Lastly, there is also a potential hit to performance that can occur. Although, this doesn’t so much correspond directly with the number of plugins you’ve installed as much as their quality.
As new versions of WordPress core and plugins are released, there is always a chance that one piece will conflict with another. That can cause anything from minor administrative annoyances all the way to full site breakage on the front end.
1. More Plugins = More (Potential) Problems
The platform is incredibly flexible and also a bit deeper than you may think. And because there are multiple ways to accomplish the same thing, it’s easy to make mistakes – only you may not fully realize it until issues arise down the line.
Understanding this reality is the first step in beefing up security. It’s recommended that you consider running a security plugin such as Wordfence or iThemes Security to help keep an eye on things, 24/7. Depending upon your setup, some security plugins can be resource hogs. But that can be mitigated to some extent by turning off unnecessary features (Live Traffic views, for example, is a big one).
If you’re handing the website off to a client, you’ll want to make them aware of the maintenance responsibilities involved. It’s quite possible that you can sell them on a software maintenance service you provide. This is a great way to add some recurring revenue to your business and can give clients peace of mind.
Because WordPress is so widely used, it is often a big juicy target for automated attacks. Bots routinely attempt brute force logins, script injections and other nefarious deeds to infiate websites. Think your site is too small for such attention? Sadly, even the smallest of sites (both in content and traffic) are constantly under assault.
Either way, you’ll want to do some research regarding the best practices for using a specific theme or framework. For example, WordPress child themes are often recommended as they allow you to make customizations without the potential for having them overwritten by a theme update.
With that in mind, here are 5 items to think about when building with WordPress:
2. Choose a Theme or Framework That Does Only What You Need
Part of that famous WordPress charm is in its many available Conditional Tags. They bring a higher level of conditional logic (if x, then do y) to your website and allow for some powerful customizations.
For example, if you only want a particular code snippet to appear in certain situations, these built-in tags can make it happen. Whether you want to target the site’s home (front) page, a post type’s archive or even pages that use a specific template – there’s a tag for that.
When first starting out with WordPress, it’s easy to become enamored with the sheer number of plugins available. But tread lightly, code ninja. Plugins can indeed satisfy a number of functionality needs. But with each plugin we add comes another potential future maintenance issue.
This doesn’t mean that you need to nervously log into your site every few minutes to check for updates. Checking in every week will be enough in most situations, although sites that feature more robust functionality, such as eCommerce, should be monitored more closely.
3. Conditional Tags Are Your Friend
Another possibility is that a plugin’s author will decide to stop maintaining it. This can lead to unpatched security issues and generally-frustrating bugs that never get fixed. It can be a major problem if you’re depending on the plugin for crucial functionality.
Frameworks are a great choice because they are usually quite minimal and built to be customized. Look for choices that let you easily enable or disable specific features.
So, whether you’re just starting out with WordPress or looking to up your game, stay positive and persistent. That will help lead you to where you want to go.
If you’re using a ready-made theme, consider those that are minimal in code and provide you with some level of design flexibility. A bloated theme that tries to be everything to everyone all at once is usually going to be slow-performing and difficult to customize.
The other great benefit is that Conditional Tags can make the development process more efficient. You could, for instance, add several conditionals to a single template rather than have to create multiple new template files. This can save you some hassle down the road should something need changed.
4. Security is Paramount
When it comes to WordPress, we so often focus on advanced techniques meant for experienced developers. But that leaves out an awful lot of people who are just getting their feet wet with the popular CMS. So today, we’ll focus on those of you who are either thinking about building a website with WordPress or have limited experience in doing so.
The work does not end when your website launches. WordPress core, themes and plugins all release updated versions – some more often than others. You may find that some sites have at least one update waiting to be installed on a near-daily basis.
One of the most important decisions you’ll make when building a website with WordPress is the theme or theme framework you’ll use as a foundation. Make a poor choice here and both the building and future maintenance processes will be that much more difficult.
- Using strong passwords
- Limiting administrative access to only those who need it
- Changing the prefix of your database tables
- Ensuring that you’re using proper file permissions
- Take advantage of any security features your web host offers
- Utilizing SSL
So, before you install a plugin, make sure it’s well-maintained and has garnered some positive feedback from the community. Also think about whether the functionality really is necessary or can even be easily replicated by some quick code in your theme.
5. Routine Maintenance is a Must
The key to it all is being smart about where and when you use Conditional Tags. There are times when you might be able to combine several related snippets into a single conditional statement, thus cutting down on the number of calls to your database and improving performance.
Beyond that, some basics of WordPress security include:
One other item to note is that, the more mission-critical a website is, the more important it is to use a staging site to test out updates before applying them to the live version. The last thing you want is for a buggy piece of software to result in downtime or lost sales.
Keep Learning and Adapting
It’s important to remember that no one starts out with a perfectly crafted website. As you continue to build with WordPress, you’ll likely find that your techniques will evolve as you gain experience. You’ll learn more efficient ways of doing things and garner some first-hand knowledge of the “WordPress Way”. And, with such rapid changes coming along – you’ll have plenty of company in the learning department.
There are no guarantees that your site won’t get hacked. But some small adjustments can help to fend off the most common types of attacks.