accident, injury, risk


OK, so there may be a lot more than these ten, but for the sake of keeping things simple I have decided to draw attention to some important pitfalls to avoid when taking care of your website, and your brand. While some aspects of this article relate specifically on WordPress, these items are certainly still true for all website managers.

1. Exposed Emails

Spammers are constantly sweeping for addresses to put on their list. To avoid this use a contact form or a plugin to hide your listed email from bots. Contact forms not only provide better security, but also guide people to give you the information you need. With a form you can dictate which type of information you wish to acquire from your visitors. Now, spammers can still find their way in with contact forms, so it still pays to be vigilant on the messages you receive. If it feels off in any way from the content you are seeking, or if it is trying to solicit any information from you, it is spam and needs to be deleted. To further make contact forms more secure, use captcha tests or invisible fields.

2. Not Backing Up

Everyday. You do not know when disaster will strike, and by disaster I mean one small little plugin that is not compatible with the recently updated version of your platform. A backup allows you to revert to a place before the unexpected happened. If you do not lose your entire site, you could lose hours or days spent getting it back to where you need it. Not to mention your business or organization is impacted from all the down time! At some point something will go wrong. The cost of backups are minimal and peace of mind is priceless!

3. Stealing Content

I am assuming your mom taught you that if something is not yours, you don’t take it. For some reason many people do not seem to feel as guilty when it comes to digital content. Perhaps it is because it seems so easy. Website users should not steal content from others – without permission. If you really like something, absolutely contact the source and see if they will license their content out to you. Also, do not duplicate content found on other’s sites (even with permission). This can cause blacklisting of your site by search engines. In addition, duplicating content from your own site can cause dilution of your search engine ranking.

4. Suck-Up Server Space with Videos

Ideally you do not want to store long video on your server. Short, 30 second clips are fine. If you need to use video on your website consider using trusted third-party software such as YouTube or Vimeo. In order to help pages load faster, WordPress by default does not load videos until someone clicks on it. However, third-party plugins such as the ones mentioned above load right away. There are “Lazy Load” plugins to get around this.

5. Not Doing Your Homework

When installing new software (widgets, plugins, themes, etc.) one must do their homework. Just because a theme looks nice at first, does not mean that it will suit your needs. Functionality is a prime consideration when choosing a theme. That third party software you want, might be cheap, but when was the last time it was updated? How many downloads does it have? If the people creating the software are not making money, how certain are you going to be that they will be motivated to keep up with the necessary updates and security adjustments down the road? The ability to use third-party software gives your site tremendous power, but realize that you are trusting other people with their code that you are putting on your site.

6. Giving Others Too Much Power

A good rule of thumb when adding users to your web account is to give them the lowest possible role. If after some time it because obvious that they may need more access and capabilities, you can always upgrade. WordPress, in particular, is great with differentiating your user’s roles. If there is still some additional discrepancies you would like added, plugins are available. Keep an eye on your users as well. Watch out for random users joining without permission. If the need for access to certain capabilities has expired for a user, be sure to change their status or delete them all together.

7. Not Updating Quickly

This is a security concern. This is true for themes, plugins, and the web platform itself. Often, hackers intending to do harm will wait to hear of a security patch that was made on recent updates. Now, that they know the issue they will then go and target all the websites that are too slow to make the update.

8. Not Cleaning Out Old Content

As media accumulates your server space decreases. It is also just helpful to take out excess clutter to make managing the site easier. Taking the time to organize helps in the long run. There are also cleanup plugins to help you with this process.

9. Using Poor Login Credentials

Emphasize to everyone on your team! Below are four simple steps to follow…

  1. Strong passwords. Do not use actual words. Instead, come up with a sentence you can remember and string together the first letters. Do not forget about numbers and special characters.
  2. Do NOT use admin for a username. Hackers exploit this and then they are halfway there. Make sure your username is unique.
  3. Change your database prefix. When WordPress is installed, the prefix by default is wp_.
  4. Limit login attempts. If someone needs to try six or more times to find the right password, they either need a new one or they are trying to break in.

10. Failing to Moderate Comments

Don’t let the safety and credibility of your site be destroyed because of an unruly comment section. First, make sure the settings for comments are configured the way you want them. Comments can be fertile soil for spammers if not moderated. Spammers will try to include links in your comment section to fish for people to click them. Make sure you only approve the comments that enriches the specifics of the content on that page. Be wary of simple compliments thrown your way without any real substance. Also, take a note of the names of the commentators. If something seems off, it probably is.

Have questions or looking for consultation?

Just send me a message!


Leave a Comment

Your email address will not be published. Required fields are marked *