WordPress is the most widely used tool for creating websites today. And when you look at the trends, that’s not about to change. The CMS currently powers more than 41% of the world’s one million most popular websites. And the march is only continuing
Why Maintain Your WordPress Site
Whether you own a site with WordPress, are an agency or a freelancer who creates WordPress sites, you’re probably concerned about providing the best possible service and experience to your clients. And that means a secure, fast, easy-to-use website.
When it comes to WordPress, it’s not all about creating the site. It’s important to make sure that over time, the site performs as desired. This is where WordPress maintenance comes in.
In simple terms, maintenance of a system is a set of changes and operations that are made to it after it is set up. It can be done to fix bugs, improve the system, or adapt it to changing needs.
Like any other system, a WordPress site can (needs to) be maintained. A link to a page may stop working, an extension may be obsolete, etc. WordPress maintenance prevents and mitigates such eventualities.
The different types of WordPress maintenance
On a WordPress site, several types of maintenance can be performed on a one-time or regular basis, depending on the needs of the site.
The goal of maintenance is to prevent, to avoid problems that could appear on the site, for example, following an update that was not performed. On WordPress, this will consist of regular updates of the different systems that make the site work: the WordPress core, the themes, the extensions and the translations.
This type of maintenance will intervene specifically and punctually to “repair” or restore the site following a specific problem encountered. For example, a failure following the infection of the site by a virus, a hacking of the site, or a functionality of the site which stopped working.
The evolutionary maintenance
We will use the evolutionary maintenance to make the site evolve according to the needs which arise throughout its lifespan. This can be for example the addition of a feature such as a newsletter, or the integration of a member area.
What to do to maintain your WordPress site
Depending on the situation of your site, the stage it is at, or the prospects you have, one or the other of the above mentioned maintenance actions will be implemented. Each time, specific actions will be carried out on the site.
Have you ever had your site go offline due to a bad manipulation? Now, imagine for example the impact this could have on an online sales site with thousands of visits per day!
This is an example of a situation where backups can be a lifesaver.
Backups allow you to have (regular) copies of your website, which you can reuse as needed. Perhaps to perform tests, or in the most critical case, to restore a site that has a technical problem or that no longer works.
This is one of the good maintenance practices that should be implemented at the very beginning of the creation process of your site.
With WordPress, it is possible (with plugins or services) to schedule automatic backups at regular intervals, and to store them in several places. Indeed, it would be useless to store your backups on your site’s server, and not be able to access them when this server encounters a problem.
There are several ways to schedule backups of your WordPress sites. You can either opt for extensions or for SaaS services.
Here is a list of some extensions or services you can use:
- UpdraftPlus: this is a free extension with a paid version. You can schedule backups of your site content and databases directly from your WordPress dashboard, and store them in multiple locations like Google Drive, AWS, Dropbox, etc.
- BackWPup: this is also a free WordPress extension with a paid version. It offers about the same features as UpdraftPlus, namely scheduling backups of the site and database and storing them in different spaces.
- BlogVault is a WordPress backup service coupled with an extension. The service is paid and allows you to schedule daily, weekly, etc … backups of one or more sites. The backups are stored on the service’s cloud and you can access or manipulate them from a dedicated interface.
A website, like any other resource on the Internet, can be exposed to security breaches. Zero risk does not exist. WordPress, the themes and extensions of its ecosystem are not exempt from this.
Every day, hundreds of thousands of attacks are launched against WordPress sites, and an equally large number of sites are hacked.
In the last thirty days, more than eight billion attempted attacks on websites have been blocked by the WordPress security company Wordfence.
To guard against this, there are some basic rules to follow.
- WordPress usernames: Many people install WordPress with one-click installation scripts embedded in most hosting services. Some of these scripts create a default user with administrator permissions named “admin”.
That’s pretty easy to guess, don’t you think? A brute force attack software with statistical observation optimization will start by testing this kind of username first. So be careful not to use usernames that are too common.
- Passwords: care should be taken to create a strong enough password. Passwords like abcd, password, 1234 … will not resist attacks for very long.
In addition to that, it is recommended to use a WordPress security extension to automate and strengthen the security measures on your sites. Among the most popular ones, you will find Sucuri Security, SecuPress or Wordfence. I invite you to read the descriptions of these extensions and choose one that will meet your expectations.
