WordPress maintenance is a tedious and thankless chore, but absolutely essential to the smooth-running of your website. A poorly maintained website can be a security nightmare, or even impact on your website appearance and search position with potential attacks and spam.
We’ve put together a basic list of the most essential WordPress maintenance;
A backup is only ever useful when you’ve forgotten to make them! It’s an oft-repeated phrase, but hardware can be replaced; your data cannot. Do automate your backups, but ensure that you test your backups too! A backup failing is as bad as failing to back up. There are a huge number of popular plugins to back your site up off-site. Your hosting provider may also offer a backup service, though you may also prefer to manage your own too.
WordPress updates are released on a very regular schedule, both offering new features and security updates. WordPress keep a list of all their latest releases on their website, with information about what has changed with each version. For most websites, it’s sufficient to use the built-in WordPress updater. This updates WordPress core code, as well as supported Plugins and Themes.
Often updates may cause problems with complex sites, so it’s recommended to always backup manually before proceeding with updates. Often we recommend updating items one-at-a-time so that any issues can be quickly spotted.
If you are using custom plugins or themes, you should check manually whether there are any updates to these. If you are adapting an existing theme, it is highly recommended to use a child theme. This enables updates to the parent theme, without affecting your changes – although it is still very important to ensure any functionality changes to the parent theme are also copied to your code.
WordPress can be plagued with comments, spam, and trackbacks. Many sites will use anti-spam techniques such as the provided Akismet plugin. For many other users, it maybe be more suitable simply to disable comments and trackbacks in the settings.
Health and Security Monitoring
Alongside WordPress updates, it is essential that your site is monitored for health and security issues. There are many third-party plugins, such as Sucuri and Wordfence, both of which are excellent at their tasks. These plugins is particular will secure your login area to stop users from trying to test your passwords, and often provide a ‘firewall’ as well other security options.
Your hosting provider should also ensure your server is up-to-date. Ensuring that you’re running the latest web server and database software, as well as firewalling and security your servers is as important as ensuring your site cannot be attacked from the the website. Given that there have been a huge number of security threats, we do recommend that websites offer a secure website, which as we’ve discussed recently can often be set up for almost no-cost.
With all the best intentions, it’s very easy to get behind on updates and maintenance. It is worth keeping a weekly or monthly checklist, and to get into a routine of checking and updating your website.
Some websites, especially WordPress can easily evolve and contain complex steps and procedures, just for creating new posts and pages. Especially in a corporate setting, this technical information is often not easily shared and the responsibility of few. With holidays and absence, this can often pose difficulties making new posts difficult, slow, or impossible. We’ve worked often with clients, writing custom documentation to ensure that this task can be taken on. This is often required as part of ISO certification or simply for sharing employee knowledge.
For larger or more difficult sites, you may wish to employ a third-party to monitor and observe your site, either as a one-off or as an ongoing maintenance plan – if this is something that interests you, we can help with any size site and any requirements – do get in touch.