What step do you guys take during development or after development of a WordPress site so as to reduce instances of maintaining the site and worrying about hacker, errors, deprecation errors and cyber attacks??
1. auto updates for minor versions. wordpress supports something like the last twenty major versions with security patches. even if you’re not on one of the newer wordpress versions, you can enable auto-updates for minor versions to keep receiving security patches for a long time. i do always stay within the (current-3) major version so i don’t fall too behind on the evolving tech stack.
2. stay on (current-2) php version. will move to php 8.1 in november when support for 8.0 ends.
3. use as few plugins as possible, trying to recreate functionalities with lean code snippets (which should be properly written, goes without saying).
4. cloudflare is a godsend for me. it’s not essential for a fast and secure wordpress site, but it makes my life much easier. i use html caching, a few custom waf rules, asset minification, automatic https rewrites, email obfuscation, http3 support, and many other features.
5. daily backups are a must. hourly or real time if it’s a big site with lots of updates.
6. i don’t use much analytics so i don’t have much insight into frontend site errors like 40x and 50x errors. cloudflare tells me there are a few of these, however i have no idea what’s causing these errors. the sites look good in google search console, and i depend on site visitors to mail me if they face any issue.
1. auto updates for minor versions. wordpress supports something like the last twenty major versions with security patches. even if you’re not on one of the newer wordpress versions, you can enable auto-updates for minor versions to keep receiving security patches for a long time. i do always stay within the (current-3) major version so i don’t fall too behind on the evolving tech stack.
2. stay on (current-2) php version. will move to php 8.1 in november when support for 8.0 ends.
3. use as few plugins as possible, trying to recreate functionalities with lean code snippets (which should be properly written, goes without saying).
4. cloudflare is a godsend for me. it’s not essential for a fast and secure wordpress site, but it makes my life much easier. i use html caching, a few custom waf rules, asset minification, automatic https rewrites, email obfuscation, http3 support, and many other features.
5. daily backups are a must. hourly or real time if it’s a big site with lots of updates.
6. i don’t use much analytics so i don’t have much insight into frontend site errors like 40x and 50x errors. cloudflare tells me there are a few of these, however i have no idea what’s causing these errors. the sites look good in google search console, and i depend on site visitors to mail me if they face any issue.