Even the best designed websites can start to fall flat when things aren’t working correctly. It might be a missed security patch, or a few forgotten updates, but now the site is broken. Forms aren’t submitting, navigation links are broken and a few images aren’t loading. For high traffic sites, trouble navigating a broken site, or even downtime, can result in huge losses in revenue. The costs to repair a site and damaged reputation can be even more costly. A good website maintenance plan can not only help prevent a broken site, but also make sure that you’re prepared to recover if anything happens. Proper maintenance also ensures that all pieces of your website are working properly, so that your visitors can accomplish what they came to your site to do, quickly and easily.
What is website maintenance?
Just like your car needs a regular oil change, a wash now and again, and new tires on an even less frequent basis, your website needs security patches, software updates, regular backups and even content updates as an ongoing process. Good website maintenance will ensure that your site is running well, and performs as it should for your visitors. Whether you decide to do it yourself or outsource maintenance depends on your time and commitment to the process and the complexity of your site. We’ll cover some of the regular maintenance tasks that any website owner should follow at a minimum in this post.
Scheduled Backups
A backup of your website should be taken at least once a week. If you have a higher traffic site with a lot of changing content or business transactions, more frequent backups are necessary. A little oops on an inexperienced user’s part that deletes content or breaks how your website functions, or even hacking from unwanted visitors make backups of your website invaluable.
Taking backups is an absolute necessity. Your hosting provider should be taking a backup of the server that your site is on. This might not be enough, and may fail to restore. Employing a secondary backup solution for your web application adds another level of redundancy. At One Dog Solutions we use Updraft Plus for each website we manage in addition to our server backups. Other good solutions are BackupBuddy and BlogVault.
Going through your entire process of a restore, both partial and full restores from all your available backup methods should be tested at a minimum of once a year. A backup of your site doesn’t do you much good if it can’t be restored.
Software Updates
Keeping your software updated on a regular basis helps to make sure your site will continue to function properly and be secure against hacking attempts. Neglecting your site’s updates for weeks or even months can leave you with parts of the site that stop working, or even worse security holes that hackers can use to gain access to your site.
WordPress Plugins and Themes should be updated on at least a weekly basis. WordPress Core updates are typically pushed out after thorough testing on a quarterly basis. When looking through the WordPress software repository, themes and plugins will show the last update time and also which version of WordPress it’s been tested against.
Staying away from complex plugins that haven’t been updated in more than a year is usually a good idea. It may mean the plugin is no longer maintained. Good software developers push out updates for their software on a regular basis. These updates help to eliminate security vulnerabilities, but also include fixes to parts of the software not functioning as intended, and may include even improvements and added functionality.
Website Security
Tens of thousands of websites are hacked every day. WordPress and other CMS (Content Management System) sites also have their own security challenges that need to be addressed before being set into the wild. Keeping your site updated is a solid first step in securing your site. The following steps also help increase your site’s defense against unwanted visitors.
Strong Passwords
Using strong passwords is a must. If a hacker finds a user login to your site, simple one word passwords will be exploited quickly. Long phrase passwords and using common substitutions (i=!, s=$, etc.) can help minimize password guessing. If you’re managing a lot of passwords for different sites, consider using a password manager like BitWarden to keep all of your strong passwords for every service and device stored securely.
Minimize Administrator Users
The first tip I can offer is do not use “admin” as a user for your Administrator user. Within 15 minutes of pushing a recent site to live public viewing, hackers were spamming the login page for possible passwords for the “admin” user.
Also limit the number of users that have Administration access on your site. Users should only have the capabilities that they need to perform what they need to do on your site. If you have given Admin access to a contractor, or support person, remove their access when they’re finished with their work.
Onsite Security
At a minimum, weekly security scans should be performed on your website. Malware can show up at any time. Preventing against it is the best remedy, but can’t guarantee your site will remain clean. Scanning your site to make sure it is not infected will allow you to quickly uncover any nasty, unwanted software, and can help identify where it may need to be removed.
Hardening your WordPress site and running a web application level security software adds another level of assurance that holes are patched and your site is safer. iThemes, WordFence, and Sucuri are popular security plugins that can help minimize vulnerabilities. These plugins have both free and paid options offering different levels of security. Using a security plugin, even at the free level is a must.
Quality Hosting
This could arguably be at the top of the list for security and performance. Partnering with a good web hosting provider will help minimize and eliminate many security threats. Good hosting providers will be running a strong firewall on their servers. They will have unnecessary ports closed, and filtering malicious traffic. A solid hosting partner will be performing regular backups, and have redundancy in place should one fail. SSL certificates should be provided for all sites to make sure that all traffic to and from your site is secure.
Shared hosting providers, the ones that offer $3/month hosting, don’t always have your site’s best interest in mind. Hundreds or thousands of sites, of varying security and content, are packed onto each server to maximize revenue. Backups, SSL certificates, and security add-ons may be available, usually for a large extra fee.
Website Audits
Going through your website to make sure it works properly is a task that many website owners overlook. Checking your pages and navigating through your site on at least a weekly basis can help you identify things that need attention before they become bigger problems.
Visually Check All Pages
Navigate to all of your pages on your site. Make sure that they are loading properly. Do it on both mobile and desktop browsers. I can’t tell you how many times I’ve caught a misspelling or an image that isn’t linked correctly. It’s better that you find it before your site visitors.
Check for Broken Links
Check the links in your navigation. Make sure that they work properly and each page that has a link can be loaded. If you’re running paid traffic to a page that can’t be loaded, you’ll be wasting your advertising budget. Google Search Console can help you identify broken links and offer some tips on how to fix them.
Remove Spam Comments
Removing spam comments from blog posts, or false product reviews. Spam comments can contain links to infected sites. You don’t want your site to be blacklisted because it contains links to malware.
Check Web Forms
Make sure all of your website forms are working properly. Update any recipients that are no longer with your organization for web forms if necessary. Make sure that payment processing is working for any donation forms, or e-commerce checkouts. Your business or organization won’t be able to fund itself for very long if you can’t collect revenue through your website.
WordPress Web Care Takes Time
This list of website maintenance is hardly exhausting. This is a bare minimum of checks and some processes that will help with your site’s overall health. Keeping your content current, and improving your site design are also ongoing considerations to help your visitors have a better experience.
Website maintenance also takes time. Many of the tasks that we’ve identified in this post can take a few minutes, or a few hours. When you’re considering maintenance, many sites can be maintained by the website owner effectively as long as it’s done regularly. For many more complex and high demand sites, outsourcing support may be more beneficial so that you can focus on running your business, not your website.
Learn more about how One Dog Solutions can help you with keeping your site secure and updated on our Web Care page.