What Are Your WordPress Pro Tips?
Our pain is your gain.
We often get asked: “What do you wish you knew when you got started?” Or the variant of that: “What advice would you give someone just starting out today?” We thought about it, and realized we had quite a bit of wisdom to share. The list below – in no particular order – represents our collected wisdom, circa August 2024:
- Learn how to back up and restore WordPress without the need of a plugin.
- Learn how to turn on debug mode. Then turn it off to ensure it does not negatively impact performance.
- Learn how to turn off plugins – from the command line.
- Corollary: Learn how to use WP-CLI
- Understand that WordPress is open source, with varying degrees of support and quality in plugins and themes. Many issues you encounter are not a core WordPress issue, just a poor developer issue.
- Learn to back everything up. Remotely. Backup your backups. If you are unsure if the backups have everything, back them up again. And then back that up. Get the idea?
- Vet plugins and themes. Software gets abandoned all the time. And anyone can make a plugin. So use ratings, popularity, and support response to vet what you install. We, ahem, wrote a post about that…
- Keep things updated. Security updates, patches and new features are released all the time.
- Theme developers and plugin developers have economies of scale on their side.
- Choose a fast web host.
- Did we mention backing your site up?
- Use a local WAF (Wordfence) AND a remove WAF (Cloudflare). This layering of protection is known as “defense in depth.”
- Always check that your backups are being successfully created on the target (destination) server. You don’t want to discover this is not happening when you need to perform a restore.
- Optimize your images
- Keep your page size (payload) small
- Have at least one offsite (out of server/hosting) backup.
- Keep backups of at least a few weeks of previous site versions.
- Enable two-factor authorization (2FA) to safeguard your site.
- Have a backup admin account ready for use.
- Use strong passwords
- Use the function.php file in a child theme
- Make sure users have a way to contact you directly
- Use the minimal amount of plugins
- If you give third parties access to your site, for maintenance or development, revoke it as soon as possible.
If you found this list valuable, leave a comment below.