WordPress is a fabulous tool for managing your website, but you can quickly make it even better with these simple tips and tricks.
As a freelance web designer, I use WordPress for pretty much every client website I build… including my own. From the client’s point of view, it’s easy to use and free to install. From my perspective as a web developer, it’s a very powerful tool that, through its virtually endless library of plugins, I can use it to create pretty much anything I need.
Despite the seemingly limitless potential and diversity that comes with WordPress, there are several things that I’d recommend for every WordPress site.
Regardless of whether you are just getting started with WordPress or if your website has been up and running for a while, there are a few things in the core settings that you should look at tweaking.
Not always used by every WordPress theme, but easy to forget about. Nobody wants their site to be launched and indexed by Google, just to see the standard tagline of “Just another WordPress site” sitting there, loud and proud!
To remove this, just go into “Settings” then “General”, and change the default tagline to something short, sweet and relevant to your website.
Search Engine Visibility
The tiny tick box with the potential to completely hide your website from search engines! Unless there’s a specific reason why you might not want your site to be indexed by search engines (e.g. a demo site, not yet ready for launch), make sure this setting is unticked. And if it is a demo site, make sure you untick this box when the website eventually does go live!
This one can be found in “Settings”, then “Reading” – the small tick box at the bottom, titled “Search Engine Visibility”. Untick.
If you don’t intend to encourage comments in your WordPress blog, or don’t even make use of the blogging platform at all, then make sure to disable the comments facility in the settings. Whilst not essential, this can help to cut down the amount of spam comments and form submissions your site may attract.
This can be found under “Settings”, then “Discussion” – simply untick the box that says “Allow people to post comments on new articles”.
If you already have a number of existing blog posts, then you might need to go into the “Posts” section of your admin area and disable comments for each post, as this setting only affects newly-created posts.
(Note: if you are running an online shop using WooCommerce or Jigoshop, you might need to leave comments enabled if you intend to use the customer product reviews.)
A really basic one, but well worth mentioning… if you intend for your site to appear in search engines! Under “Settings” then “Permalinks”, you should make sure that your site doesn’t have the “Plain” option selected. The “Plain” option displays the URLs of all sub-pages on your site as simply their internal WordPress post ID number – which is completely meaningless to your website visitors and search engines.
You can select pretty much any of the other settings – I’d recommend either “Month and name” or “Post name”. These will use the post/page title to generate a much more meaningful URL – full of lovely, wholesome SEO goodness.
Removal of unused plugins
Any default installation of WordPress comes with several plugins that you just don’t need. These include the likes of “Hello Dolly”, which serve no useful purpose whatsoever. If you chose to disable comments (as above), you can also remove the Akismet anti-spam plugin. If you will never need the facility to set a post to automatically publish at a specified future date, you can safely remove the two plugins for managing cron jobs: these are WP Crontrol and WP-Cron Control.
Have a good look through what plugins you have installed and remove anything you don’t need. Especially if you use GoDaddy or 1&1 for your hosting and you installed WordPress via an option in your hosting control panel – those guys love to cram all manner of useless crap in with their WordPress installers!
Also… removing unused plugins is highly recommended from a security standpoint. Think of every plugin you install as a potential gateway for a hacker! Whilst the majority of WordPress plugins (particularly the ones listed below) are regularly and actively maintained by their respective developers, not all plugins are treated with the same level of love and care.
It only takes one neglected plugin from Dodgy Dave’s Dev Toolz to bring your website crashing down!
If you don’t need it, remove it.
Useful WordPress Plugins
With an abundance of plugins available for WordPress, which ones should you use? Here’s a list of a few of the most useful WordPress plugins, which I include in pretty much every WordPress website I build:
- Yoast SEO
The best plugin available for helping with search engine optimisation.
- W3 Total Cache
My preferred caching plugin, to help speed up WordPress.
Automatic image optimisation and compression, reducing file size of photos… and therefore the loading speed of your website.
