More than 75 million websites rely on the free CMS (content management system) WordPress to run their website. The power behind this giant community is incredible. Your WordPress website has unlimited potential, unlimited opportunities and can serve as the platform for your financial freedom.
WordPress runs well right out of the box, however, if you truly want to take advantage of the power that WordPress encapsulates, be sure to incorporate these ideas, strategies, changes, and improvements to your website.
1) Update Your WordPress core
WordPress is constantly updating their software. Aside from the many enhancements and features they release, they do their best to help defend your website against vicious attacks.
Updating your website is easy, often just pressing a button. The files are downloaded and updated in the background.
Before you update WordPress, be sure to update your website, including the database and all the files. Depending on your web host, it’s often easy to do this. Check with your host for their most advisable method. Don’t skip this step.
If everything goes smoothly, you can backup and update WordPress in under 10 minutes.
Note: Check your theme’s compliance to confirm your website will operate properly. Often older, and free theme’s are not properly maintained, and therefore, many issues and problems can arise. If this happens, revert to your latest backup version. You backed up your website, right?
2) Update Your Theme
Often theme creators release updates to their theme that fix bugs, add new features, match current updated WordPress compliance and help to keep your website secure.
Updating your theme is often more complicated and time consuming than updating WordPress, however, it’s equally important.
3) Update Your Plugins
This incredibly easy step is also incredibly important. Just like your theme, plugins need to update their code to keep up with changes. You will be notified when your plugins become outdated.
If your plugin is free, it’s often capable of being updated through the WordPress repository. Click on the “update now” text link to update the plugin. The rest is taken care of automatically. You will be notified when this is completed successfully.
Some paid plugins have time limits to their updates. For example, the popular form creation plugin Gravity Forms, provides one year of support and upgrades. To update the plugin past this time requires a renewal (fee) of your subscription.
If you are planning to purchase a plugin, be sure you understand their terms and conditions, and can prepare in advance if you need to pay additional fees.
Other paid plugins provide a lifetime of support and updates. However, unless the plugin has an active community, it may not be properly updated if they are without necessary revenue to support the continual development. Food for thought.
4) Secure Your WordPress Install
The complications of securing a WordPress website in it’s entirety is much greater than a multi-purpose article such as this. I’ll provide you with a few simple tips, but beyond this, I suggest you search out answers to your specific issues you are trying to address.
First, do use “admin” for any account credentials. This is very common, and a go-to for WordPress hacks. You can add admin to a user name if that’s easiest for you to organize the logins, such as “daveadmin”.
Next, choose a complex password. The more complex, the greater the chance your account won’t be hacked. By all means, don’t use “password” or “123456”, the two most common passwords used.
The goal with your password is to make it hard for other people to guess and hard for a brute force attack to succeed. Many automatic password generators are available that can be used to create secure passwords.
When choosing plugins to extend the functionality of your website, be very careful which plugins you choose. Poorly written, or improperly maintained plugins can wreak havoc on your website. I suggest you choose popular, active plugins whenever possible. Pay special attention to the information maintained by the WordPress repository, including downloads, feedback and star rating.
The plugins mentioned in this article are all popular, well maintained and have been used by us, often for several years.
Finally, be sure to check the Permission Scheme on your folders after you complete the install. All too often, improper file permissions are left on the folder structure, making it easy for site to be hacked.
Hardening your WordPress website is also very important. WordPress has provided this sophisticated guide to tighten up the security of your website, it’s very comprehensive, so grab a jug of coffee and read about the following topics:
- What is Security?
- Security Themes
- Vulnerabilities on Your Computer
- Vulnerabilities in WordPress
- Web Server Vulnerabilities
- Network Vulnerabilities
- File Permissions
- Changing file permissions
- Regarding Automatic Updates
- Database Security
- Securing wp-admin
- Securing wp-includes
- Securing wp-config.php
- Disable File Editing
- Security through obscurity
- Data Backups
Now that’s a long list! Here is another comprehensive guide you may want to consider: WordPress Security: The Ultimate Guide
5) Improve Your Page Speed
You have 2 seconds or less for your website to load before your visitors will leave. You have the same amount of time for Google to ding your website for being too slow (yes, page load time is an important factor in Google’s algorithm)
There are two main ways to improve your page speed: server performance and website performance.
Server performance is easy – don’t use a low-budget shared hosting plan. If you’re paying $2.99 a month I can almost guarantee your website is going to be slow. Period. Your website is ‘shared’ with hundreds or thousands of other websites, all competing for the hardware offered by the server, including the processor (CPU), the hard drives, the RAM (memory), and accessing your database.
When someone loads a page on your website, all the above mentioned resources must be accessed, if they are currently in use, then your website needs to wait in line for them to become available. This can take seconds if not longer.