WordPress: 10 avoidable beginner’s mistake
The ease of usingÂ WordPress makes it arguably the most popular open source CMS. But it is precisely this simplicity also entails a high potential for error. We reveal the most common beginner mistakes and how you can avoid.
Man is not perfect. We all make mistakes. Some of these errors but made again and again in connection with the use of WordPress, lead to problems in terms of security and slow the process of developing a website. We show you the most common mistakes, why you should not commit and tell you what you can do to avoid them.
1. Wrong Subtitles
There are themes that do not spend the subtitle of the WordPress site. If you use one of these themes, the idea is close that he also does not have to be changed. But this is wrong: Google and other search engines index the subtitle of your site, regardless of whether it is displayed or not. You can add a subtitle under “Settings -> General” change.
If you “Just Another WordPress Site” looking in the search engines, you will be able to find some of those missteps.
2. Admin as the username
It is one of the most common mistakes, which also repeatedly occurs because WordPress propose on his own initiative. To create the first user as “admin” – and this user also gives the same administrator rights. The user then selects still a weak password, and it opens the door for potential attackers. Therefore, you should also choose a not necessarily predictable login name for your WordPress admin user in addition to a proper password.
3. Post as administrator
It is important to cover up the administrator’s login name as well as possible behind your installation. But you write posts as an administrator, you can just as easily make the mistake mentioned above and call your admin user “admin”.
Instead, you should use only the admin user to work on the back end and use a broad excepted account for the creation of content.
4. table prefix
The best way to avoid the hacking of the blog is to be unpredictable. Similar to the admin name, the default table prefix of WordPress is a predictable constant – It is very easy to change your table prefix. You can do it during installation, but also subsequently in the
wp-config. php change. Choose a more complex prefix that can be difficult to guess. That should not be a problem because you do not have to think about the future anyway options that prefix is used in the database.
5. Defaults Salt and Keys
The “Salt” and the “Keys” are values that are located in the <code> wp-config.php </ code> in your WordPress installation and can be used to authenticate logged in users and their devices. In the past, it was a relatively easy session cookie and thus take over the respective course. With “Salt” and “Keys” a hurdle to attackers was installed, which makes it not so easy to take sessions. WordPress offers a private service for the creation of Salt and Keys. Simply the output of the page copy to the <code> wp-config.php </ code> – you are done.
6. Themes and Plugins from dubious sources
There are a lot of sites offer you free premium themes. Here special care is needed.Â Of course, there are also many reputable suppliers of good and free items, but the download of a free or a copy of a premium themes can quickly lead to a rude awakening. Siobhan McKeown describes in wpmudev how to identify themes with malicious code can. In principle, there are many horror scenarios where your website could be a victim of hackers and spammers possible.
If you want to use a premium theme, it will buy from the official supplier. And when the money just is not available, there are numerous providers of excellent free themes. On WBD, you can find, for example, a great overview WordPress Themes with Responsive Design.
The potential trouble, which is accompanied by the installation of a theme from an untrusted source, it is not worth it. The same applies to WordPress plugins.
7. let Permalink structure unchanged
After you run, the installation routine is WordPress ready for work. Changing the permalink structure may since have quickly forgotten. By default, the linking of sub-pages in WordPress is reacted with GET variables. Then you have addresses like “http://www.webuiddesign/?p123”. It’s not only looks unsightly, but can also adversely affect your search engine ranking.
Changing the WordPress permalinks goes pretty quickly out of hand – if your web space provider and mod_rewrite allows what currently do some hosters such as Telekom amazingly. Under Settings /Permalinks, you can set the link structure of your blog. Which setting you choose depends here on the particular project. You should, however, always rely on natural to read and easy to remember permalinks.
8. Too many (bad) Plugins
The installation of any plug-ins increases the server load and thus the load time of your website. In addition to a potential performance, hit bring plugins, as well as foreign Themes, security risks. Put a plugin only when you need it and try to make sure the plugin source is trustworthy.
However, the number of plug-ins is not the main problem. The high number of poorly written plug all the more. Check the reviews of each plugin – before installing it. You should also install plugins one by one, to see the effects directly and performance killers to possibly exclude from the early development.
With theÂ Performance Profiler WordPress plugin you can test your plugins and see which have the most impact on the performance of your blog.
9. Renounce Caching
If you are unable to renounce caching or do not know what that is, you’re wasting valuable loading time and server resources. WordPress is a dynamic, database-driven CM system. It means that every time the server listens, collects, processes, and puts together the final document submitted at the end of your visitors – and at each page change and for every visitor. So why not skip the whole process and instead directly send the finished document? There are two good free plugins for Caching in WordPress: W3 Total Cache and WP Super Cache.
In our Website Performance Series we tell you, what to look for in terms of performance yet.
10. Backup and updates
WordPress is restive further developed and improved. It security, speed and above all bugs working on the user interface. Especially the last point usually leads to timely updates of WordPress. That is why it is important to keep the WordPress instances up to date and to increase the security.
Not only to test WordPress updates are important backups. There is no system that provides absolute security. Whether there are hackers or technical defects. It can happen to anyone. Therefore, securing the nuts and bolts for all web projects. If your provider does not offer assurance, you can make regular backups of the database or a plugin like yourselfÂ BackWPup Â use. Services such asÂ Value Press Â you offer a backup service specifically for WordPress.