In this episode, I cover 5 tasks that should be done on a regular basis to keep your site running smoothly.
LINKS IN THIS EPISODE:
Nothing, really, to link to in this episode.
TRANSCRIPT OF THIS EPISODE
Welcome back to another episode of the Pint Sized Podcast. I’m Kelli Wise, web developer and below average cook – it’s on my Twitter profile so it must be true – and I’m here to answer your questions about WordPress and Websites.
This episode is going to be in the format of a list post. Ooooh, listicles, our favorite. This is actually from a blogging challenge prompt of a challenge I’m participating in, and the question I’m answering today fits in nicely.
So, Sunny, what is our question of the day? Sunny? Sorry, she’s off chasing a wee bit of reflected sunlight on the wall, so I’ll have to read this myself. I apologize in advance for any crashing sounds you hear in the background. Sunny never lets little things like doors, shelves, of height keep her from her fun.
Today’s question from a listener is:
I recently was having problems with my website. Nothing would update and I couldn’t save any posts. I just paid to have someone fix the issue. What sorts of things should I be doing to keep my WordPress website running smoothly and save me from hiring someone like you in the future?
This is a really good, and timely, question. This has been ‘repair week’ for me. I’ve cleaned up a hacked website and repaired a site that was acting up. And it’s only Tuesday. So, in this episode, I’m going to give you my 5 tasks for keeping things running smoothly.
Some of the things I tell you today are things I’ve said in the past. I’m like your dentist, always nagging you to floss.
But there are other things you can do occasionally that will be more preventive. Sort of like going to the dentist twice a year for cleanings and the occasional xray. You’re not going to do it every day, but it needs doing on occasion.
#1 Backups
You should be doing backups on a regular basis! How regular? Well, that depends on how much you update your website. If you post blog posts daily, you could, and should, be doing daily backups. If your site is largely static, then you should be doing at least monthly backups.
The beautiful thing about backups is: there are plugins that will do this and allow you to schedule the backups. For the average “blog post once a week”, small business that is my typical customer, I schedule weekly database backups and either monthly or bi-weekly full backups.
What’s the difference?
Well, the text and links for your posts and pages are stored in your database, so that needs to be backed up when you make edits or post something new. A full backup includes your database, all of the WordPress files, all of your theme files, and all of your plugin files. If your site isn’t changing much, then this probably doesn’t need to be done every week.
One other thing I would suggest is that you do a full backup before you do any major changes to your site, including loads of updates, and again after you make those changes.
And save several of your backups. That site that was exploited? I had to go back 2 backups to know that I had a clean copy of the website to refer to.
#2 Keep it updated
This cannot be said enough. I know you’ve got things working just the way you like them and I know you’re worried that updates are going to break something, but do it anyway. To rewrite Frank Herbert: “I must not fear. Fear is the website killer. Fear is the little death that brings hackers and spambots. I will face my fear. I will permit it to pass over me and through me. And when it has gone past, I will click the update button. Where the fear has gone, there will be nothing. Only a clean and happy website will remain.”
And I apologize to Frank Herbert’s entire bloodline for that. But you get the point.
Update that sucker.
How often? At least weekly. More often if a security update has rolled out as there might be plugins that are being hardened, too. Fortunately, WordPress updates itself most of the time.
#3 Clean house
Have a bunch of unused plugins? Delete them. If they are being maintained by the developer, then they will always be around for you to reinstall them if you need them.
The same goes for themes, with one exception. Keep at least one default WordPress theme installed. I like to keep the latest, which is currently TwentySixteen. This serves 2 purposes: if anything happens to your current theme, WordPress will automatically switch to the default. Your site might look a little weird, but it will at least be visible. The other reason: if you ever have to troubleshoot WordPress or plugins, then every non-theme dependent plugin, and WordPress itself, should work with the default.
Beyond those 2 themes, you really should get rid of any extras. It’s just more stuff you have to maintain and audit.
How often should you do this? Right after your site goes live is a good time. Most people audition a bunch of themes and plugins while they are designing a site. They forget to delete all the discarded choices. Beyond that, I would recommend you do this twice a year.
#4 Log into your website and make sure your backups are running and your security plugins are doing their job
You can’t just add a backup plugin, schedule stuff, and walk away. Things happen. Scheduled backups quit running or something goes awry and the backups aren’t completing. You won’t know unless you check. So do that. Most backup plugins will let you know when the last backup ran and whether it completed successfully.