- TinyMCE Advanced
Simplifying the page editor toolbar by stripping out all the icons you’ll never need.
- Advanced Custom Fields
Expanding the functionality of the admin area by introducing a range of additional content options.
- Gravity Forms
My favourite form builder plugin for WordPress. Does pretty much anything and everything.
Massively improve your website’s chances of survival out there in the big, bad world (wide web).
Security: Looking after your WordPress website
Being one of the most popular content management systems around, the main downside to using WordPress is that it can be a target for would-be hackers. Mostly this will be people trying to exploit plugins that have known vulnerabilities, or they will try to gain access to your admin area by guessing your admin password. Thankfully, there’s a fairly simple yet very effective solution: Wordfence.
As featured in my list of useful WordPress plugins, Wordfence is an all-in-one security plugin for WordPress, that is freely available to download and install. As well as plugging a few potential security holes in WordPress itself, it offers a range of other security measures to help protect your website from would-be attackers:
- Initial set-up wizard to guide you through setting up the best basic options.
- Firewall to identify and block suspicious activity.
- Protection against brute force attacks.
- Malware scanner and known exploit monitor.
- Checks if any plugins need an update and alerts you via email.
- Block people (manually or automatically) by IP address who try to access your admin area using incorrect login details.
Backup, Backup, Backup!
Of course, being aware and proactive about protecting your WordPress site is great, but it’s only half of the battle. Once you have Wordfence up and running, the next thing is to make sure you take regular backups of your entire website. This includes the entire file structure (particularly the wp-content directory) and the database. There are plugins available to help with this, but I prefer to do this manually via my hosting control panel – just so that I know it’s definitely completed without any problems.
As well as designing and building websites for my clients, I also provide a web hosting and ongoing support service. Renewable annually, this agreement includes monthly backups, daily security monitoring, the processing of all WordPress core and plugin updates, and up to an hour’s maintenance work on your WordPress website per month. If you would be interested in finding out more about how I can help look after your WordPress site on a regular basis, feel free to get in touch – I’d be happy to help.
Performance & Optimisation
Nobody likes waiting ages for a website to load, particularly if it’s the homepage. Chances are that if your homepage hasn’t loaded within 5-6 seconds (at most), your potential visitor will go back to their search results and try someone else’s website instead.
Since Google now looks favourably upon websites that load quickly, giving them a slight boost in search ranking, making sure your website is firing on all cylinders has never been more important.
- Smush is a very quick and easy plugin to install. You can run it to optimise all of the images in your Media Library, making sure they are as well optimised as possible. This reduces file size without sacrificing any noticeable drop in image quality. Once that’s all done, Smush will sit there in the background and automatically optimise any new images uploaded to your website.
- W3 Total Cache is my go-to caching plugin in helping every aspect of WordPress to load more quickly. It takes a little while to configure correctly, and has the potential for a few hiccups (depending on how your web hosting server is configured), but it seems to offer the best all-round caching solution. I have used WP Super Cache in the past, which works well as a quick and easy alternative. Both provide very good page load speeds for regular website visitors, but W3 Total Cache ticks more boxes when it comes to what search engines like and dislike, when it comes to website speed optimisation.
Test your own website
If you’ve got a few minutes to spare, go to the GTmetrix website and let it generate a free performance report for your own website.
Unless someone has already spent time optimising your website, there’s a good chance that it will score fairly low marks for the PageSpeed and YSlow scores – potentially D or even E grades.
By installing and correctly configuring these two performance plugins, your website can easily be scoring much higher, probably 90% and above (i.e. A/B ratings, not D/E). This will not only make a noticeable difference in how quickly your pages load when people browse your website, but it will keep search engines happier and in return may increase your search rank.
I’m here to help!
If you’d like help with your own WordPress website, including anything and everything you’ve read in this article, feel free to let me know via my contact form and I’d gladly set this up for you.