Agile Computing Authors: Elizabeth White, Yeshim Deniz, Liz McMillan, Pat Romanski, Andy Thurai

Related Topics: Agile Computing

Agile Computing: Blog Feed Post

Three Steps to Keep the Cobwebs Out of WordPress

I’ve personally had few issues with WordPress maintenance and security

A lot of our web design clients ask about ongoing WordPress maintenance in the proposal stage of our project.  They’ve heard WordPress is easy to use and they want to make sure it will be just as easy to maintain.  They also what to make sure their website will be safe, secure, and free of malware or hacking attacks.

I’m very open with people in these discussions.  And I can be, because I’ve personally had few issues with WordPress maintenance and security.  In the years I’ve worked with WordPress, I’ve only had two clients encounter malware and both were due to poorly maintained plugins and had nothing to do with the WordPress core.  The general rule is if you keep your WordPress website updated and optimized, there should be no problems.  Leave cobwebs lurking about and there absolutely will be problems.

For the average website, WordPress is easy to maintain.  It really boils down to updating the WordPress core and plugins when needed, optimizing your database on a regular basis, and monitoring spam.  None of this takes a lot of technical know how or time.  It just takes spring cleaning a few times a year.

#1 – Upgrade the WordPress Core and Plugins

Upgrade WordPress Infograph from WPBeginner.com - Click for Full ImageMany of my clients ask me to sign a non-disclosure agreement prior to beginning our website design project because they are concerned about protecting their informational assets. Many times it is these same people who fail to upgrade their own websites once launched. The irony of this is funnier than people realize and I make sure I express the humor to the clients themselves.  It’s kind of like the doctor who doesn’t seek treatment for his own ailments. They are concerned about the security of their business direction and target market, yet not worried about the security of their website.

Older versions of WordPress are simply dated software packages. The outdated code opens website owners up to vulnerabilities that allow those nasty hackers to quietly insert malicious files (aka malware) into an unsuspecting website.  With over 47 million installations of WordPress worldwide, this is a problem.  So much so that in June of 2011, Google starting warning website owners that their WordPress installation are outdated and that an upgraded is needed.  Why should Google care?  Google wants to deliver high quality websites in its search results, not websites hijacked by some hacker living in his mom’s basement. Malware and hacked websites degrade the user experience and this goes against everything Google and Bing protect.

Upgrading WordPress and the associated plugins is simply not that hard. Website owners just need to do it.  And if they don’t want to do it or are afraid to do it, they need to hire a professional to do it for them.

WordPress Upgrades for the Beginner

Upgrading WordPress is as simple as backing up your data, upgrading the software, and testing your website or blog.  When we do this for clients, we estimate an hour worth of work.  Depending on the size of the website and the availability of back up files, this could take ten minutes or two hours.

Your WordPress website or blog consists of the following:

  • MySql Database
  • The WordPress Core
  • Your WordPress Theme (or theme framework and child theme)
  • WordPress Plugins
  • Images
  • Additional Files (PDFs)

One of the most important things you can do before beginning any upgrade is to backup the website. This backup should include both files (theme, images, etc.) and your MySQL database.  Even though lots of hosting companies offer free backups, we still recommend saving a backup to your local hard drive or a third party backup service like Dropbox or BackupBuddy.

WordPress is run on a MySQL database. This is what holds all of your posts, pages, links, menu structure, and settings. Backing up this database is the first step in the upgrade process.  I like WP-DB-Backup, which is a WordPress plugin.  It allows me to create database backups directly from my WordPress admin panel and I can skip the whole phpMyAdmin or cPanel experience. I leave that to my coders.

Once you have that done, you can download a copy of the website files to your hard drive.  I typically do this via Filezilla, which is a robust and free FTP software package for Mac and Windows.

Now that you’ve backed up everything, you can start the upgrade process.  I recommend using the upgrade process available via WordPress’ admin panel.  It is just one click and super easy.  On really out dated WordPress sites this may not work, so you might have to refer to your hosting provider’s upgrade process.  Either way, the novice can quickly do this with ease.  Just remember to watch the upgrade occur so you can read any notices that pop up.  Once WordPress finishes the upgrade (it will take all of a minute), you just need to poke around the admin panel and live website to make sure everything is working properly.  And it should.  I’ve never had an issue with upgrades to the WordPress core.

