Why Does a WordPress Site Need “Maintenance”?
Once you put up a website, it should be good to go indefinitely, right. Not true, says anybody with any knowledge of web development. So why does a WordPress site need “maintenance”? Let’s take a look at why a WordPress site will need ongoing maintenance.
WordPress releases an update on an average of every two months. Typically to fix bugs and a variety of security issues. Updates also add new features and functionality that can improve the overall design and performance of your site. The main components that need to be updated regularly are the WordPress core, themes, plugins, and other software that powers your site so that everything continues to run smoothly.
Plugins are independent pieces of software designed by various developers outside of WordPress. When WordPress releases updates to its core software, it’s the developer’s responsibility to keep their plugins up-to-date. This is why before even choosing to install a plugin, it’s important to research the plugin, read reviews and check the last updates performed. Once installed, it’s important to continue updating the plugin as developers make updates for compatibility with WordPress. We do this as part of our service when we build a website. It’s one of the reasons why we’re always looking to reduce the number of plugins – you simply can’t count on third-party developers to update their plugins reliably.
Although it is possible to perform the updates yourself, doing it properly is quite time consuming and risky. It’s important to have updates performed regularly by a professional developer who knows what they’re doing and can monitor and tackle any issues that may arise from the update. Software updates usually go smoothly, but occasionally they conflict with each other and can trigger malfunctions that can cause a poor experience for your visitors, or worse yet bring your site down entirely.
This is why we’re adamant that you should never, EVER try to do the updates yourself. Many steps go into preparing for plugin updates including:
- Performing a full back of your working site;
- Checking the bulletin boards of various plugin owners to expose any conflicts or issues with their “updated” plugin;
- Reading the Developer notes of each plugin;
- Researching compatibility with YOUR version of WordPress and YOUR version of PHP;
If you don’t understand what any of these terms, updating your plugins by yourself is best left to professionals.
Another reason why it’s important to have a professional perform consistent WordPress maintenance is to prevent possible security breaches. When updates are installed, there are changes to your files making your site vulnerable to hacker attacks. Part of the maintenance process with WordPress performs is consistent backups of your site. Backups are also performed before updates are made. Any CMS (Content Management System) based website is vulnerable to hacker attacks. Keeping your WordPress website core, plugins and themes up-to-date will prevent your website from being vulnerable to malware infections and outside attacks.
Think Your Site isn’t a Target for Hackers?
“Oh I’m just a small guy, nobody has a reason to attack my website” This is one a very common misconception about website security and the need for maintenance. Too often, website owners put maintenance on the back-burner because they have a small website or don’t think anyone would have reason to steal information from their site. But, if updates are ignored, you are a prime target for malicious attacks.
For hackers, it’s not about stealing information, but hijacking your site to use its server as a hosting environment to send spam emails or attack other servers. Hackers often create bots to search for vulnerable sites. Once an access point is detected, the hackers make their way in and take control of the server.
The server is then used to send out spam to massive email lists. This will damage your site’s reputation with search engines and trigger them to block your IP address, rendering your site virtually non-existent in search results. hacks can remain dormant for a long time, while the hacker infects other websites and builds an army of exploited servers, referred to as “botnets.”
Hackers use infected servers to perform a Distributed Denial of Service (DDoS) attack on other networks. Botnets send out a swarm of spambots, to infect other sites, set up phishing, and/or facilitate DDoS attacks. This type of attack aims to seize control of multiple services, which is easily accomplished with a botnet.
Most importantly, these attacks are not truly “targeted” attacks. In fact, they’re often just bots, crawling the web in search of vulnerabilities. They can take over your site in minutes and all of your site’s content will be lost forever.
Common Website Maintenance Tasks:
These are some of the more important maintenance tasks that need to be performed on your site.
WordPress Core Updates
WordPress itself is a fast-moving platform, and new features are added and regularly improved. If the WordPress Core is not up to date, your website gradually becomes less secure and stable, and will not be performing at the level it should be. Not only can this cause a poor experience for your visitors, it can have a negative impact on search engine rankings.