The same is true of your security plugins. I use iThemes Security Pro on my sites. I check the security logs weekly and add to the list of banned sites. It lets me see if there is an unusual amount of attempts to break into my site and then make adjustments if needed.
It also lets me see if the hosting company has an issue on their end. Remember that exploited site I mentioned at the top of the episode? Well, that exploit wasn’t the client’s fault, it was the hosting company’s. The client hired me to maintain their site. So, I installed all of my backup and security plugins and did some general cleanup.
I noticed, though, that IPs that were on the banned users list were actually getting through and continuing to attack the site. Several hours on the phone and several dozen emails with offshore tech support to explain that their servers were ignoring the htaccess rules weren’t enough for them to fix the problem in a timely manner. And the site was hacked as a result. In just 2 weeks time. So, I spent the better part of a day cleaning up the mess. They finally figured out what their problem was and fixed it.
If I hadn’t been monitoring my security plugins, though, we never would have known there was a server issue and the site would be vulnerable again.
How often should you monitor your backup and security plugins? Every week, when you do your updates. More often if there have been big updates in WordPress or an exploit is found in a particular plugin or theme.
#5 Audit and Replace old plugins and themes
This is one that I’m guilty of neglecting. What do I mean by this? Well, plugins and themes, especially the free versions on the WordPress repository often are abandoned by their old developer. Or there is a big security hole found in one. If you’re slider plugin is revolution slider, the old free one from the WordPress repo, or if your theme is old and has the old tim thumb code in it, it is a security breach waiting to happen.
Sometimes the plugin just gets so out of date that it doesn’t work all that well with the new WordPress updates.
Regardless, there are loads of plugins out there that are ready for the scrap heap. Take a look at the details of your plugins. When was the last time it was updated? 5 years ago? It’s likely time to find a newer replacement for it.
Yes, you might have to tweak your site some. Change out some shortcodes. But your site will be more secure and work more smoothly, too.
Another thing to look for in that big list of plugins you have installed: do you have more than one plugin that’s doing the same task? I’ve seen sites with multiple slider plugins installed and active. After an update or two, those two plugins that sort of worked together are now causing conflicts.
I’ve also seen a site with too many backup plugins, too many shortcode plugins, and the list goes on. This often happens when you have multiple people who maintain the website. A new staff member logs in and installs their favorite slider plugin, ignoring the other slider plugin currently installed.
Many times, these plugin conflicts don’t cause the great White screen of death. That’s an obvious sign that something is wrong. Rather, they start causing goofy problems like interfering with updates or not being able to access the admin area of the website or inserting weird code into the pages or moving things around on the web page. Things that aren’t as obvious as a plain white screen with a cryptic error message, but don’t be fooled, they are just as bad.
How often should you audit your site for old plugins and themes? I’d recommend at least once a year, maybe twice. Put it on your calendar for the week before your birthday. This way, you can give yourself the birthday gift of a happy, clean website.
Since it’s likely been a very long time since you did some of these tasks, I would like to challenge you to log onto your website today and complete all 5. Make sure you backup your site before, though!
Let me know how it goes for you.
I’d love to hear what you managed to get rid of, say your oldest, most out of date theme or plugin you got rid of. Did you actually have a copy of Kubrick in your theme files? I want to know, ‘cuz that is old school WordPress, right there.
That’s all for this episode. Thanks for your question, dear listener. I hope that helps.
Thanks so much for listening. If you have questions or comments, be sure to visit the website at
Pint sized sites dot com / Podcast for links to this episode. You’ll also find show notes with any links mentioned here and you’ll find all of the earlier episodes, too.
If you enjoyed this episode, I would love to have you pop on over to iTunes or stitcher or your podcast service of choice and leave a review. 5 stars would be awesome, but hey, no pressure, ok? Leaving a review makes it easier for other folks out there to find this program.
If you have a question you would like answered, go to pint sized sites dot com and look in the top menu for “ask a question”. Fill out the form and leave your name, if you are so inclined, and I’ll find an answer to your question in a future episode.
Thanks again for listening! Until next time, I’m Kelli Wise and you’ve been listening to the Pint Sized Podcast – website and WordPress help for small business!