WordPress is one of the most popular content management systems, because the simple installation of WordPress and the intuitive handling make the construction and administration of own websites or blogs possible even for users who are not professionals. But the simplest systems do not always prevent disruptions to the operation and security of the website. Read here which mistakes often happen and how you can avoid them.
1. The user name and password for the administration area are not secure
Users often choose the user name “admin” and an easily guessed password to log in to the administration area. Especially if the user with this user name also has administration rights, this makes it easy for hackers to access the protected area of the website. Therefore, choose a username that is unusual and a secure password that you can create with a password generator such as “KeePass”.
2. The username of the administrator is visible in the frontend
When you post messages, you should not publish them under your administrator user name so that it is not visible to potential attackers. It is better if you create a separate user for publishing and publish your posts under this user name. To do this, select “Users” and “Add new” in the WordPress menu. Define a user name and a secure password for the new user and assign him or her a role, for example, “author” or “editor”.
3. The default table prefix was used in the database
During the installation, WordPress stored various data in the prepared MySQL database on your server and prefixed it with “wp_”. This makes it easy for hackers to recognize the data on your WordPress page. Therefore change the database table prefix in the wp-config.php and then upload the updated file to your server. Choose a prefix that is not so easy to guess.
4. No automatic backup of the files has been set
Unfortunately, it happens that after a hacker attack or after an update, important data is no longer available or a new installation must be carried out. In this case, it is important that you make a regular backup of the database and files. Helpful plugins for this purpose are “XCloner” and “WordPress Database Backup”. “XCloner” backs up the complete installation at the push of a button or as a cronjob. The plugin “WordPress Database Backup” allows you to set a schedule for the automatic backup and to select the tables to be backed up. The backup can either be saved on the server, downloaded to the computer with an existing connection or sent by e-mail to a freely selected e-mail address.
5. The subtitle of the website has not changed
During installation, you were prompted to set a page title for your blog or website. This title will appear later in Google searches and should therefore be chosen appropriately. However, the subtitle is also important for search engine optimization. The default subtitle is “Another WordPress page”. You should not forget to change it in “Settings” and “General” to a supplementary description of your website.
6. The sample page was not deleted
WordPress has already set up an article with the title “Hallo Welt! You should delete this post because it certainly has nothing to do with the topic of your website. To do this, go to the WordPress menu and click on “Posts” and “All posts”. Move the mouse over the post title “Hello World!” and select “Trash” in the options that appear.
7. The website is not optimized for search engines
In order to be found on the World Wide Web, it is important to optimize websites for search engines and to take measures that bring websites to higher positions in search engine rankings. These measures are called SEO, Search Engine Optimization. There are numerous plugins for WordPress that support you in search engine optimization.
One of the best-known SEO plugins for WordPress is the “WordPress SEO by Yoast”, which you install in the backend in the menu area “Plugins”. Click on “Install”. Enter the name of the plugin in the search mask on the page that opens up and click on “Search plugins”.
If WordPress has found the plugin, it will appear in a list. Click “Install” under the SEO name. A pop-up window will ask you if you want to install the plugin. Click on “OK” and the installation will start automatically.
After a short time, the plugin is installed and you will receive a success message and the possibility to activate the plugin.
When you have activated the plugin, you will see the new button “SEO” in the menu with various options. Familiarize yourself with the plugin by watching the introduction tour, which you can find in the dashboard under “SEO”.
8. The permalinks of the WordPress installation were not adjusted
WordPress generates permalinks for created content, which make it permanently available under a specific URL. Permalinks are among other things important for search engine optimization. Therefore so-called “speaking links” are often used, which contain the page name and the article title. When you create a new post in WordPress, a link is automatically created, but it is not always suitable for search engines, such as “www.meine-seite.de/?page_id=5”.
You can customize the links via “Settings” and “Permalinks” by selecting common structures on the settings page or by creating your own structure. Don’t forget to click “Apply changes” to apply the selection.
9. The loading time of the website is too long due to missing caching
A cache is a buffer memory that is used to make content that has already been calculated available again more quickly. On a website, the cache ensures that not all data has to be retrieved from the server again and again. This greatly reduces loading times and the content is available more quickly. For this task you can install a suitable plugin, for example “WP Fastest Cache” or “Next Level Cache”.
10. The loading time is too long due to too large images
Modern digital cameras now produce images in very high resolution that are too large to be used on websites. Not only do they require more storage space, but the loading time of the website also increases. As a rule, a length of 1,000 pixels for the longest side of an image is sufficient for display on websites. Therefore, please reduce the size of your images before you upload them to the server, for example with the free tool “TinyPic”.