July 16, 2019

Website Maintenance 101: A DIY Guide to Maintaining Your WordPress Website

Now that your WordPress website is up and running, you have to maintain it. This means taking proactive, scheduled action to optimize and update your site. Too often, we wait for something to break before we perform maintenance tasks. At that point, we may have already lost a sale, inconvenienced customers, or otherwise hurt our business. However, if you follow these simple guidelines you will keep your site performing at its best and your business running smoothly. 

Change Your Passwords

Always use strong passwords. Strong passwords are a minimum of 12 characters, include numbers, symbols, and capital and lowercase letters. Also, use a mix of characters rather than a known word or name. 

Even strong passwords — your first line of defense against unauthorized website access — can be compromised without your notice. To avoid a breach, regularly change your passwords every month. This includes WordPress admin area passwords, FTP or SSH accounts, and your WordPress database password.

Stay Safe

In addition to changing your passwords, maintain website security by protecting against hackers and running malware scans. Today, WordPress powers over 30% of all websites. Imagine how many hackers see an opportunity to breach multiple sites across the platform. And, since many hacks are automated today, site size is irrelevant and all sites, even the smaller ones, are vulnerable. 

Once hackers are in, they may install malware. Malware refers to viruses, Trojan horses, worms and other malicious software. These can hurt both you and your customers. Be sure to install plugins for anti-hacking and malware scans, or invest in a firewall. We cannot guarantee you won’t ever get hacked, but following these guidelines will certainly keep you safer. 

Update Your Files

It is essential to run the latest version of WordPress and updated themes and plugins. When you keep files up-to-date you not only make use of new features, ensure compatibility with plugins, and take advantage of bug fixes, but you also gain performance improvements.  

Increased security, however, is the number one reason to update WordPress and associated tools. As an open-source code, WordPress is vulnerable to hackers. Every time a new version is released it is more secure. However, previous versions’ security bugs remain and hackers have free reign to attack. 

The good news is, an update system is built into WordPress core, themes and plugins.  Even so, you may occasionally miss an update. It’s a good idea to manually check themes and plugins to ensure you are running the latest versions — even the ones you may not have activated or in use. Also, regularly check WordPress Updates to be sure you have the latest version of the core software. Include file updates to your website maintenance and you will have an efficient, state-of-the-art, and secure WordPress website. 

Backup Your Site

It’s important to always have a backup of your WordPress website. We recommend backing up your site daily. You don’t want to get caught without the latest version of your customer lists, files, blogs posts, or invoices. Your website could break for a variety of reasons so always have a full-site backup you can rely on.

Backing up your site can be as easy as installing a WordPress plugin to automate the task. While many hosting companies provide backup services we recommend you have a copy as well. It is also a good idea to occasionally run your plugin manually and check that the backup files are stored properly in the cloud. 

Moderate Comments

If you have comments activated on your site, we recommend moderating them on a weekly basis. Replying to relevant comments is a great way to maintain a relationship with your users. In today’s technology-driven world, strong customer relationships are built online. Customer feedback and input comes via site comments and social media. Businesses thrive when they connect with their customers. For many businesses today, customer feedback makes a big difference in product development, marketing, and other strategies. This humanizes brands and creates stronger customer loyalty, more targeted products, and ultimately increased sales.

By moderating comments, you ensure you do not miss any genuine comments and you can delete spam comments. Deleting spam comments means you free up database space and declutter your site. This is important to keep a faster, cleaner, well-running site. It will also keep you up-to-date on the types of potential threats your site may face.

Update Your Users

Do you have any out-of-date or inactive users on your site? This is a security risk. These users may be former employees, co-workers who have switched departments, or freelancers who have moved on. Whomever they are, if they have valid logins, you may be at risk. And, they may not even know it.  For one thing, their passwords may not be secure, they may have shared them, or hackers may have their email address. All of this presents a security risk. On a monthly basis, it makes sense to review your users, especially those with administrative privileges, and evaluate their status.


These guidelines are intended to help you jumpstart your website maintenance plan. They are low-impact tasks that can be easily be done without a huge time investment. We recommend incorporating them into your daily, weekly or monthly schedule for a healthier, faster, and safer website. Questions about maintaining your WordPress website or other related issues? We are here to help.