the care and feeding of your wordpress website - hosting, updates, backups, security
DESCRIPTION
How to keep your WordPress website healthy, secure and fast! How Wordpress works and best practices for keeping your site and your visitors safe, secure, and happy.TRANSCRIPT
The Care and Feeding of Your WordPress
WebsiteKeeping Your WordPress Site Healthy, Fast, and Secure
by Cindy CullenStarted programming in 1983
AS in Computer Data Processing, NSTI 1987BS in Computer Science, APSU 1989
Corporate World – General Electric Information Services, American Chemical Society, Iostudio
Freelance since 2003WordPress Health Insurance Protection –
wpHIP.comFascinated by PowerPoint animations
Websites have changed a bit since we started building them
Back then…O Static HTML pagesO Mostly text – tables and formsO Online brochureO All custom codeO Build it and leave it aloneO Few changes – had to call the web
designer/programmer to make themO Expensive
Today we have WordPress…O Open source – everyone can see the codeO Community of developers/programmersO Dynamic – lots of moving partsO Applications – software instead of brochuresO Content Management SystemO Anyone can add, update or remove contentO Frequent changesO InexpensiveO One size fits all
As technology grows, our sites need to be…
O Functional, helpful, and usefulO Optimized for speedO Optimized for search enginesO Protected from hackersO Safe for our visitorsO Up 100% of the time
What is the MOST important thing you can do to keep your
WordPress site healthy, fast and secure?
It all starts with hosting
O Linux vs. WindowsO Shared vs. VPS vs. Dedicated vs. CloudO UptimeO BackupsO Disk Space and BandwidthO SupportO SecurityO Extras – email, statistics, domains, etc.O WP friendlyO Test sites or areas to test changes before
pushing them to your site
What is the second MOST important thing
you can do to keep your WordPress site
healthy?
WordPress Updates
O Core updates
O Plugin updates
O Theme updates
Why Update?
O Keep hackers outO Keep your site up and
runningO Protect your resourcesO Protect your
visitors/customers
Updating your WordPress Site
WordPress core updates
Plugin updates
Theme updates
What Could Go Wrong?
O Compatibility problems
O Lose Customizations
O Site might go down
WordPress is a Content Management System (CMS)
O It was made so that anyone can make changes to the site
O Anyone can add, change or delete:O content – pages, posts, menus,
widgets, custom post types, media, comments, users, etc.
O plugins – new functionality = new code written by ??
O themes – new look = new code written by ??
All we need to change your site is:
O A username and password
O An invitation into your site through code:O pluginO themeO security hole
O Access to your hosting account
WordPress makes it easier for YOU to maintain your
website.
That also makes it easier for others to change your site
too.
This means: you must go to extra lengths to keep your
site secure.
What You Need to Know about How WordPress Works
Code/Files Database/Content
O FTPO Appearance-
>EditorO ThemesO PluginsO Media/Uploads
O Everything elseO PagesO PostsO SettingsO MenusO Widgets
CustomizationO When I customize a plugin to work better
for me, I change the codeO When I customize a theme via FTP to work
differently, I change the codeO When I change the contents of a page
from the WordPress dashboard, I change the database
O When I change the menu through the WordPress dashboard, I change the database
O When I change the menu in the theme files either by ftp or through appearance->editor, I change the code
WordPress updates replace files and code and may change the
database
WordPress Code/Files
Theme updates replace files in
the wp-content/themes folder
Plugin updates replace files in the
wp-content/plugins folder
Media is stored in
wp-content/uploads folder
Core updates may replace files
in any and all the other files and folders
All updates may affect the database
If updates affect files, code and/or the database then…O My customizations could be lostO My plugins may not work well
togetherO Code badly written could corrupt my
databaseO Cod badly written could conflict with
settings on my hosting account
What if updates go wrong?
