WordPress: Getting Started

Last Updated: June 15th 2015

So you’ve made the jump and installed WordPress? Awesome, now what comes next?

I compiled some valuable first-step items that should help you get on your way. So roll up your sleeves and dig in, it’s WordPress time!

SecurityMaintenanceSEOMiscellaneousExtras

Security

Update

Location: Dashboard > Updates

Many hosting providers or installation utilities provide an outdated version of WordPress. Using updated software not only adds new features; it is important to apply the latest security patches.

WordPress now powers 18.9% of the web which makes it a prime target for malicious activity. The WP community is always working to stay ahead of security issues and releasing updates to keep your site and data safe.

The latest WordPress versions allow for auto-updates (a recommended setting). As a safety measure sure, hover over the “Dashboard” link in the admin sidebar and check the updates area. While you’re in there, make sure to update all installed plugins as well.

Set/Change Admin Name

Location: Users > All Users

The first thing you should do once you have WordPress installed and running is to get rid of the admin account, if you have one.

Kurt Schweitzer

One of the most common methods of hacking WP site is by gaining forced access through the “admin” username.

Navigate to the “Users” area and create a new user with administrative privileges under a unique name. Next, delete the account titled “admin”. This is a quick and easy step that will go along way to making sure you website remains safe from attacks.

Limit User Account Creation

Location: Settings > General

Not all sets are created with membership in mind. If you don’t provide additional functionality to registered users you should immediately uncheck the membership box labeled “Anyone can register”. I strongly recommend adding an additional step or even a membership plugin if you would like users to register for your site.

With this enabled it is very easy for somebody to create a malicious script that creates user accounts on your site. This can create security issues or even crash your database. Safety first!

Install BruteProtect

Location: WordPress Plugin Directory

One of the most common methods for compromising a WordPress site is using a “brute force” attack. In simple terms a brute force attack uses a bot to test thousands of passwords against your user account to gain access to your site. Installing BruteProtect is a great first line of defense against these attacks and takes only a few minutes to set up.

Simply navigate to Plugins > Add New and search for “BruteProtect” after you install the plugin, you will have to request an API key that you enter in the plugin settings. That’s it! Your site now has an additional level of security.

Editors note: BruteProtect is also available as part of the JetPack plugin suite.

Maintenance

Set Time

Location: Settings > General

Timezone! with my first blog I couldn’t figure out why my daily stats didn’t line up with what I thought they were. It was because my day started at a different time than WP’s
Chris Clemens

Time settings are often overlooked in WordPress. This can cause issues with post-scheduling, RSS feeds and social publishing. It can also be pretty embarrassing when you find out you’ve been posting from the future.

Before taking your site live, check your settings to make sure that everything synced to the correct timezone.

Site Title and Tagline

Location: Settings > General

Remember when you were installing WordPress and you were prompted to enter a site title and site description (tagline)? Did you choose a title and sub-title for your site or just put in a place holder? Maybe you’ve set your title but left site description blank. If you leave this field blank and your theme utilizes the site description functionality your visitors will be greeted with the cliche “Just another WordPress blog”. Let’s conduct a quick google search to see how unique this phrase is to your site.

This often overlooked step is important to tackle early as it is easy to forget and makes your site look a bit unprofessional.

SEO

Confirm/Set Preferred URL

Location: Settings > General

Consistency in your preferred URL is important in preventing duplicate content issues. Luckily, as a WordPress user you may be able to avoid tackling that tricky .htaccess file; WP handles this for you. This requires the site URL to be set to your preferred setting (http://www.example.com or http://example.com).

An extra step: Log in to Google Webmaster Tools account and let ol’ Google know which version or your site is the preferred URL.

Clean Up Your Links!

Location: Settings > Permalinks

I set the permalinks. They drive me crazy otherwise.
Michelle Frechette Ames

This tip is helpful for many reasons. Permalinks are often referred to as “pretty urls”. Because well, they just look better.

There is also an SEO benefit to using relevant keywords in your post URLs. Anything that makes the browsing experience better for both Google and your users is a giant win! So let’s clean up those permalinks.

Official WordPress permalink documentation

Install Yoast’s WordPress SEO Plugin

Location: Plugins > Add New

I decided to include this as necessary step instead of bundling it in with installing favorite plugins for a few reasons. Yoast’s plugin optimizes your website for search engines, functionality and user experience. WordPress SEO allows you to set proper SEO title and meta description for posts/pages. These elements can great increase CTR in search results and improve page rank.

There is also a great feature set that includes proper meta information for Facebook, Twitter and Google+. All these features combined make your site easier to find and navigate for users.

Rand Fishkin of Moz wrote a great article outlining the reasons that EVERY blog should care about SEO. Just because you’re not trying to be an SEO mogul, doesn’t mean you should ignore these easy to use features.

Miscellaneous

Remove Packaged Plugins

Location: Plugins > Installed Plugins

WordPress, by default comes packaged with 2 plugins: Hello Dolly and Akismet. Depending on your hosting provider you may also see plugins packaged by partners. For me, this is like cleaning up a fresh OS install; delete everything that you’re not going to use.

There are even plugins created to strip WordPress of what some feel to be unnecessary features. I would proceed with caution when using these features as your habits may differ from other plugin creators.

Delete Sample Page, Post and Comments

Location: Pages > All Pages, Posts > All Posts

I don’t like sample content. If I didn’t create it, I don’t want it on my site. Give your site a fresh start and delete the sample page, post and comments created by default. If nothing else, It feels good to know you had a hand in creating every piece of content on your new site!

Taking it Further

Install Favorite Plugins

Location: Plugins > Add New

I will continue to update this section with some of my favorite and most powerful WordPress plugins:

  • GravityForms – A powerful, flexible form builder. Customize your forms, notifications and functionality to meet the needs of your site.
  • Ninja Forms – A free alternative to GravityForms (with pay to play add-ons).
  • InfiniteWP – Self-Hosted management utility to manage, update and backup multiple WP sites from one place.
  • Velvet Blue URLs – Very useful when moving your WP site.
  • Regenerate Thumbnails – Make a a change to your image sizes? This helpful plugin will take care of any thumbnail issues.
  • Kraken.io – Simply the best, most powerful image optimization tool out there. Save time, and space on your website for faster loads and less bandwidth usage.

Leave a Comment

Interested in working with Site Trio?