Your website doesn’t need to be a source of bad surprises.
These steps won’t stop every unknown, but will greatly reduce the majority of bad surprises on your WordPress site that could disrupt your business and potentially cost you more to fix later.
Even if you implement even a fraction of what I share with you here on a routine weekly or monthly basis you should see your website become more reliably stable and secure.
Back up your site routinely, and make sure it’s a FULL back up that includes your database AND your style files, theme files, plugins, and imagery. And back it up to a 3rd party secure cloud storage accessible from other locations. I also recommend you do this daily AND right before you make any changes to your site so you have a fresh copy if you need to install the backup for any reason. When you have daily backups scheduled automatically and stored to a secure 3rd party cloud storage (so it can be accessed from multiple locations) have the peace of mind of knowing no matter what happens, you’ll never lose more than the last 24hrs of changes to your site and won’t be lost because of a crashed computer or is inaccessible because you’re now traveling or out of the office when you need access to it.
Check out the recommended updates under the Dashboard tab of your WordPress site. More importantly, check the details of those recommendations. You want to make sure the recommended version for the plugin or theme is compatible with your current version of WordPress. If not, then updating could cause a break in your site or loss of functionality. If you’re secure in the knowledge everything should be great, and you have your backup in place, go ahead and bulk update those plugins and themes.
Check special plugins, forms, sliders, and theme files that require updates via a license access. Some of these can update right inside of the WordPress dashboard if you had previously authenticated through a license key. But, some may require you to download the latest version from another source and then upload the new files to WordPress. SPECIAL TIP : I recommend you create a calendar reminder to update, upgrade or renew your special feature or theme licenses so you do not lose access to important features or updates because of a lapse in subscription.
- Check your site functions after the plugin and theme updates. Test the following functionality on your site:
▶ Visit a post and make sure it looks & works the same
▶ Repeat for a page
▶ Test your mobile menu
▶ Test your post editor (and try saving)
Update WordPress files as needed. Remember to run the themes and plugin file updates first – before the latest WP updates – so we don’t miss any important “interim” coding between plugin/theme versions that could cause a break if skipped.
After you run the WordPress update you want to check the site functionality again, AND, now check for possible new plugin / theme file recommendations that may again popup. Run through steps 1-4 again. SPECIAL TIP : You don’t have to always update WordPress the moment a new release comes out. In fact, in some cases it may behoove you to wait a couple of weeks for another micro update which will most likely include a patch to the previous big version release. However, you need to watch what’s actually included in the new release and act appropriately. Waiting to update WordPress when there’s been a new security feature created or updated could leave your site vulnerable to attacks and hacks if you wait too long. Hackers actually run queries for sites running old versions and start their methodical attacks on those sites running outdated security protocol or known breach-reach.
Never update the actual development code of a plugin or theme file in WordPress via the the Appearance > Editor or Plugins > Editor menus. Unless you’re a professional and practiced developer and you know exactly what you’re doing and what to look for – a single small mistake in your PHP file like a misplaced letter can completely break your website (both front-end and back-end).
Check your Dashboard Settings tab! There are THREE areas, specifically, that you want to make sure to address early on.
(1) General Settings – there are two areas here I want you to look at.
▶ Check the Administrator Email Address. a misspelled or incorrect email address could prevent you from gaining access to your site or prevent you from receiving valuable insights and updates about activity on your site.
▶ Also, check the WordPress and Site URLs are correct. A common mistake here is using the wrong protocol (http vs https) which could cause visibility, search engine crawling, or login access challenges.
(2) Permalinks – You want to use a pre-defined permalink structure. Many 404 errors can be traced back to broken or invalid permalinks. Improperly setup permalinks will cause data challenges every time. Best practice for the majority of small business sites is to use the “Post name” setting for your permalinks.
(3) Reading Settings – there are two areas here I want you to look at as well.
▶ Your Homepage Displays – Most small business sites built on WordPress act as full-navigable websites and not a stand-alone blog as it was once designed for. So, you need to make sure the site sections and pages selected for this area are not incompatible to theme structures which could cause a design or function break. In most cases you will select your Homepage Displays a “static page”. In the two drop downs available for this option, you will want to find the appropriate Home page designed for your Homepage option and the appropriate blog landing page for your Posts page option. Leaving either of these drop down options unmatched in a selection will most likely cause a site design and navigation issue.
▶ Search Engine Visibility – if this box is checked your site will most likely not be indexed in the search engines – so all of your great content, knowledge, products or solutions will become invisible to possible users seeking that information through the search engines. Make sure, unless you’re in development mode or redesigning your sitemap, that this box remain unchecked.
Site Health Tool – Under the Tools tab you’ll find a new Site Health menu WordPress added in version 5.2. This tool was designed to help users keep their sites secure and running smoothly. When opened, it will highlight any critical issues along with any recommended improvements for you to tackle. Click on each recommendation and you’ll find more insight about the problem and recommended task.
- Comments – The comments tab is directly related to Post or Page comments made or injected on your site. You want to make sure to clear out spam/junk comments from your site and database. Maliciously added or old junk comments – especially those including links – are designed to provide keys or triggers to slam your site with an onslaught of junk and weaken server performance. They can also create a gateway where hackers can inject your site with more serious and dangerous code to rob important data from the site or hijack your site’s IP address and content. (1) Mark spam as such so your spam filters learn (2) Remove the spam/junk from the site (3) Clean your database