WordPress Maintenance Tasks - A Beginners Guide for Small Business

The truth is that not everyone is comfortable with the technical areas involved in WordPress maintenance. If you are a business owner, you’re probably always busy doing what you love doing; which is running your business.

So often important tasks get neglected because you are either time poor or they get relegated to the too hard basket. The problem is that hackers love unattended WordPress websites because to them they are like ‘honey to a bee’.

Honey to a Bee - WordPress maintenance

Read or download Sucuri’s 2016 Website Hacked Report.

WordPress Maintenance - Preventive Care of Your Investment

WordPress is powering around 25% of the websites on the internet and a high percentage of these are already  infected with malware unbeknown to the site owners. Why? Because for whatever reason, many website owners are unaware that their websites requires regular maintenance for the life of the website.

So what follows is a short introduction to WordPress maintenance and preventative care for small businesses. Much more could be written about, but for now…let’s just dip our toes into the ocean.

WordPress maintenance -If only I had a Backup

Backup Your WordPress Website

 How many times have you heard someone say ‘If only I had backed it up’?

Backups are your insurance in case something goes wrong. We don’t need them often but the day you do, you’ll give a huge sigh of relief.

SOME SIMPLE BACKUP RULES:

  • Always backup your site’s database before you upgrade WordPress Core
  • Set your backup schedule according to how often you update your site
  • Whether you decide to use your web hosts backup service or WP backup plugin - DO NOT keep backup files on your web server.
  • Try to keep three backups in three different locations
  • Backup plugins will allow you to send backups to your PC or Cloud services, such as Google Drive, Dropbox, or Amazon S3
  • If your site does not have a current backup, make this a priority today

There are many free and paid backup plugins that will help you keep your peace of mind. Popular ones include BackupBuddy, UpdraftPlus and VaultPress.

Keep WordPress Software Up to Date

To keep your site secure, it is vital that you keep the software (WordPress Core, Theme and Plugins) up to date. Due to the popularity of WordPress, it attracts a lot of attention from malicious people who actively look for any vulnerabilities that appear in the software.

WordPress Core, themes and plugins are frequently updated for security reasons, so it’s imperative that your WordPress maintenance includes updating these items as soon as you can. The longer they are left unattended, the higher the risk that something malicious will get there before you.

UPDATING WORDPRESS CORE

  • Keeping WordPress up to date will reduce your chances of being hacked. Update ASAP.
  • Some web hosts will do this automatically. Check if yours does, or can do it for you.

ALWAYS BACK UP FIRST

Try not to panic or be lulled into a false sense of security because it’s so easy to update with a click of a button.

UPDATING PLUGINS

  • Keep them up to date once you’ve installed them
  • Always take time to consider the consequences carefully. Not all updates are guaranteed go according to plan and sometimes they can cause unexpected problems. (in case there are major changes, check the release notes before you update)
  • Delete any plugins that you’re not using - They are unnecessary security targets and items to update
  • Check with your developer if you are not sure what a particular plugin does before removing it.

ALWAYS BACK UP FIRST

Prevention is better than cure

UPDATING THEMES

  • When your theme update becomes available, install as soon as you can
  • Proceed if your theme files have NOT been modified or is using a Child Theme.
  • Caution - If your theme files were modified directly, an update could OVERWRITE all the customisations that have been made. So check with your developer to see whether your theme can actually handle an update.
  • Delete themes not being used - They are unnecessary security targets and items to update.

ALWAYS BACK UP FIRST

Better safe than sorry

Database Maintenance

HOW DO I OPTIMISE THE DATABASE?

You can maintain your database directly from Cpanel (using phpMyAdmin) or you can use a WP plugin like WP-DB Manager, WP-Sweep or WP Optimize to delete those old revisions and drafts from the WP Admin area.

The WordPress database accumulates data from plugins, themes, pages, post and comments. A lot of junk data called ‘overhead’ also accumulates and slows down the database over time. Clean the database every few months to keep it running smoothly and quickly.

ALWAYS BACK UP FIRST

At the risk of sounding like a broken record…backup your database first before cleaning.

Find and fix 404 errors - Broken Links

Most of us have come across a 404 not found error’ that appears when a page cannot be found by the browser. Google will penalise you for offering your visitors a poor user experience, by relegating your website’s SEO ranking. So be sure to include finding broken links in your WordPress maintenance, if ranking high in search engine results is a priority for your business.

Once you’ve identified the broken links in your site, you just need to either go to the relevant pages to update, redirect or remove the link.

Secure Your WordPress Site

You may not realise it, but your site is under constant attack by malicious software crawling the internet looking for any opportunity to ruin your day.
WordPress maintenance -Hackers love weak passwords

HOW TO LOOK FOR ANYTHING SUSPICIOUS

Head over to the Sucuri Free Malware & Security Scanner and enter your URL. It will check your website for all known malware, your sites’ blacklisting status, any website errors, and reveal any out-of-date software.

KEEP UP TO DATE

At the risk of sounding like a broken record, updating software is the essential security practice in WordPress maintenance.

SECURITY PLUGINS

There are some great security plugins that will help you keep your site secure. Popular ones include:

  1. WordFence – Free (has a Pro option)
  2. iThemes Security – Free (has a Pro option)
  3. Sucuri Security - Free (has Pro Option)

USE STRONG USERNAMES & PASSWORDS

Always change the default ‘admin’ username, because this will create one more hurdle for any malicious hacker.

Yes I know, you tired of being told about strong passwords and using a different one for every site, but else can you say if it’s the best advice?

Use a Password Manager to create strong passwords for you and remember each one that you create, so that you don’t have to remember anything. LastPass, Roboform, and 1Password are all excellent options to try out.

You can also enable WordPress two-factor authentication through the use of plugins, such as iThemes Security Pro, which adds another layer of login security.

USE SSL CERTIFICATES

SSL (Secure Sockets Layer) technology encrypts data transferred between a web server and your browser. SSL is typically used in eCommerce, where sensitive data is handled all the time, but you can use SSL to add extra protection for any kind of website.

When you purchase an SSL certificate and install it on your server, you will see the appearance of the familiar padlock icon in the address bar of your browser. You will see that the unsecured HTTP protocol previously in your website URL, has changed to the more secure HTTPS protocol.

In additional to improving site security, SSL will also boost your websites’ SEO, because Google now gives websites with SSL Certificates a higher ranking in their search results.

All looks a bit too much...don't have the time?

One thing you definitely want to avoid is putting off WordPress maintenance until a disaster arises. So if WordPress maintenance looks too big for you to handle, get a WordPress Health Check to bring your site back up to date and on track.

Pin It on Pinterest

Share This