Category Archives: WordPress

WordPress Best Practices – Passwords, BackUps and Users

One of the great things about WordPress is that it is really easy to use. One doesn’t need a Computer Science degree to figure out how to get a reasonably good looking site up.

But this is also one of the biggest dangers of the platform. It’s ease facilitates multiple Users and multiple ways to screw up your site.

I’ve seen it before. A friend of a friend or your kid says they can help, but maybe accidentally eliminates site customizations with a theme update, or kills the site all together. Or even worse, you get hacked!

There are best practices to avoid losing all your (or your consultant’s) hard work. Here’s a few you might want to consider…

Passwords need to be safeguarded and difficult. Specifically your admin password. That’s not something you want to share easily. Use both upper and lowercase letters, numbers and special symbols. How do you remember your password then?

By using a cryptic phrase, such as: St@y0ut!

In this sample an ampersand (@) is substituted for the letter “a” and a zero (0) is substituted for the letter o.  Here are some other substitution ideas…

@ for a; 3 for e; 9 for g1 for i or l; 8 for b; 4 for the word for; 5 for s

Backups are equally important. WordPress has an Export function in the Tools section of the admin dashboard. Backups should be made on a regular basis based on how often you update your WordPress site. The Export tool only backs up your content, not customizations made to themes, and widgets.

Theme back ups can be made by copying the PHP Edit sheets in the Appearance menu to a TXT or RTF file. This should be done anytime a change is made to the PHP file or to the Theme options. If you are not a coder, do this very gingerly. Deleting a single character from the right PHP can cause the whole site not to function!

Finally, if all else fails, most good hosting companies can restore your site within a 60 day window. Contact your host and ask them to restore your site to the last time you remember it being good. You may lose more recent changes, but you can get the bulk of your site back this way if something happens.

Restrict access to your site! It’s your website after all. If you are letting friends or friends of friends help you out on the site, be sure to have your back ups done, but really know who you’re letting on there. It’s ok to give them their own user profile that you can revoke later. But don’t give the admin password out to just anyone. It’s the equivalent of giving a master key.

WordPress is a great tool to get your story out, with a minimum of technical skill. But just because it’s easy doesn’t mean that a site can be easily fixed. Know who is on your Users list, and what access they have. And if something goes wrong, have a good backup.




Comments Off on WordPress Best Practices – Passwords, BackUps and Users

Filed under Tools, WordPress