Hey guys! I’ll make it brief!
I’ve made my own websites in the past using WordPress and whatever builder I felt like at the time. I have a background in Graphic Design so I leaned on that to make my website look “custom”. I ended up doing a website for a friends business and via word of mouth I’ve been hired to do about 4 more.
I’m happy about it but I’m also nervous about security in particular. I’m being payed monthly to manage / maintain.
What are some common practices you web designers have to simplify things like security and maintenance? Are there any plugins you always use on every site for management / maintenance? SEO? And are there any other good things to know as a noobie?
Again my background isn’t really web at all. I rely on no code builders and a line of HTML or two once in a blue moon. So the simpler I can make this the better and I know a lot of you out there that manage a large volume of sites have found good ways to automate your processes!
Appreciate you all!
[ad_2]
I wouldn’t worry as much with security. I’m doing the same as you. If it’s mostly a static site with no users who login and store content, then a sufficient form of security is just regular backups.
Some hard earned tips:
1> Have a backup system in place. If the site doesn’t change much, then don’t need frequent backups. If it’s something that changes, like eCommerce, backup as you see fit.
2> Backup before you update any theme/plugin. Once a theme had an update with a bug. We contacted the theme developer and it took 4 days to fix. At other times, there were other issues, for example a page builder update had a bug and broke the site.
3> Updating themes, Plugins, and WordPress itself: usually I do it on a weekly basis. Don’t like suddenly having to deal with some plugin conflict etc. So I set aside Saturday for updating.
4> Create a child theme. The best time to create it is right at the start, when you install a theme. Especially on dynamic sites. For example a Job portal I built required minor modifications to code to change the layout of custom posts. At this point, everything else was in place and only now I had to create a child theme.
5> ALWAYS integrate Cloudflare. Unless you’re using something else that can mitigate DDoS attacks. Cloudflare is the first line of defense against DDoS attacks. The thing about DDoS attacks is, it’s easy to do it to a WordPress site, especially one hosted on a shared server.
6> Use a security plugin. WordFence is obviously the most popular. I prefer Shield Security.
7> [GOTMLS anti malware]) plugin. I love this anti malware plugin. It has saved me and my clients on multiple occasions. It will clean up a hacked site. Something that costs upwards of $100 is free with this plugin.
I suppose you did them using wordpress, so, keep core and plugins updated you can schedule to do it once a months, I think it is fair, and you can use a centralized platform like manageWP to make your life easier.
A good free plugin for security I use is all in one wp security, use it to make some major security adjustments, like changing the login address and limit login attempts.
Before updating remember to make a backup if it isn’t provided in your hosting plan.
I think it should be enough.