Agile Computing Authors: Liz McMillan, Harry Trott, Elizabeth White, Yeshim Deniz, Pat Romanski

Related Topics: Agile Computing

Agile Computing: Blog Feed Post

Three Steps to Keep the Cobwebs Out of WordPress

I’ve personally had few issues with WordPress maintenance and security

A lot of our web design clients ask about ongoing WordPress maintenance in the proposal stage of our project.  They’ve heard WordPress is easy to use and they want to make sure it will be just as easy to maintain.  They also what to make sure their website will be safe, secure, and free of malware or hacking attacks.

I’m very open with people in these discussions.  And I can be, because I’ve personally had few issues with WordPress maintenance and security.  In the years I’ve worked with WordPress, I’ve only had two clients encounter malware and both were due to poorly maintained plugins and had nothing to do with the WordPress core.  The general rule is if you keep your WordPress website updated and optimized, there should be no problems.  Leave cobwebs lurking about and there absolutely will be problems.

For the average website, WordPress is easy to maintain.  It really boils down to updating the WordPress core and plugins when needed, optimizing your database on a regular basis, and monitoring spam.  None of this takes a lot of technical know how or time.  It just takes spring cleaning a few times a year.

#1 – Upgrade the WordPress Core and Plugins

Upgrade WordPress Infograph from WPBeginner.com - Click for Full ImageMany of my clients ask me to sign a non-disclosure agreement prior to beginning our website design project because they are concerned about protecting their informational assets. Many times it is these same people who fail to upgrade their own websites once launched. The irony of this is funnier than people realize and I make sure I express the humor to the clients themselves.  It’s kind of like the doctor who doesn’t seek treatment for his own ailments. They are concerned about the security of their business direction and target market, yet not worried about the security of their website.

Older versions of WordPress are simply dated software packages. The outdated code opens website owners up to vulnerabilities that allow those nasty hackers to quietly insert malicious files (aka malware) into an unsuspecting website.  With over 47 million installations of WordPress worldwide, this is a problem.  So much so that in June of 2011, Google starting warning website owners that their WordPress installation are outdated and that an upgraded is needed.  Why should Google care?  Google wants to deliver high quality websites in its search results, not websites hijacked by some hacker living in his mom’s basement. Malware and hacked websites degrade the user experience and this goes against everything Google and Bing protect.

Upgrading WordPress and the associated plugins is simply not that hard. Website owners just need to do it.  And if they don’t want to do it or are afraid to do it, they need to hire a professional to do it for them.

WordPress Upgrades for the Beginner

Upgrading WordPress is as simple as backing up your data, upgrading the software, and testing your website or blog.  When we do this for clients, we estimate an hour worth of work.  Depending on the size of the website and the availability of back up files, this could take ten minutes or two hours.

Your WordPress website or blog consists of the following:

  • MySql Database
  • The WordPress Core
  • Your WordPress Theme (or theme framework and child theme)
  • WordPress Plugins
  • Images
  • Additional Files (PDFs)

One of the most important things you can do before beginning any upgrade is to backup the website. This backup should include both files (theme, images, etc.) and your MySQL database.  Even though lots of hosting companies offer free backups, we still recommend saving a backup to your local hard drive or a third party backup service like Dropbox or BackupBuddy.

WordPress is run on a MySQL database. This is what holds all of your posts, pages, links, menu structure, and settings. Backing up this database is the first step in the upgrade process.  I like WP-DB-Backup, which is a WordPress plugin.  It allows me to create database backups directly from my WordPress admin panel and I can skip the whole phpMyAdmin or cPanel experience. I leave that to my coders.

Once you have that done, you can download a copy of the website files to your hard drive.  I typically do this via Filezilla, which is a robust and free FTP software package for Mac and Windows.

Now that you’ve backed up everything, you can start the upgrade process.  I recommend using the upgrade process available via WordPress’ admin panel.  It is just one click and super easy.  On really out dated WordPress sites this may not work, so you might have to refer to your hosting provider’s upgrade process.  Either way, the novice can quickly do this with ease.  Just remember to watch the upgrade occur so you can read any notices that pop up.  Once WordPress finishes the upgrade (it will take all of a minute), you just need to poke around the admin panel and live website to make sure everything is working properly.  And it should.  I’ve never had an issue with upgrades to the WordPress core.

Finally we move onto upgrading plugins. I recommend upgrading one plugin at a time.  Before upgrading I like to read about the plugin’s new version to see what has changed and so I know what might break.  The vast majority of the time, nothing breaks.  But when it does, it is nice to have a heads up on what is about to happen.  After you upgrade one plugin, test the functionality.  If all is well, continue on and upgrade one plugin at a time.  Notice I’m saying this twice? It is because it is important.  I never recommend the mass upgrade, because it will be difficult to troubleshoot should things occur.

The worst thing you can do is not test your website after upgrading.  When I first launched the firm I had a client hit update all, go to bed, and never check anything.  And by the way, he never backed up anything either.  He had plugin conflicts and broken functionality, but wasn’t sure why or how because he did everything in mass.  He ended up going back to his host to restore the website and then followed the process correctly. Guess what? This time around he could see what went wrong and quickly fix it. Don’t be that guy!

