Ok, so you got your website up and running. It was a hard slog but you are proud with what you have accomplished. This shiny new business asset is going to help position you and your brand as the go-to expert in your sphere of influence. But, what about caring for your WordPress website?
What you didn’t realise, or weren’t told about, was that as the days roll on you’re responsible for the general day-to-day care and upkeep of your website. That means:
- Security – Locking down your website and pro-actively preventing malicious activities, such as hacking and XSS (cross-site scripting) that can leave your website crippled or worse
- Upkeep – All those plugins you installed need updating, and so does WordPress itself (aka WP core). This directly impacts security too, so its a double-whammy requirement.
- Updates – Keeping your website fed with new and refreshing content is important for a wide variety of reasons. Two examples would be better Google rankings and appearing active/open for business.
Think of a website like a car. It requires routine checkups and care to keep it running efficiently and safely for you (your business), and those around you (visitors). If you don’t you leave yourself and others open to danger.
A WordPress website checklist
This checklist covers the fundamental aspects of caring for your WordPress website. It’s not an exhaustive list but is comprehensive enough to keep your website going.
1. Daily backups
Arguably the most important way to safe-guard your website is to ensure you have regular backups, and several iterations. Now, I know this is a reactive point but getting this sorted first enables you to fallback should the worse happen.
Think about it, if an ex-employee goes rogue, a hacker breaks in and steals your “keys”, a plugin was developed badly and breaks WordPress you will be able to repair the damage done by rolling back to a previous version.
2. Updating the WordPress Core and Plugins
If you own a computer, phone or tablet, and you must if you are reading this, then you know about updates. You know, those pesky pop-ups and imminent alerts giving you x seconds to refuse or the computer will restart. Well WordPress websites require updates too.
If you do not, can not, or simply refuse to, update your websites core files, and those of its plugins, then you’ll soon find your WordPress installation entirely vulnerable to all sorts of malicious attacks. Every update that WordPress releases to its core addresses security vulnerabilities, among other things such as bug fixes and new functionality. These security “patches” are important, so make sure you update it time it says to.
3. Security monitoring/scanning
WordPress is a PHP and MySQL based Content Management System, or CRM for short. It has many moving parts and lots of vulnerabilities, as does any CRM or website for that matter. Having a pro-active website security scanner running means you can detect intrusions and malicious files (malware) when they strike, or sometimes before they do.
Malware and WebARX are my tools of choice. Both are included in my Website Care Plans and are extremely well suited to protect your website from malware.
Closely linked to point 2, firewalls put up a virtual barrier between the outside world and the things they protect, which in this scenario is your WordPress website. A firewall should be running 24/7/365 in order to truly and pro-actively protect your website.
I again suggest Malcare and WebARX as solutions to this need.
5. Malware cleanup
We have yet to cover what you do when something does eventually go wrong, and it is quite likely to happen if you don’t take things seriously.
If your website becomes infected with a malicious file, ideally your security monitoring/scanning precautions kick in and cleanup the offending file making your website safe again. If this doesn’t happen, and you can’t catch everything, manual cleanup is often required. This can be costly, and really depends on the company you go with. I’ve seen charges as little as $50 all the way up to $1,200 for a single incident.
Automatic and manual malware cleanup is included, free of charge, as part of my Website Care Plan offering.
6. Staging environment
The best practise when it comes to making any changes to your website is to test them first. Most changes will work without a hitch but sometimes its best to create a clone of your website, make the change(s) and if all goes well repeat this on your live website.
Most website hosting providers can offer a form of staging environment for you to test changes, or simply find a 3rd party solution.
7. General updates
A stale and dusty old website gives of the image that you are no longer operating, and you’ve simply left your website to rot. This may not be the case but it can be read that way, especially if your copyright notice isn’t updated each year.
To avoid giving off the wrong impression you can do one, or ideally all, of the following to help keep your website refreshed and dust free:
- Add blog articles every month, at least once a month.
- Update the copyright year in the footer of your website.
- Add testimonials that demonstrate you are actively working with clients.
- Be active on social media and link back to your website and resources.
- Post case studies or portfolio items.
Now you know
Hopefully this checklist has given you some food for thought, and goes someway towards convincing you to take good care of your WordPress website.
If you have any questions or concerns, please don’t hesitate to get in touch with me. Also if you’d like a free website audit I’d be more than happy to help, simply complete the form below