We get asked this a lot – why do i need to maintain my WordPress website? There are a number of reasons, the main one being security. If you are not currently maintaining and updating your website, whether it is built on the WordPress platform or not, start doing so. Ask your web developer how you or they can do this, or click here to view our website maintenance packages.
- Security – just over 3 years ago we had 3 of our websites hacked because they were not being updated regularly enough. We learned a lesson or two that day. By simply updating the theme and plugins (as a minimum) means that you can take advantage of all the hard work those plugin developers are doing behind the scenes to keep those plugins secure. If not, you risk being hacked. You might say “it will never happen to me” – well good luck to you! The 3 websites we had hacked were local businesses. Hackers pay no attention how big your website or company are. I am pleased to say that the only website that has been hacked since is from a company who did not wish to take us up on our web maintenance package, and instead maintain it themselves. Low and behold, they didn’t, and around 6 months ago we were asked to clean out and reinstate their website.
- Note – updating your plugins and themes should be a minimum. There are many other things you can do to keep your website secure from brute force attacks and hackers.
- Speed – we live in a world of constant updates in technology. Keeping your website update can actually improve page speed, which in turn improves user experience. We all know how much Google loves user experience. Plugin or site script developers are always looking for new ways to improve their plugin or theme speed in future releases. Don’t stop there though. Upgrading your PHP to version 7 has been proven to be (at least) 20% quicker than PHP 5. It also ensures your plugins stay compatible. To upgrade, you can either ask your web developer or navigate your way to your hosting control panel. You will usually be able to upgrade within your hosting panel.
- Ensure things still work – pretty important if you want your site to actually work. An out of date website can result in scripts being no longer compatible and it can cause conflicts between plugins and themes. If your website is THAT out of date, it might be that you have surpassed the minimum requirements your website needs to actually run WordPress. Have we convinced you to maintain your website yet?
A website is for life, not just for Christmas
Never a truer statement has been said. A website is not something you can have designed, and then leave. Similar to a pet. You need to maintain it. And if your website is built on WordPress, maintaining it is easier than you think. Below I have listed some really simple things you can do to keep your WordPress website fully functioning:
- Updates plugins – aim to run updates every month. If you login daily/weekly, then run those updates, however monthly should suffice.
- Update WordPress – a new version of WordPress comes along very so often, so when it does, update it. The newest version of WordPress (at the time of writing) is 4.8, and includes a host of security updates and sees a more intuitive platform. Check out the exciting new WordPress widgets.
- Update your version of PHP – your developer or host is unlikely to do this automatically, and if your version of PHP is well out of date it will cause performance and speed issues. It could also cause compatibility issues so watch out.
- Run a monthly scan – we use Wordfence, however there are other security plugins out there that work just as well. Wordfence is one of the leading security plugins with free and paid versions. The free one should suffice for the smaller websites. This particular security plugin will allow you to run regular scans for hacks or viruses, and will notify you when users are attempting to hack your website.
- Maintain your users – if any of your users have usernames that are either admin, the name of the site (in our instance ‘onefoursix’) or the name of the person, change them. Brute force attacks more often try breaking through with those sort of usernames. Passwords are important as well. WordPress will generate ‘strong’ passwords so use them. A password with 3 random words has recently been deemed as the strongest possible password.
- Hide your wp-admin – if you are not sure how to do this, ask your web developer. Keeping your WordPress login area on wp-admin or wp-login just encourages people to hack it. Change it to something random and you will see a reduction (if using Wordfence) in brute force hacks.
- Run a monthly backup – check what you are paying for, however your web hosting company should do daily updates. We do. Despite this, it is important to run monthly offsite backups. The sites we had hacked 3 years ago had corrupt code planted over 3 months before the site went down. Because we only kept 3 months worth of on server backups, we could not roll the site back to an earlier version. Always keep the original backup, and try and keep others along the way. It will make it easier to reinstate the site if you are ever hacked. We use a plugin called All-in-One WP Migration to run backups. These can be set as automatic, or run manually at a click of a button.
- Before doing any of the above, we would always advise you backing up your website.
I hope some of the above will help you to more easily backup your website. If you are concerned your website may have been hacked, or don’t wish to get involved then I advise you to get in touch with us or your web developer. View our web maintenance and hosting packages by clicking here, or contact our team of web specialists here.
Author: Dave Williams
Dave Williams is the founder and director of onefoursix; a digital marketing agency based in Northampton. After setting up onefoursix in 2011, Dave has gone on to grow it to one of Northampton’s finest agencies. His expertise include social media, user experience and SEO.
Share this Post