#2 – Optimize the MySQL Database Optimization

If you run a high traffic or large WordPress installation, you’ll want to optimize WordPress and your server to run as efficiently as possible. Scratch that.  That is what others say.  I say every WordPress website or blog should have the MySQL database optimized often.

WordPress is powered by PHP which depends on the MySQL database.  When your WordPress site is visited, the web server will query the database to retrieve information. This is a typical operation for most dynamic websites. Over time, the time required for querying the database will increase and slow down the process on the front end for visitors and the backend for administrators. Whie this is one of the most frustrating experiences possible, all of this is due to overhead in the database, which is easy to correct. Overhead is caused by many inserts, updates and deletions.  When this occurs, you need to optimize the database via phpMyAdmin or by using WordPress Plugin.

Did I scare you with the phpMyAdmin statement? Yep it scares me too.  That is why I use a plugin called WP-DB-Backup. I set it to automatically optimize the database every day and repair it once a week.  It is a must have plugin in my mind, as it keeps WordPress performance at optimal levels.

#3 – Moderate Comments and Block Spam

When I talk about spam, I refer to those pesky and irrelevant comments left on blog posts. Designed to increase inbound links and alter Google’s search results, spam commenting is a favorite task of black hat SEO consultants and website owners. While spam can be annoying, it is completely controllable and it can be almost irrelevant to website owners.  It’s really all about the set up options and spam protection.

But why does it matter?  Some of my clients have asked why should they care if their blog or website includes spam comments. It matters because it degrades the user experience, it makes your website look unprofessional and unloved.  And more importantly, it will negatively affect you with the search engines and how they rank your content.  Google and Bing want to present high quality websites and blogs in search results.  High quality means the content is not overshadowed by spam comments.

Virtually every time I train a new design client on WordPress, they tell me to just remove the option to comment.  That is their spam defense.  I do my best to counsel them and remind them that blogs are conversational and conversational means you need to allow comments.  Allow comments, but moderate them.  I also encourage them to install spam protection via a plugin.  There are a ton of options available and popular plugins include Akismet, Spam Free, JSSpamBlock, etc. In three years our website has blocked 128,000+ spam comments. The good news is I don’t have to worry about any of it.  My spam blocker does it all for me.  And in that time frame, I’ve only had about five real comments mismarked as spam.

How Many Cobwebs are in Your Website?

As I go to post this article, I’m reminded WordPress just came out with another update in the last few weeks.  This means I, myself, have some cobwebs.  Thanks to BackupBuddy I could quickly create a back up of my website and then update the WordPress core, Genesis core, and a number of plugins. Easy peasy and well worth the effort to protect my website and my online identity.

Read the original blog entry...

More Stories By Rebecca Gill

Founder and President of Web Savvy Marketing, a Michigan based internet marketing firm that specializes in website design, organic SEO, social media marketing, and WordPress consulting.

@ThingsExpo Stories
SYS-CON Events announced today that Golden Gate University will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Since 1901, non-profit Golden Gate University (GGU) has been helping adults achieve their professional goals by providing high quality, practice-based undergraduate and graduate educational programs in law, taxation, business and related professions. Many of its courses are taug...
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
In his session at @ThingsExpo, Dr. Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, presented the findings of a series of six detailed case studies of how large corporations are implementing IoT. The session explored how IoT has improved their economic performance, had major impacts on business models and resulted in impressive ROIs. The companies covered span manufacturing and services firms. He also explored servicification, how manufacturing firms shift from se...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
SYS-CON Events announced today that Secure Channels, a cybersecurity firm, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Secure Channels, Inc. offers several products and solutions to its many clients, helping them protect critical data from being compromised and access to computer networks from the unauthorized. The company develops comprehensive data encryption security strategie...
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics ...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, shared examples from a wide range of industries – including en...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. Jack Norris reviews best practices to show how companies develop, deploy, and dynamically update these applications and how this data-first...
Intelligent Automation is now one of the key business imperatives for CIOs and CISOs impacting all areas of business today. In his session at 21st Cloud Expo, Brian Boeggeman, VP Alliances & Partnerships at Ayehu, will talk about how business value is created and delivered through intelligent automation to today’s enterprises. The open ecosystem platform approach toward Intelligent Automation that Ayehu delivers to the market is core to enabling the creation of the self-driving enterprise.
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, will provide a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to ...
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
SYS-CON Events announced today that Datera, that offers a radically new data management architecture, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera is transforming the traditional datacenter model through modern cloud simplicity. The technology industry is at another major inflection point. The rise of mobile, the Internet of Things, data storage and Big...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
Because IoT devices are deployed in mission-critical environments more than ever before, it’s increasingly imperative they be truly smart. IoT sensors simply stockpiling data isn’t useful. IoT must be artificially and naturally intelligent in order to provide more value In his session at @ThingsExpo, John Crupi, Vice President and Engineering System Architect at Greenwave Systems, will discuss how IoT artificial intelligence (AI) can be carried out via edge analytics and machine learning techn...
In his session at @ThingsExpo, Arvind Radhakrishnen discussed how IoT offers new business models in banking and financial services organizations with the capability to revolutionize products, payments, channels, business processes and asset management built on strong architectural foundation. The following topics were covered: How IoT stands to impact various business parameters including customer experience, cost and risk management within BFS organizations.