If you absolutely, positively must do site maintenance yourself, here are some things you should have on your site maintenance checklist.
Keep this password information in a safe place and do not share with anyone whom you do not trust.
Login URL: ______________________________
User ID: ______________________________
Login URL: ____________________________/wp-admin/
User ID: ______________________________
You should have, at a bare minimum, the following security plugins installed and activated:
- Used by millions, Akismet is quite possibly the best way in the world to protect your blog from spam. Your site is fully configured and being protected, even while you sleep.
- Full Find Infection Scanner.
- This full find infection scanner will make sure your entire hosting account gets a good scan and finds all the infected files.
- Sucuri Scanner.
- The Sucuri plugin provides the website owner the best Activity Auditing, SiteCheck Remote Malware Scanning, Effective Security Hardening and Post-Hack features. SiteCheck will check for malware, spam, blacklisting and other security issues like .htaccess redirects, hidden eval code, etc. The best thing about it is it’s completely free.
- Wordfence Security.
- Anti-virus, Firewall and Malware Scan
Performing Regular Backups
Get into the habit of backing up your site files at these crucial junctions in a site’s life cycle:
- Right before upgrading WordPress, your Theme, or Plugins.
- Right after you’ve made some major changes to your site’s files (e.g., created new pages, templates, edited your functions.php file and so forth).
Any of these backup plugins will create viable backups of your SQL file so that you can restore from a known good backup should disaster strike.
- Updraft Plus.
- Backup and restoration made easy. Complete backups; manual or scheduled (backup to Dropbox, S3, Google Drive, Rackspace, FTP, SFTP, email + others).
- WP Database Backup.
- Create and Restore Database Backup easily on single click. Manual or automated backups (backup to Dropbox, Google Drive, Amazon s3, FTP, Email).
- Backup Buddy.
- [Premium plugin.] BackupBuddy is the most popular premium WordPress backup plugin. It allows you to easily schedule daily, weekly, or monthly backups. It can also automatically store your backups in Dropbox, Amazon S3, Rackspace Cloud, FTP, Stash (their cloud service), and even email it to yourself.
- WP-DB-Backup allows you easily to backup your core WordPress database tables. You may also backup other tables in the same database.
- Delete all unused themes. Make a list of them to check as you go.
- Delete all unused plugins. Make a list of them to check as you go.
As long as you are on shared hosting, your site is only as safe as the laziest, most lax user out there. Hackers often gain access to a site from someone else’s account. Once in, they often have access to other sites on that same server. (This is known as being rooted.) There isn’t anything you can do to prevent that other than to ensure that your own site is as secure as it can be and that you have made regular backups of your site files and database.
Want More WordPress Information?
Need WordPress help? Pixelita Designs has been working with WordPress since 2004. Visit us on the web at https://pixelita.com or send an email to moc.atilexipnull@olleh to learn about our WordPress Site Care Plans.
Download a PDF version of this checklist.
Joni Mueller has been designing web sites for hire since 2003, when she first blew up her web host’s server by insisting on running Greymatter. Since then, Joni has designed for Blogger and Movable Type, TextPattern, WordPress and CMS Made Simple. She lives with her cat and shoe collection in a bucolic old section of Houston called Idylwood. For some strange reason, Joni likes to refer to herself in the third person. When she’s not working on web design, she’s ordering lawyers around. And blogging about it. Or both.