5 Common Website Maintenance Mistakes and How to Avoid Them

There’s no doubt about it; websites are hard work. They are dynamic, ever-changing, and likely a huge asset to your business. Having a web developer on staff is expensive, and sometimes you may try to DIY your website maintenance. However, as small business owners or even developers, it’s easy to make simple mistakes that you might not even realize you’re making!

1. Using WordPress Auto Update Functionality

The WordPress Auto Update Functionality was announced in WordPress 3.7 and relies on what’s called WP Cron. Cron is the system that uses PHP to instruct the server to perform timed activities, such as installing and downloading updates. While standard and easy to use on sites, it should be avoided. Here’s why:

No Logs

The built-in functionality provides no logs of what was updated or when. This can be problematic if something goes wrong with an update and it breaks your site; you won’t know where to begin!

No Control

With the built-in functionality, it provides no control over when the updates happen. Cron runs when someone visits the site, so if your site has low traffic or it is in the middle of the night, the cron event will not run until someone visits your site. Sometimes, though, hosting providers have their set schedule that they can push these updates out and force cron to run. But neither provides options for control to time when they happen.

2. Not Making Backups Before Updating

Backups are one of the most critical aspects of any website. When disaster or accidents strike, having a solid backup and knowing how to restore it will save you from hours of stress and a messed-up site! Before beginning any work on your site, log into your web host and take a backup. There are plugin-based backups, like Updraft, but they should not be your only backup. I’ve seen people accidentally delete entire sites before, which would include the backups made by those plugins (unless you sent them to offsite storage).

3. Not Having Security Plugins Installed

Security is one of the most important topics for WordPress. Due to the open-source nature and popularity of WordPress, it is a valuable target for hackers. Having a security plugin such as WordFence or Defender makes your site more secure. Following the recommendations provided by those plugins, in addition to having strong passwords and two-factor authentication, will make your site significantly more secure.

Common WordPress hacks include spamvertising, redirects, and popups. Hackers will spam the site with hundreds of posts or pages, install malicious code to redirect you to a fraudulent site, or produce a popup on your site that will hijack your users’ browsers.

4. Plugin Overload

There are tens of thousands of WordPress plugins, and it’s easy to go on an install spree. New popup plugin, new form maker, new this and that—it’s easy to get 50+ plugins on a site that doesn’t need them.

It’s useful to review your plugins yearly at minimum, making sure any unused or inactive plugins are removed. Too many plugins installed can slow down your site and cause security issues by having all of that extra code running on your site!

5. Not Having an Uptime Monitor Installed

While most hosts offer a 99.9% uptime, this often only covers the underlying server rack. From critical errors, expired domain names, SSL certificate issues, to DNS and CDN issues—your website is less likely to have that 99.9% uptime. It’s important to have some sort of uptime monitor on your site to alert you when the unexpected happens, not just if your host has an outage!

That wraps things up! While this isn’t a comprehensive list, it is a great start to ensure you’re doing your website maintenance the right way.