WordPress Maintenance Tasks-Beginners Guide for Small Business

Published: 13/09/2016
The truth is that not everyone is comfortable with the technical areas involved in WordPress maintenance. If you are a business owner, you’re probably always busy doing what you love doing; which is running your business.

So often important tasks get neglected because you are either time poor or they get relegated to the too hard basket. The problem is that hackers love unattended WordPress websites because to them they are like ‘honey to a bee’.

WordPress Maintenance – Preventive Care of Your Investment

WordPress is powering around 25% of the websites on the internet and a high percentage of these are already  infected with malware unbeknown to the site owners. Why? Because for whatever reason, many website owners are unaware that their websites requires regular maintenance for the life of the website.

So what follows is a short introduction to WordPress maintenance and preventative care for small businesses. Much more could be written about, but for now…let’s just dip our toes into the ocean.

WordPress maintenance -If only I had a Backup

Backup Your WordPress Website

 How many times have you heard someone say ‘If only I had backed it up’?

Backups are your insurance in case something goes wrong. We don’t need them often but the day you do, you’ll give a huge sigh of relief.


  • IAlways backup your site’s database before you upgrade WordPress Core
  • ISet your backup schedule according to how often you update your site
  • IWhether you decide to use your web hosts backup service or WP backup plugin - DO NOT keep backup files on your web server.
  • ITry to keep three backups in three different locations
  • IBackup plugins will allow you to send backups to your PC or Cloud services, such as Google Drive, Dropbox, or Amazon S3
  • IIf your site does not have a current backup, make this a priority today
There are many free and paid backup plugins that will help you keep your peace of mind. Popular ones include BackupBuddy, UpdraftPlus and VaultPress.

Keep WordPress Software Up to Date

To keep your site secure, it is vital that you keep the software (WordPress Core, Theme and Plugins) up to date. Due to the popularity of WordPress, it attracts a lot of attention from malicious people who actively look for any vulnerabilities that appear in the software.

WordPress Core, themes and plugins are frequently updated for security reasons, so it’s imperative that your WordPress maintenance includes updating these items as soon as you can. The longer they are left unattended, the higher the risk that something malicious will get there before you.


  • IKeeping WordPress up to date will reduce your chances of being hacked. Update ASAP.
  • ISome web hosts will do this automatically. Check if yours does, or can do it for you.


Try not to panic or be lulled into a false sense of security because it’s so easy to update with a click of a button.


  • IKeep them up to date once you’ve installed them
  • IAlways take time to consider the consequences carefully. Not all updates are guaranteed go according to plan and sometimes they can cause unexpected problems. (in case there are major changes, check the release notes before you update)
  • IDelete any plugins that you’re not using - They are unnecessary security targets and items to update
  • ICheck with your developer if you are not sure what a particular plugin does before removing it


  • IWhen your theme update becomes available, install as soon as you can
  • IProceed if your theme files have NOT been modified or is using a Child Theme.
  • ICaution - If your theme files were modified directly, an update could OVERWRITE all the customisations that have been made. So check with your developer to see whether your theme can actually handle an update.
  • IDelete themes not being used - They are unnecessary security targets and items to update.

Database Maintenance

How Do I Optimise The Database?

You can maintain your database directly from Cpanel (using phpMyAdmin) or you can use a WP plugin like WP-DB Manager, WP-Sweep or WP Optimize to delete those old revisions and drafts from the WP Admin area.

The WordPress database accumulates data from plugins, themes, pages, post and comments. A lot of junk data called ‘overhead’ also accumulates and slows down the database over time. Clean the database every few months to keep it running smoothly and quickly.


Try not to panic or be lulled into a false sense of security because it’s so easy to update with a click of a button.

Find and fix 404 errors – Broken Links

Most of us have come across a 404 not found error’ that appears when a page cannot be found by the browser. Google will penalise you for offering your visitors a poor user experience, by relegating your website’s SEO ranking. So be sure to include finding broken links in your WordPress maintenance, if ranking high in search engine results is a priority for your business.

Once you’ve identified the broken links in your site, you just need to either go to the relevant pages to update, redirect or remove the link.

Secure Your WordPress Site

Your site is under constant attack by malicious software crawling the internet looking for any opportunity to ruin your day.

WordPress maintenance -Hackers love weak passwords


Head over to the Sucuri Free website security check & malware scanner and enter your URL. It will check your website for all known malware, your sites’ blacklisting status, any website errors, and reveal any out-of-date software.


At the risk of sounding like a broken record, updating software is the essential security practice in WordPress maintenance.


There are some great security plugins that will help you keep your site secure. Popular ones include:

  1. WordFence – Free (has a Pro option)
  2. iThemes Security – Free (has a Pro option)
  3. Sucuri Security – Free (has Pro Option)


Always change the default ‘admin’ username, because this will create one more hurdle for any malicious hacker.

Yes I know, you tired of being told about strong passwords and using a different one for every site, but else can you say if it’s the best advice?

Use a Password Manager to create strong passwords for you and remember each one that you create, so that you don’t have to remember anything. LastPass, Roboform, and 1Password are all excellent options to try out.

You can also enable WordPress two-factor authentication through the use of plugins, such as iThemes Security Pro, which adds another layer of login security.


SSL (Secure Sockets Layer) technology encrypts data transferred between a web server and your browser. SSL is typically used in eCommerce, where sensitive data is handled all the time, but you can use SSL to add extra protection for any kind of website.

When you purchase an SSL certificate and install it on your server, you will see the appearance of the familiar padlock icon in the address bar of your browser. You will see that the unsecured HTTP protocol previously in your website URL, has changed to the more secure HTTPS protocol.

In additional to improving site security, SSL will also boost your websites’ SEO, because Google now gives websites with SSL Certificates a higher ranking in their search results.

All looks a bit too much?

You want to avoid is putting off your website maintenance until a disaster arises. So if WordPress maintenance looks too big for you to handle, seriously consider taking up a maintenance which costs less than a cup of coffee per day.