Security measures

WordPress mistakes to avoid in 2019

WordPress CMS is one of the most user-friendly platforms enabling developers as well as non-developers to customise and publish content easily. Nevertheless, that doesn’t mean it’s entirely infallible. Web owners should be aware of several mistakes when working with WordPress that could compromise the performance and security of the website. Even the most experienced WordPress developer could easily overlook it.

I have been working with WordPress CMS (content management system) for the past 5 years. I’d like to kick off this year’s first blog post with a continuation of the WordPress series. Previously, we looked at the advantages of using WordPress for your website. Putting this list together helps beginners as well as the experienced content builder to avoid common WordPress blunders. Ready to get started? We begin by looking at 8 factors to avoid when dealing with a WordPress site.

Mistake 1: Not having regular backups


Do not underestimate the power of backups. They might be inconvenient and easily forgettable but if you ever make an update on your website and the entire site goes down. You will realise that you might need to roll back to a backup otherwise you will face the distress of losing data. Therefore, always have proper back up for your website or take advantage of free WordPress plugins that can automatically run backups for you.

Mistake 2: Failing to update your WordPress PHP & Plugins

Not Updating PHP

The core developers of WordPress never stop to improve the security of WordPress. Many websites are using the scripting language called PHP, the latest version of PHP 7 that offers better prevention and performance of vulnerability security. If you run on an older version such as PHP 5.6, you will most likely experience errors if you try to install a new version of an outdated theme or plugin and potentially keep your website from working to its fullest potential.  To update your PHP, simply just log into your hosting account and check your PHP version from PHP settings or PHP configuration. Similarly, the same goes for plugins. Simply just update it from the WordPress backend or from the plugins page.

Mistake 3: Hoarding onto plugins that you don’t utilise

Hoarding plugins

Plugins are like a functionality extension that contributes to adding new features to your website. Personally, I feel it’s not a major issue to have a lot of plugins as WordPress is meant to be a platform that allows multiple plugins. However, while most plugins are helpful, keep in mind that each plugin takes up space that could have a significant impact on the speed or security of your website. Furthermore, another problem is how these plugins interact with other plugins or the system. Make sure you check your plugin section regularly and remove any unused ones, as well as ensure that they are updated routinely within the testing environment before updating the live site. That being said, we move on to the next mistake.

Mistake 4: Neglect of staging environment for testings

A staging environment is a separate place with restricted access that allows you to make amendments and testings before implementing it to your live site. Instead of updating your changes on the live site, you should test it within the staging environment. This helps you to avoid any errors that could be prevented on the working live site and affect your SEO rankings and sales. SEO (search engine optimisation) refers to making modifications to your website in order to improve organic search results on search engines and boost the visibility of the website.

Mistake 5: Disregard security measures such as changing the default username

Security measures

The default username is “admin” when you implement WordPress installation. Taking this into account, it’s easy for hackers to find the loophole and apply a brute force attack to take over your website. Simply ensure that you use a different username and use a combination of letters, numbers and special characters for your password. Install security plugins such as iThemes security to secure your website and keep the bad guys at bay.

Mistake 6: Using the default settings

In short, permalinks (also known as permanent links) are the way your site’s URL is structured leading to different pages and posts. Without updating it, it would have a short structure that could affect SEO. Hence it is important to ensure that the permalink contains keywords which improve overall SEO for the site.

A comparison of two permalinks:
Poor permalink structure:
Proper permalink structure:
For the sake of SEO, head over to the “Settings” and then “Permalinks” to select the “Post Name” from the list provided.

Permalink structure

Mistake 7: Not optimising large graphics file size for SEO

Graphics and images are important content that helps to provide visual signs and reinforce your brand identity. Like descriptions and keywords, they are also important for SEO. Uploading large size images will help load slower performance site speeds and cost higher bounce rates. Therefore, to maintain a smooth running website, it is essential to always optimise your images for the website.

Mistake 8: Overlooking Google Analytics for SEO

As mentioned earlier, SEO (search engine optimization) refers to making changes to your website to improve search engine organic search results. It is worth looking into and investing in SEO tools or strategies. You can start using Google Analytics first if you are unsure of where to start. It provides valuable insights into your WordPress website and is cost-effective for beginners as it is free.

Wrapping up

This concludes the WordPress post series. Because I’ve learnt from these mistakes, today I’m sharing them with you. Don’t feel bad if you’ve made several of those mistakes already. Whether you’re building your own or keeping one, learning common errors in WordPress can save you time from unnecessary troubleshooting.

(Image from Giphy)

Want to know if your website needs a revamp? Contact me to find out more about my web services.