Common WordPress mistakes (and how to avoid them)

Common WordPress mistakes (and how to avoid them)

Michael Reilly's Layout avatar

Everyone makes mistakes, and as you you’re getting started with WordPress, there are some traps that are easy to fall into. To help you avoid these common errors, we’ve put together the following list so you can steer clear of the same mistakes.

Ready to begin? Here are six of the most common mistakes to avoid when you start using WordPress.

1. Installing too many plugins

WordPress plugins are an excellent way to add functionality to your site, and while functionality is a great thing, too much of it can be bad for your site.

As you explore the WordPress plugin repository, it can be easy to get a little carried away and install every plugin that looks enticing. While there are lots of great plugins that will help your site, there are others that can cause performance issues and slow down your site.

common-wordpress-mistakes-plugins

Before you start installing plugins left and right, it’s important to take a look at the stats and information listed for each individual plugin. Ask yourself if you really need that plugin in the first place. Check when the plugin was last updated, if it works with the latest version of WordPress, and read through the documentation (if there is any).

If it looks like a well-maintained plugin that accomplishes exactly what you need it to, it’s probably a good option to install! If it’s not a perfect solution, however, it’s probably best to move on and do a little more research.

Besides, who wants to maintain and update a bunch of plugins anyway? This brings us to the next common mistake…

2. Ignoring updates for plugins, themes, or WordPress

Between all of your plugins, themes, and WordPress itself, it can be hard to keep track of all the updates a site needs. If everything is working correctly, it can be even more difficult to prioritize updates.

However, plugin, theme, and WordPress version updates are incredibly important for a number of reasons, and security is top of the list. More often than not, when a WordPress site is compromised, it’s because the site is running on an old and easily exploitable version of WordPress, or an outdated version of a theme or plugin. Developers wouldn’t provide updates if they weren’t important, so it’s equally as important that you take advantage of updates and put them to use!

Looking at computer screens in an office

If you’re worried about the update “breaking” something on the site, simply take a backup before performing the update. This will allow you to roll back (in the event that something does get messed up) and you can take the time to figure out what went wrong.

WordPress hosting companies like WP Engine and Flywheel provide automatic backups and WordPress updates to ensure your website is always secure and working correctly.

3. Using a weak admin name or password

WordPress is an extremely popular content management system, meaning it’s a common target for attacks. Hackers will try to guess the admin password to a site over and over again until they get it right, so picking a weak password for your WordPress admin panel, like “password” or “1234,” just makes it easier for them. Use a longer password, include some numbers and symbols, and maybe even consider a tool like LastPass or 1Password.

It’s also important not to have a default WordPress username, like “admin” or “administrator.” Change it to your name, or even better, your secret superhero identity’s middle name.

Using a managed host like Flywheel can give you some peace of mind knowing that if anything happens, a team of awesome specialists totally have your back. Learn more here!

4. Making updates to your live site

Technically speaking, there’s nothing wrong with updating your live site. But in practice, if you make a mistake or type the wrong code, you could bring your entire site down.

To avoid that pressure, it’s a much better idea to make site updates using a development copy of your site. With a staging site, you’re free to make changes, test code, and experiment to your heart’s content without worrying about impacting the live site.

But again, before making any changes to the live site (even if you’ve tested everything on a staging site) it’s best to make a backup, just in case.

5. Adding customizations to a parent theme, instead of a child theme

Let’s say you’ve found a WordPress theme that’s almost perfect, but not 100% there. If you don’t have a lot of changes in mind, your initial reaction might be to edit the theme’s code, right?

While that method might work for a while, it also includes a major flaw —as soon as an update for that theme is released, the update will override your customizations (and as we discussed before, it’s incredibly important to install updates.)

To get around this, you should create a child theme. Child themes use parent themes as starting points and then build on top of them. In other words, by using a child theme, you can update the parent theme AND keep your customizations in place.

Need help creating a child theme? This tutorial will teach you how to make one.

6. Using the default settings

When you build a new WordPress site, it’s easy to dive straight into the content and start creating posts, pages, and changing the design. When you spin up a new site, however, it’s incredibly important to take a moment to go through the default WordPress settings.

For example, you’ll probably want your site to have a tagline other than, “Just another WordPress site.” And the default permalink structure, “https://getflywheel.com/?p=123,” doesn’t look very professional and certainly isn’t the best option for SEO.

There’s nothing inherently wrong with the default settings, they’re just not optimized for your own site. If you take the time to walk through the options and make decisions about how your site works, you’ll create the foundation for a strong and professional WordPress site.

What else would you recommend new WordPress users avoid? Help grow our list in the comments below!

Comments ( 1 )

  1. Shivam Sahu

    January 5, 2018

    Hey Morgan,
    Great article, and while I knew most of these tips there are a still a few I didn’t know about. One thing I see on some new (and maybe even older) WordPress site is people don’t disable/remove the meta admin widget from their sidebar. No reader/viewer/client/customer, etc needs to see a link for you to log into your WordPress dashboard when they got to your site. That tab is completely useless (just go to yoursite.com/WP-admin) and should be removed as soon as your site is active.

Join the discussion