site vulnerable to security breaches, and it can compromise the functionality and overall performance. A best practice is to have an experienced WordPress developer update your plugins and theme once a month.
Performing the updates on your own can sometimes cause glitches to occur. This is because different WordPress plugins are built by different developers. With over 50,000 WordPress plugins available, it’s very common for an update from one plugin to conflict with another plugin on the site. An experienced PHP developer can catch these issues and quickly resolve any problems that may arise.
2. Thou Shalt Use SEO Plugins
Another advantage of using WordPress is that the platform is ideal for search engine optimization. You can easily find the setup and configuration for meta descriptions and SEO elements in the WordPress dashboard.
WordPress also has several powerful SEO plugins available. Yoast is a great free SEO tool to use on your site. Even if you aren’t an SEO expert, the plugin provides prompts on pages and posts on how to optimize for certain keywords by adding links, adding image title tags or writing more content. SEO plugins can also connect with the Google search console and help with XML site map submission, which is important for indexing on search engines.
While an SEO company can assist with more advanced items & guidance, make sure to take advantage of all these free tools available to your WordPress site.
3. Thou Shalt Not Delete Without 301 Redirects
We all edit our sites from time to time, removing or altering content. While this is just fine – even expected – you’ll need to set up a 301 redirect for any page you choose to delete or any page that undergoes a URL change.
A 301 redirect is basically a rule that will have the deleted URL redirect to a page that’s still on your site. If you don’t set up a 301, any visitors that follow the old links will get a 404 error. They may be following off-site links or something that was indexed by a search engine, so it’s easy to forget that a link may still be active. Having broken links and 404 errors on your site will hurt your search engine optimization.
You can install a WordPress plugin to help with 301 redirects and you can also use your Google Search Console to monitor and detect any 404 errors on your site. If you aren’t sure how to do so, talk with a WordPress developer about removing pages and properly forwarding traffic to a different page on the site.
4. Thou Shalt Keep It Secure
WordPress’s popularity makes it a target for hackers. This is true whether you have a large, complex site with financial transactions or a small, informational site.
But WordPress’s attraction to hackers is nothing to be afraid of: you’ll just need to take a few extra precautions to keep your site safe. One of the best ways to keep your site secure is to perform monthly maintenance, including updating themes and plugins.
It’s also highly recommended that you set up 24/7 security monitoring on the site. This specialized monitoring helps to fend off brute force attacks, in which a hacker attempts to guess the login info for your WordPress admin account. These are extremely common on WordPress sites as every WP site has a login page.
At anytime, if you suspect your WordPress site is hacked, get help quickly to clean up any malware infections and secure the site. Eventually, a hacked website can be blacklisted by Google and other security firms.
5. Thou Shalt Monitor Performance
WordPress sites have a very large database, even when the site is first built. Because of their inherently large size, it’s very common to experience performance issues.
Numerous factors can affect performance, including image optimization, plugins installed on the site, and which theme the site is built on. If you are experiencing performance issues, It’s best to have an experienced WordPress developer run multiple different speed tests to evaluate both mobile and desktop scores.
Another performance factor may be your hosting set up. WordPress sites tend to perform poorly on shared hosting where the server is sharing resources among numerous sites. Finally, watch the number of plugins installed on the site. After launching the site, you or your marketing team may install plugins left & right to add functionality. But the more plugins you have on the site, the more bloat you add to it.
6. Thou Shalt Not Upload Large Images/Videos
Another trick to enhancing your site’s performance is to optimize your images and to be mindful of the files that you upload to the site. Anything you upload to the WordPress dashboard in the media library can impact the database size and the load time of the site.
You can ask your web developer for the best image sizes to upload for featured images or banners, so you aren’t uploading extremely large image files. For videos, it’s better to host the actual video on a video sharing platform like YouTube or Vimeo. This way, you can embed the video to your site for easy viewing, without slowing down the site.
While it’s fine to have a few links to PDFs here and there, don’t use your WordPress site for file management. Services like Dropbox and Google Drive are better and cheaper platforms for file storage.
7. Thou Shalt Use Email Newsletter Services
Email newsletters and email lists are a great marketing tool, and you can easily set up a way for web visitors to subscribe to your newsletter or email list on your WordPress site. However, WP sites are not the best tools for sending mass emails out to subscribers.
If you plan on collecting email subscribers and sending out a newsletter, use a third party email service like Mailchimp or Constant Contact. These services are built to send emails to a large number of recipients, and they’ll also help you avoid having your emails blocked by spam filters.
All of the major third party services offer a WordPress plugin or an API key to connect your site’s forms to the service, so that subscribers who sign up on your site will be immediately added to your newsletter list.
8. Thou Shalt Not Install Dangerous Plugins
Every WordPress site requires plugins to run. Of the over 50,000 plugins available in the WordPress repository, some are free while others require payment and licensing.
If you are using any paid plugins, you will need to pay a yearly fee to renew the license. The same goes for the theme that you built your WordPress site on: it will likely require a yearly renewal fee.
Given how vital updates are to the security and performance of your site, it can be helpful to have a system in place to streamline the process. Keep a list of the paid plugins and the theme used to build the site.
Lastly, remember that plugins can impact the security, performance & functionality of the site. For this reason, always have a WordPress developer review a plugin before installing it on your site.
9. Honor GDPR Best Practices
The Global Data Protection Regulations, also known as the GDPR, is a set of EU laws that went into effect in 2018. The GDPR laws stipulate appropriate data collection, storage & management on websites and by businesses. The law was written very broadly, such that it can be applied to businesses and websites in the US, if they receive European traffic.
Another GDPR best practice is to set up a cookie notification on the website, notifying visitors that you have cookies installed on the site & providing an option to disable certain ones. The notification appears to any first-time visitors and you can easily set this up using a WordPress cookie notification plugin.
10. Thou Shalt Block Spam At All Cost
No one likes spam. Yet, it’s a common problem, with increasing amounts of spam affecting many websites. Spam often comes through the forms on your website: what was supposed to be a useful tool to connect with visitors and potential clients turns into spam central station.
Thankfully, the problem is easily avoidable. To reduce these spam submissions, install Google reCaptcha for all your forms. Google reCaptcha is a free tool that protects the site from spam. You’ve probably seen a reCaptcha prompt before, asking you to complete a little test to prove that you are a real person and not a bot.
To set this up, you’ll need to register your domain on the Google reCaptcha platform and get the key & license to complete the set up on your website. While you may need help from a WordPress developer in setting up the reCaptcha, make sure that you are using your own Google account, whether business or personal, to register the site.