If you are involved in the web or WordPress community in Australia you will no doubt have heard of Dee Teal (aka The Web Princess).
Teal’s presentation at Problogger focussed on how to keep your WordPress website backed up, maintained, updated, secure and efficient. Here are our notes from her presentation below.
Insurance – Back up Your Site
Teal started on one of the most important (and often neglected) aspects of website – backups. It’s important that you keep a current copy of both your website’s database and the files such as your theme, content, images, videos and documents.
She addressed 3 critical questions that you should ask yourself when you create a backup plan:
1. How are you going to backup?
Don’t just rely on your host to backup, however, if you use a WordPress host like WPEngine they take care of backups and have a one click restore option
Learn how to do it manually (i.e download files via FTP and exporting an SQL file direct from the database).
Install a WordPress backup plugin such as Backup Buddy, VaultPress or WP Backup to Dropbox
Pay someone to manage your site for you
Whichever option you choose it’s important that you schedule regular backups – you may choose to adjust the frequency based on how regularly you update your site e.g if you update your site with content daily then daily backups are worth considering.
2. Where are you going to store your backup?
Don’t keep them in the same place as your website
Download a copy and store it locally (e.g on your computer or a hard drive)
3. How are you going to restore from back up if you need to?
Teal recommends not to practice this on your live site but rather in a sub folder on your server or local server on your machine like XAMPP/WAMP or MAMP
Maintenance and Updates
Teal emphasises that one of the most important ways to maintain your site is it keep it updated with the latest version of WordPress, the latest version of your theme (be wary if you’ve made changes directly to the theme files as this could be overridden) and latest versions of your plugins. It’s worth checking the release notes before you update in case there are major changes.
Before you hit the ‘update’ button make sure you have a full backup of your site and database just in case there are any conflicts/bugs that arise so you can roll back your site if needed.
Updates are especially important from a security perspective, as that is often the reason why developers release updates to address security issues.
Teal also recommends a regular clean of the database. She gave the example that every time you save revisions of your posts and create draft content it stores this information in the database. The data that is no longer required should be removed from time to time you can do this directly from cPanel (using phpMyAdmin) or a plugin such as WP Clean Up. Plugins like DNUI can also be useful to delete images that aren’t being used.
She also recommends deactivating and uninstalling unused plugins and themes.
It’s also worth keeping on top of broken links (as you may already know Google can use it as a bit of a ‘strike’ against you if you have broken links so it’s worth fixing them). Google Webmaster Tools is a useful tool that every person who owns a site should consider using as it scans yours site for broken links and can alert you if Google finds problems when it crawls your site. Screaming Frog was another SEO resource that can scan your site to identify any broken links and other SEO issues.
Security
Like most things you get what you pay for when it comes to hosting says Teal. The first thing you should do when it comes to security is look into the security measures at your host. Teal highlights that good quality hosting will cost more but it’s worth it.
As mentioned earlier, it’s important to keep your WordPress site up to date as a good security practice.
Teal also recommends to avoid the default user name ‘admin’ which is the default when installing WordPress as this is the first users that hackers will try and exploit. If you already have WordPress setup with ‘admin’ as a user, then create a new administrator user and then delete the old one. It’s also worth changing the table prefix for your database.
The importance of a strong password is also covered by Teal. It may seem obvious but don’t use easy passwords to guess such as your date of birth or family pet. You can make use of tools like 1Password or Lastpass to store your passwords so you don’t forget. Teal also reminds the attendees to not use the same password for everything.
Using a security plugin is also recommended by Teal such as WordFence (which also has inbuilt caching), iThemes security or Sucuri Malware Scanner.
It’s also worth considering a SSL certificate for your site so that the transfer of data is encrypted and secure. It’s also been recently noted as a ranking factor by Google.
Pest Control – Spam Protection
Teal starts of this section of the presentation by reviewing one of the biggest nuisances of WordPress websites – Spam. Akismet is installed by default (it just needs to be activated) and is a plugin created by the makers of WordPress.com so it’s a handy and powerful resource to help block spam.
There are also plugins that add CAPTCHA’s and other tools to help trick spammers that might be useful. Or perhaps consider a commenting plugin such as Disqus.
Efficiency
Teal also covered off an introduction to efficiency in her presentation, which is a topic that is also an important SEO ranking factor – website speed.
She referred to some research from Copyblogger which gave a list of reasons as to why you should make your site fast including bounce rate, search ranking, gets people to do what you want easier, see more content in the time you have their attention, happier when they’re not kept waiting and happy people click links.
If you want to check your site’s speed and even identify which parts of your site could be letting you down, Teal recommends checking out sites like WebPagetest.org, Pingdom, Google PageSpeed and GTMetrix.
Teal also recommended using caching plugins such as WP Super Cache, Hyper Cache or W3 Total Cache and when you’re getting lots of traffic it’s worth looking at improving your hosting and investing in a Content Delivery Network (CDN) such as CloudFlare where you can spread the load of static content across different servers.
She addressed 3 critical questions that you should ask yourself when you create a backup plan:
