You may have heard the old saying, “An ounce of prevention is worth a pound of cure.” It is certainly true when it comes to your WordPress website. If something were to happen to your WordPress website today, how long would it take for you to recover? Here are three essential prescriptions to prevent WordPress disasters.
℞ 1: WordPress Plugin Housekeeping
Login to your WordPress dashboard. Go to the Installed Plugins. Do you see any that are not activated? Unscrupulous hackers can use inactive or outdated plugins to gain entrance to your WordPress site and do considerable damage–sometimes unrecoverable. The first thing to do is to delete all inactive plugins. Before you do so, however, I recommend that you jot down the name, version and creator of the plugin in case you need to reinstall it. Once you’ve done that, go ahead and get rid of it. Besides making your site a little more secure, removing unused plugins will also make your WordPress files less bloated with unused code.
Another way plugins could cause problems is by using outdated ones. In your list of Installed Plugins, how many of them indicate that an update is available? A plugin developer will update his or her plugin for usually (1) new features; (2) bug fixes and security enhancements; or (3) to work with the latest release of WordPress. While updating a plugin to get the latest features is a good reason to update, fixing bugs, plugging security holes and working with the latest release of WordPress are more important reasons to update.
Updating plugins is pretty straightforward and usually an easy process. Check out my free guide “How to Maintain Your WordPress Website in 15 Minutes a Month” for step-by-step instructions (see below).
℞ 2: Document Current WordPress Settings
Another way to prevent WordPress disasters is to document all of your current settings. Yes, this may take you an hour, especially if you have a lot of special plugins that require configuration, but the time will be well spent. This document will become priceless to you! Store it on a cloud drive so you don’t have to worry about personal hardware failure destroying your work.
Start by documenting the administrator’s username and password as well as the email account associated with it. For most of my clients, I create a Gmail account that is solely for this purpose. This should also be documented. The password should be changed periodically. If this document is not updated at the same time, the Gmail account could be used to retrieve the lost password.
Then go through the WordPress Settings and note how each “tab” is configured. For example, what Permalinks structure is being used and what sizes are the standard for Media.
Document the theme and child theme, if used, and the version numbers of each. If there are any settings for your theme, document these. If possible, include notes on any customizations.
The final step is the most time-consuming but could be the most important. List each Plugin along with its developer. You may be wondering why I advise noting the developer. There are many plugins that have either similar names or identical names for their plugins. If you needed to reinstall it, it would save valuable time knowing specifically which plugin you needed.
Now find the settings for each plugin and add those notes by each plugin. For those using the default settings, just note that to save time.
℞ 3: Perform Regular Backups
Last, but definitely not least, you need to perform regular backups of both your WordPress files and your MySQL database. Some security exploits attack just the files so while backing up your database is crucial, it is also important to keep a backup of your files. If hackers get to your files and inject all sorts of nasty code into your WordPress files, usually the only way to fix this is to delete and reinstall. As long as your database is still clean, it’s just a matter of removing the infected files and reinstalling a clean copy of the WordPress files from the repository. If you have not backed up your files, however, it will take you quite a long time to get it back to normal even with the above documentation.
The easiest way is through a backup service such as Backup Buddy. (I am not an affiliate so do not receive any compensation for you clicking on this link.) There are also free plugins that have similar functionality. If your hosting account uses cPanel, you can use the Backup Wizard to perform manual backups of your files and database. You will need to set up a reminder on your calendar, however, as this is not automated. My free guide will step your through this if you’d like assistance.
Get My Free Guide
If you’d like step-by-step instructions for performing these tasks to prevent WordPress disasters on your website, complete the form below: