I first started using WordPress at my ‘day job’ when we needed to create a website in a short amount of time, it needed to look good and we didn’t have a web designer on staff. For those of you not familiar with web jobs, there are a wide variety. There are web designers – think of them as the ones who make the website pretty and have design skills. There are web developers who do the coding. There are web content editors (if you’re lucky) who know how to make the text on a website easy to understand to the general public. The webmaster sets up the web server (where websites reside) and sometimes takes on one or more of the above. I think of myself in this category although I am predominantly a software/web developer. In any case, we didn’t have (and still don’t have) a designer on staff who could make the website pretty.
I had just begun to dabble with WordPress for some family and friends so proposed this as a solution. So: Enter WordPress. We decided to use WordPress because there are not only a ton of templates available for WordPress but there are also a ton of plugins to do a variety of tasks needed for a modern website. We found a template that fit the needs, got the content and photos from the requesting department and voila! created the site within a month. It was a success and we have used WordPress on a number of our smaller sites since.
Since that initial site at work, we have created 7 more sites in WordPress. For expediency, we picked a single template for the rest because once you know the back end editors and tools that creators include with their template, websites can be rolled out quickly and maintained easily.
You can view my presentation at the National Association of Government Web Professional at the 2015 National Conference below.
Personal Work with WordPress
I’ve found that the most efficient and cost effective way to create a website is by using WordPress with a purchased template. Many of the people I create websites for are small businesses without a huge budget. I once worked at a marketing firm and, although the products were stellar, they came with a big purchase price because there was actual design, project managers for the oversight and web developers to do the coding. We didn’t use Content Management Systems (CMS) like WordPress – we created the websites from scratch.
So, WordPress fills a nice need for smaller businesses. There are alternatives, of course, that tell people they can easily create their own websites. This is true to a point. But I’ve helped more than one person add things that aren’t easily implemented by a non-technical person. WordPress also allows you to easily train your customers to edit their own content since it provides a CMS.
Securing a WordPress Site
Because WordPress is one of the most popular platforms in use, it becomes a target of bad players (i.e. hackers). Two things are critical in my opinion – an SSL certificate (this is what changes the address from http://yourwebsite.com to https://yourwebsite.com. What an SSL certificate does is encrypt the information as it is transferred from the web server to your device and back. It is especially critical if you are typing in personal data like logins, passwords, credit card numbers, etc. If you don’t see they are using an SSL certificate on a website DO NOT enter any personal information anywhere on the site. Hackers can capture the information during the transmission if they are skilled.
The second critical piece is a security plugin. I know of what I speak because before we had a security plugin, one of our sites was hacked. It was painful to recover (good backups are critical) and since have always installed security plugins on my WordPress sites. I use WordFence on every WordPress site I have worked on. There are other plugins but this is the one I use. A couple of the feature that WordFence has are the following:
- It scans all the files on your website and compares them against the ‘official’ versions of those files. If anything is different, it lets you know. For example, if a hacker somehow changes one of you WordPress or plugin files, it would be different than the official version and you would be notified.
- If there is a new version of WordPress or a plugin, it notifies you. This helps to plan the upgrades of these items (see the Maintenance section).
- If users login to your website, you are notified. You can set parameters but I recommend at least being notified if anyone designated as ‘admin’ logs in.
- If anyone attempts to login using invalid credentials you are notified.
Maintenance of a WordPress Site
I would be remiss if I didn’t mention that, although the site is easy to create, it does require some maintenance. WordPress itself requires regular updates and any plugins you install need to be updated on a regular basis. It usually doesn’t take a huge amount of time but I recommend updating WordPress and plugins on a regular basis – after a backup has been run in case some update goes awry (and it does occasionally). I would estimate that it takes about 1 hour per month to (1) make sure you have a good back up, (2) update the plugins, etc. and (3) test to make sure nothing is broken. Of course, if there are issues, there is additional time to restore the site from the backup.