As soon as the site is designed, it is important to think about how and how often WordPress, themes and extensions will be updated.
Over the months, or years, if you don’t take this into account, updates will accumulate on the site, and this can lead to more or less important security and/or compatibility problems.
For example, WordPress version 5.7.1, released in April 2021, fixed several security issues related to the CMS. If you are using an earlier version, your site could be subject to attacks. The said attacks could exploit these security flaws that have been fixed.
Another interesting example, a few months ago: the Wordfence threat intelligence team discovered a massive attack on potentially over a million WordPress sites; exploiting vulnerabilities on the Elementor Pro and Ultimate Addons for Elementor extensions.
Security patches were quickly released for these two extensions. However, a site is at risk if it continues to use older versions of these extensions.
These two examples highlight the importance of keeping your WordPress sites updated regularly.
The good news is that it’s not all doom and gloom. Security holes that are discovered in WordPress Core are fixed in minor versions.
For example, WordPress 5.7.1 is a minor version and WordPress 5.5 and 5.6 are major versions.
On a default WordPress installation, minor WordPress updates are performed automatically. Unless they have been specifically disabled by the hosting provider or by you.
There are also services like MainWP or ManageWP that allow you to automate updates on one or more sites. You can also opt for an all-in-one system like BlogVault (mentioned above in the backups section); to manage both updates and backups.
Another option is to subscribe to a WordPress maintenance package. In this case, a team of WordPress experts will take care of all the technical aspects of your site, such as updates, backups, security, optimization, etc.
No one wants to have a non-performing website. A customer surely does not want to spend more than five seconds waiting for a product page to load in order to buy it. So performance is not an option. It is an integral part of the site’s design. It is necessary from the beginning to use the most appropriate tools and write the most optimized code possible.
There are good performance practices on the web as well as standards that you should try to apply as best as possible.
To begin with, it is important that your WordPress site uses quality hosting. Hosting is like the foundation of your site. If it’s not of good quality, your infrastructure may fall apart.
In addition to hosting, there are several other aspects to WordPress performance, such as the choice of theme and extensions you use on your site. You’ll want to choose a lightweight, fast theme that has the specific features you need.
It’s the same with extensions. Before installing an extension on your site, make sure you choose one that is well recommended, well rated and whose support is available and responsive. Also, it is advisable to choose an extension that specifically provides the functionality you need; or one that you can disable the features you don’t use.
Finally, ensuring performance at the design stage of your WordPress site also means using web-optimized images (CDNs if needed), optimizing your site’s styles and scripts, etc.
The uptime monitoring
As the owner of a WordPress site, it is necessary to ensure that your site is always functional and available to all users. Several situations can compromise this proper functioning and make the site inaccessible. It is therefore important to detect quickly when the site is down, and to solve this problem in real time.
The uptime is the period during which a website is accessible and functioning normally. We generally use percentages to quantify this state. A site that has not been offline for a period of one month will have an uptime of 100% over this period. The higher the percentage, the better.
Today there are several systems/services that allow you to monitor the uptime of websites. Most of these services have very advanced features that :
- check regularly that the site is still up and running
- send an email if the site is down for more than a certain time
- check for 404 pages and broken links
Here is a small but not exhaustive list of these services:
- BlogVault: this service, which we’ve already mentioned twice, is a kind of WordPress Swiss army knife. In addition to the backup and update features, it also has an uptime monitoring system
- oh dear proposes a complete offer for monitoring websites, from site accessibility to 404 pages and broken links, including status pages
- WP Umbrella is an extension (coupled with a web application) specifically designed to monitor the operation of WordPress sites. Among other things, it allows you to detect PHP errors on sites, monitor the actual operation, etc.
- Uptime Robot is one of the most popular services for monitoring web pages. In addition to the usual features, the service allows you to create status pages for the monitored sites.
Maintaining or having your WordPress site maintained, what to remember?
That’s it, we’ve done the trick. You should now have an idea of what WordPress maintenance is, and why it is important for your business. Another important thing is that you don’t have to do it all by yourself (as a business owner for example).
There are many professionals today who offer extensive WordPress maintenance services. They are there to take care of your site, and make sure it is always in good shape while you just run your business.