Themes are the framework that makes your site look and act the way it does. Like the WordPress Core, Themes are frequently improved and updated for security and performance. Using an out of date theme limits the function, security, and form of your web presence.
Plugins are the tools that can be added to your WordPress site to add features and increase its functionality. There are many different plugins available to help you do everything from creating forms to adding visual effects. Plugins are created by different authors and regularly updated. If the author updates your plugins, but they are not installed on your website, you could be missing out on enhanced features or causing security issues and malfunctions on your website.
The WordPress platform is stable, but that does not mean it is invincible. In the event that your website is hacked or goes down for some reason, having a backup off-site (on a remote server) can save you from the devastating effects of having to start from scratch. Offsite backups of your website should often be done, especially as you post more and more fresh content.
Security Monitoring & Protection:
Security is not something taken lightly by WordPress, however, even as the platform is strengthened; malicious individuals will explore new ways to overcome them. One thing most website owners don’t know is that Google and other search engines will actually blacklist a malware-infected website, leaving it virtually invisible search traffic. Why?
Because a hacked website is a security risk to their users, and to other websites. It allows for the spread and escalation of malware attacks on other websites, and even attacks against national targets and infrastructure. Ensuring that your security is up to date and at its best is certainly something that should be taken seriously.
Understanding the vulnerabilities and taking the necessary precautions is vital to the protection of your website and possibly the reputation of your brand.
Broken link Inspection & Repair:
When people on a website come across issues such as dead links, it can be a big turn-of. Dead links send a message to your visitors that you do not care enough to take care of your site, and that you likely don’t take care of other business matters, including your customers. Scanning and resolving broken links regularly helps to ensure that your visitors can easily navigate your site, and won’t get frustrated and run away to your competitors.
Dead links can also hurt you with search rankings. When search engines run across multiple broken links on your site, it tells them that your site has stale, low-quality content, and therefore not the best place to send to their users for good information.
Removing Unused Plugins:
Though it may seem harmless, having inactive or unused software on your site should be avoided. Maybe at one point, you needed that calendar plugin but now use a different one, leaving that old one installed can cause conflicts and impede your site’s speed and functionality. Going through your plugins and uninstalling the ones that aren’t necessary is a wise maintenance move to lower the risk of a website crash or malfunction.
Removing Spammy Comments:
A blog on your WordPress site can be an exceptional method of generating traffic and building your brand image. Comments on your blogs can also be a great value to provide additional information and generate discussion on topics important to your visitors. Unfortunately, like email, comment postings can be used as a vehicle for spamming. If the comments are visible to other visitors, your reputation can quickly go south. Spending the time to clear out those spammy comments will keep your visitors happy and engaged.
Those are just some of the many maintenance tasks that are important on any site.
This is true on ALL website platforms, including Shopify, Magento, ASP.Net, BigCommerce, and others.
Monthly Website Maintenance
We offer site maintenance plans to our clients because we want them to get the most from the sites we build for them, and we want to be able to show off our websites to future clients. A well-maintained website makes us look good, and our clients look good too.
We have a few tiers of service, but generally, we prefer the top tier as it offers the most protection and the best bang for the buck. This includes:
1. Putting your site on a secure hosting platform. There are several options, including WP-Engine. Each offers nightly backup and strong security against malicious software and plugins;
3. Plugin updates – Each month, we review the plugin update notifications. We do the research into each plugin and examine things like compatibility with your current WordPress version and your current PHP version.
4. Spam Blocking – Installing and maintaining the blocking of comments and spammy form solicitations.
5. Fixing broken links – Looking at 404 errors and broken links. Correcting as needed.
6. Light maintenance – Most of our clients want to freshen their site with new homepage images, updated text or new content. We pad in a few hours each month in our top tier plan to help you keep your site fresh.
All totaled, about 15 hours per month is spent on each site maintaining it, but it’s done every month, without fail. Prices range from $295 to $695 for a WordPress site depending upon your needs and what other services you request (ex. product updates, styling changes, etc.)
In short, if you’re trying to do maintenance on your WordPress site in-house, you’d be better off focusing on your marketing and leaving the grunt work to trusted professionals – like us.