When I started developing WordPress websites, I made many mistakes that I learned the hard way. Although these mistakes taught me a whole lot, I thought I’d share some of those valuable insights so you don’t have to experience them first hand. So, here is a list of things you shouldn’t do:
Use weak login credentials
We all know there was a time where it was hard to keep track of all of your passwords, but that time has passed. For a site like domainname.com, you should never ever use email@example.com and admin123 as a password. Or any variation thereof. Ever. And with tools like 1Password, there really is no excuse.
Customize your theme and turn on auto-update
Yep, you guessed it: all your changes will be overwritten, and you’ll have to start from scratch.
Pro tip: Make all customizations in a child theme. Being able to update your theme is important for security and this way you can always stay up-to-date without losing your work.
Use a plugin for every functionality
An abundance of plugins not only increases security risks, but it also slows down your website. To add insult to injury, some plugins end up causing compatibility issues. Where possible, it’s always better to use a plugin that does what three plugins could do. Better yet, use custom code in your files to customize your styling and functionality.
Forget to set up auto-backups
You launch a site and are over the moon with it! After a couple of weeks, you decide to check on it and it is no longer up. What happened? Well, there could be multiple reasons but what’s most important: when you have a backup you could be back online in a matter of minutes. There is nothing worse than starting from scratch, and it is so easy to make sure you always have a recent backup available. Some web hosts offer hourly or daily backups, but there are also plugins like BackWPup or services like WPMU DEV that allow you to set the schedule and location of your backup yourself.
Launch a site without updating WordPress, your theme, or the plugins
Once you finished building a website, your responsibility as a web developer doesn’t end. Outdated WordPress versions or plugins pose a serious security threat. Furthermore, some older versions of themes are not compatible with newer versions of the plugins. Manually checking and updating all of these things is a lot of work, so I recommend using a service like WPMU DEV to make sure your website is always up to date and secure.