As soon as your site is up and running, the importance of backing it up and generally battening down the hatches (i.e. ensuring everything is secure) really can't be overestimated! Losing data and/or being hacked really is an absolute disaster — and, worse still, may cause such lasting damage to your business that things continue to go south well after you've managed to 'fix' things. The goal of this particular guide is to help ensure you've not only prepared for the worst, but also generally optimized everything for the best possible performance too: a subject we'll also be returning to in a later guide as well.
So, you have a shiny new website, and it's likely you're working around the clock to get more visitors and clicks. Apart from regularly adding fresh content, the most important part of your job is going to be backing up, securing and optimizing your website.
The good news is that backing up and securing can be automated easily, and some parts of optimisation can also be set-and-forget. In this article, we'll show you how to do this — giving you the freedom to spend more time on the parts that need the human touch, and therefore add the most value to your site.
Backing up your website is crucial — it's one of the best security practices, and will also give you that all-important peace of mind. During the course of a website's life, things will go wrong. Hacks are only part of the problem — hardware failures, human error and all sorts of other issues could require the use of a backup.
A WordPress website consists of four main parts:
The last two items on this list are the most important ones. The WordPress software is readily available, and, unless you're using custom-built ones, so are the plugins and themes, so losing these isn't a huge problem, as you can just re-download them. Your content and media, however, are a different story altogether. Lose those and you've basically lost your whole website.
In the WordPress world, there's one backup tool to rule them all: VaultPress. The reason it's so powerful is that it's built by Automattic — the company behind WordPress — meaning it's always up-to-date, always compatible, and works out of the box like a charm.
VaultPress is an online service that connects to your website via a plugin. The basic service costs $9 a month (or $99 a year), while the premium service is available for $29 a month (but for almost all websites, the basic plan is just fine). I'd recommend buying a subscription, even if money's tight; if you plan on making money with your website, this is $9 you should certainly invest.
Once you have a subscription, download the VaultPress Plugin — if you're not sure how, take a look at our guide to choosing and installing plugins. Once the plugin's installed, it'll ask for your registration key, which you should have received when subscribing to the service.
The next step is to tell VaultPress how to connect to your site, which can be done by adding a new site in the VaultPress dashboard and setting up a connection.
As you can see, you have quite a few options. FTP or SFTP will be the easiest to set up — your host can give you all the details you need to make this work — although SSH may be the best, as VaultPress will have easy access to your database and files. Don't worry if you can't set that up, though, VaultPress will figure things out over SFTP and FTP just fine.
Now you're done, and you can forget about backing up forever! If anything does go wrong, VaultPress can restore your website with a single click. I've only needed to do this a couple of times, but, when I did, it was a life saver.
VaultPress also gives you some stats and — more importantly — security updates. If it finds something nasty on your site during a scan, it'll let you know so you can take steps to remedy the issue.
I actually haven't used anything else since VaultPress came out. It's one of those services that works all the time, every time. There are a number of other solutions, such as Backup Buddy (minimum $80 a year) or BackUpWordPress (free), but I've found these to be lacking when compared with VaultPress.
WordPress is an extremely secure system that's constantly updated — however, badly coded themes and plugins can put your site at risk. While you may not be able to filter these, you can do a lot to make sure your data and your website are protected if anything does go wrong.
The most important factors are you and your other users — for example, you could have the best security systems in place and then choose the password '1234', putting your site's security at risk. Here are some easy-to-learn habits you should get into to increase your security:
Once you have some good habits going, you should secure your site against specific attacks. There are a bunch of plugins available, so choose wisely. I find that it's best to use a single feature-rich plugin instead of a bunch of small ones.
You don't really need to know about all the intricacies involved in these plugins — just set and forget.
Some companies specialize in helping you secure your website. They not only offer services such as active security scanning, but also security audits and consultation. If you have a large website that's your primary source of income, this could be a great investment. Having someone on-hand to tell you what needs to be done and what you need to look out for can be invaluable in the long run.
Website optimization is an industry in itself, so I'll just mention the automatic optimization techniques that are available. We'll focus on two areas here: SEO and speed.
According to most users, Yoast is the superior product. Yoast also leads SEO research, and is at the forefront of new developments, but both options are detailed and provide everything you need to increase your SEO ranking.
Speed optimization is a large part of every website's task list; increasing website performance can directly lead to more income. There are quite a few pieces to this puzzle, and, from hosting to plugin and theme choice, they all make a difference.
In most cases, you'll want a loading time that's less than three seconds, although for certain types of website (image or video-heavy ones) it may be acceptable to go a bit over that. One of the best ways to measure your site's speed is with tools such as GTmetrix.
GTmetrix scans a specified webpage, and not only gives you the final loading time but also the components of it and what you need to do to get better results. This will help you increase the speed of your website easily — just follow the on-screen instructions.
Another well-known tool is Pingdom, but I prefer GTmetrix because its interface and package options allow you to schedule speed tests as frequently as hourly.
You could have the best site in the world, but things could still go south if you get hit with heavy traffic. A good host will make all the difference because it'll ensure your website stays snappy — even under high loads — and will mitigate speed issues caused by bad themes and plugins by providing a buffer.
We have a bunch of articles here at WinningWP that can help you choose the right host — take a look for more information.
Just as badly coded software makes your computer sluggish, badly coded plugins can slow your site down considerably. In general, it's a good idea to use plugins from trusted sources — look at reviews, ratings, the author of the plugin and other similar metrics to determine whether or not a plugin is worth your time.
We have a great guide on how to choose a plugin, which takes you through this process — give it a read!
The idea of a website cache is simple: Each time someone views your site, the server does a bunch of processing to produce the resulting page. The result of that processing time is usually the same — think of a single post, for example, it doesn't really change with time.
A cache simply saves the result of all that processing, and, if the same page is requested, it serves the saved result. The processing doesn't need to be done again. On pages that change, the cache is cleared so the page gets re-generated.
A CDN — or content delivery network — is a way to serve content to a user from a location geographically closest to him or her. You could have a server somewhere in the US, for example, where all your content is served from — regardless of where the site visitor is located. Data travels pretty quickly on the web, but a few thousand kilometers is a considerable distance and can affect speed — especially pings and connection times.
A CDN distributes your content — usually your media — over multiple data centers around the world. If you use a CDN, an image would be served to a user from the server that's nearest to them. In some cases, this would mean as close as 500km. Not bad!
With a couple of simple steps, you can create a website that's faster, more secure and better optimized.
There is, of course, a lot more you can do than we've covered here — especially in the optimization arena. Security and backups tick away in the background, but optimization is essentially a never-ending task. You can look into keyword targeted content, AB testing, not to mention design, user experience, user interface design and all sorts of other industries.
My suggestion is to chip away at these bits and pieces as time allows, and always strive to make your site a little bit better. Don't forget, though: The goal of your website is most likely conversion; you could have the fastest, most secure site in the world and make no money from it. This is why automating these things and getting them out of the way is so important — you should be focusing on making the best use of your existing visitors, grabbing their attention, retaining them, and getting them to buy something!
There's more to us than just WordPress guides. Here's a few favorites:
Without a proper backup, losing data can be a devestating setback. Being hacked is almost always a huge blow to your site's reputation, your brand's credibility, and may even have near fatal repercussions for your business as a whole; and failing to optimize your site, whilst almost always nowhere near as bad as losing data or being hacked, can slowly erode your company's bottom line without you ever even realizing it. Be sure to do everything you can to avoid falling into any one of these traps!
***Last updated 1st January 2017***