O Change back to twentyfourteen theme
O Deactivate pluginsO Can’t get in to do that? Delete or
move plugins by FTPO Use developers tools in your
browserO GoogleO Call an expert
Developer Tools in Browser
O Chrome and Firefox O View->Developer->Developer ToolsO command-option-I on Mac
O SafariO Enable Develop menu in Advanced
preferencesO IE
O Tools->Developer ToolsO F12
How do I avoid problems with updates?
O Good HostingO BackupsO Good ThemesO Good PluginsO Rename plugins or keep copies of your
customizationsO Compare plugin files before the updateO Child ThemesO Test sites
WordPress BackupsO Backups take up disk spaceO There is no need to backup the
WordPress core filesO If your hosting provider is making
backups, you may not need to make your own - it’s probably just costing you money
What should we backup?
Remember the only files that change are in your
wp-content folder
The only other file that is normally changed on your site is
wp-config.php
Your database changes
most often.
So, you only need to backup these three things:
wp-content folder
wp-config.php
database
When should you back up?
O How often does your site change?O How important are the changes?O Is your hosting provider already
making backups? How long are they being kept?
O Costs to backup in time and moneyO Costs to recover – some hosts
charge to recover
How often does your site change?
O posts, pages, menus, widgets, etc. – changes by you or your contributors - database
O comments – databaseO plugins added, changed, deleted –
code and databaseO themes added, changed, deleted –
code and database
What about premium plugins to update my site (such as backupbuddy)
O Is it worth the costO of the plugin?O in disk space?
O Must be stored somewhere safeO Must be managed well – what to
backup, when, did the backup work?, can you get to the backups easily?
O Is it needed? Or are my hosting provider backups enough?
How I do itO My hosting makes daily backupsO My hosting keeps backups for 21 daysO My hosting restores everything, or just 1
file, or a database at no additional costO Make child themes instead of changing
the original themeO Before a critical update:
O backup critical files and the databaseO test updates on a test siteO compare code in plugins
Child Themes
O functions.php
O style.css
O template files
Updating the twentyfourteen theme doesn’t affect my twentyfourteen child
theme
Test sites for creating sites, testing updates or making changes
O domain or subdomain name for the site if online
O disallow search engines from indexingORO setup a local environment – wamp, mamp,
xampp
Either way:O URL problems in files and the database
Search Engine Optimization
O Yoast SEO pluginO Schema Creator by RavenO Content, content, contentO Search engines love healthy sitesO Search engines work for their
customer, the searcherO Call an expert
SSL Certificates to protect your data
O Encrypt data being sent to and from your website
O Use HTTPS:// and show the lock on your browser
O You need one if you are collecting sensitive data such as social security numbers or credit cards
How to keep your site healthy, protected and fastO Don’t use free themesO Delete themes you aren’t usingO Don’t use more plugins than you
needO Delete plugins you aren’t usingO Don’t use ‘admin’ for your usernameO Use a strong, cryptic passwordO Update your site regularlyO Backup your site often
Keeping your site fast, secure and healthy
O optimize your imagesO use captcha to cut down on spamO limit the number of login attemptsO optimize for search enginesO limit the number of post revisionsO optimize your databaseO choose responsive themes or mobile
versions of your site
Keeping your site secure, healthy and fast
O Interact with your visitors often through newsletters, forms and comments
O Monitor your site for breakins, hackers, malware, and downtime
O Use caching, content delivery networks, and accelerators to speed up your site
O Optimize your code files for speedO Split testing to see what works
Keeping your site healthy, secure and fast
O Checking for broken linksO Malware scanning and detectionO Change defaults (login, database
prefixes, folder names, folder locations, etc.)
O Add content regularlyO Change your passwords oftenO Use an SSL certificate when appropriateO Block IP’s if necessary
How Much Protection is too much protection?
O How important is your website?
O How important is your data?
O How much are you willing to pay to get it back?
Thank You!For more information contact me:
Cindy Cullen
wpHIP.comPeace, Love and Smooth Operatin’