Finally we move onto upgrading plugins. I recommend upgrading one plugin at a time.  Before upgrading I like to read about the plugin’s new version to see what has changed and so I know what might break.  The vast majority of the time, nothing breaks.  But when it does, it is nice to have a heads up on what is about to happen.  After you upgrade one plugin, test the functionality.  If all is well, continue on and upgrade one plugin at a time.  Notice I’m saying this twice? It is because it is important.  I never recommend the mass upgrade, because it will be difficult to troubleshoot should things occur.

The worst thing you can do is not test your website after upgrading.  When I first launched the firm I had a client hit update all, go to bed, and never check anything.  And by the way, he never backed up anything either.  He had plugin conflicts and broken functionality, but wasn’t sure why or how because he did everything in mass.  He ended up going back to his host to restore the website and then followed the process correctly. Guess what? This time around he could see what went wrong and quickly fix it. Don’t be that guy!

#2 – Optimize the MySQL Database Optimization

If you run a high traffic or large WordPress installation, you’ll want to optimize WordPress and your server to run as efficiently as possible. Scratch that.  That is what others say.  I say every WordPress website or blog should have the MySQL database optimized often.

WordPress is powered by PHP which depends on the MySQL database.  When your WordPress site is visited, the web server will query the database to retrieve information. This is a typical operation for most dynamic websites. Over time, the time required for querying the database will increase and slow down the process on the front end for visitors and the backend for administrators. Whie this is one of the most frustrating experiences possible, all of this is due to overhead in the database, which is easy to correct. Overhead is caused by many inserts, updates and deletions.  When this occurs, you need to optimize the database via phpMyAdmin or by using WordPress Plugin.

Did I scare you with the phpMyAdmin statement? Yep it scares me too.  That is why I use a plugin called WP-DB-Backup. I set it to automatically optimize the database every day and repair it once a week.  It is a must have plugin in my mind, as it keeps WordPress performance at optimal levels.

#3 – Moderate Comments and Block Spam

When I talk about spam, I refer to those pesky and irrelevant comments left on blog posts. Designed to increase inbound links and alter Google’s search results, spam commenting is a favorite task of black hat SEO consultants and website owners. While spam can be annoying, it is completely controllable and it can be almost irrelevant to website owners.  It’s really all about the set up options and spam protection.

But why does it matter?  Some of my clients have asked why should they care if their blog or website includes spam comments. It matters because it degrades the user experience, it makes your website look unprofessional and unloved.  And more importantly, it will negatively affect you with the search engines and how they rank your content.  Google and Bing want to present high quality websites and blogs in search results.  High quality means the content is not overshadowed by spam comments.

Virtually every time I train a new design client on WordPress, they tell me to just remove the option to comment.  That is their spam defense.  I do my best to counsel them and remind them that blogs are conversational and conversational means you need to allow comments.  Allow comments, but moderate them.  I also encourage them to install spam protection via a plugin.  There are a ton of options available and popular plugins include Akismet, Spam Free, JSSpamBlock, etc. In three years our website has blocked 128,000+ spam comments. The good news is I don’t have to worry about any of it.  My spam blocker does it all for me.  And in that time frame, I’ve only had about five real comments mismarked as spam.

How Many Cobwebs are in Your Website?

As I go to post this article, I’m reminded WordPress just came out with another update in the last few weeks.  This means I, myself, have some cobwebs.  Thanks to BackupBuddy I could quickly create a back up of my website and then update the WordPress core, Genesis core, and a number of plugins. Easy peasy and well worth the effort to protect my website and my online identity.

Read the original blog entry...

More Stories By Rebecca Gill

Founder and President of Web Savvy Marketing, a Michigan based internet marketing firm that specializes in website design, organic SEO, social media marketing, and WordPress consulting.

IoT & Smart Cities Stories
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determin...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...