How Not to Use WordPress – Best & Worst Practices

How Not to Use WordPress

Written by Jeremy Earle, JD

January 15, 2022

Colorado Springs Web Design

Using WordPress, you’ll have access to a wide range of features and functionality. On the other hand, they’re also liable to make blunders. You may find out more about them by reading this.

WordPress is an incredible technology that is both powerful and versatile. But just like any other tool, it has a vast range of possibilities that might lead to blunders.

All of these blunders will hurt your website, but some of them are downright disastrous. That’s why knowing what they are and how to prevent them is so critical.

You’ll learn how to prevent the most frequent WordPress blunders in this post.

1. Using Badly Coded Themes

Because this is the cornerstone of your SEO efforts, and honestly, most themes don’t do a good job of it, this is the first item you should check.

You need to analyze if your theme is custom-built, bought from a theme vendor, or obtained for free from the WordPress repository to ensure it does not disadvantage you, such as:

HTML Checking for Errors

Invalid HTML may create rendering errors, harming both the user and search engine.

In such a case, you risk losing site visitors due to display and/or functionality issues. You may also suffer from low search engine rankings due to search engines’ inability to correctly render and interpret your page’s content.

The W3C’s Markup Validity Service has an easy and free tool for verifying HTML validation, but I’d want to add a caveat: I’m not a purist when it comes to HTML validation.

That is to say, in certain situations, rectifying a mistake may not be worth the investment in terms of return on investment.

In rare cases, you may not resolve some issues because they may be caused by something you cannot change, such as essential functionality in some themes or plugins.

For situations like these, starting again and rebuilding from scratch may be better if you encounter serious mistakes that cause rendering difficulties.

Input and Output

As a result of the additional files that many themes include, your pages will take longer to load.

Because many themes load these files needlessly, this is the worst aspect. Instead of just loading files when needed, many themes load them on every page, which causes the page to load much more slowly.

Users and search engines alike value a fast-loading page.

There’s no ideal quantity to strive for, but if your website takes a long time to load, less is always better.

Unreasonably Large DOM

This may seem complicated, but it’s rather easy to do. Our WordPress site’s HTML has to be as efficient as feasible to be effective.

A site’s performance may be greatly influenced by how efficiently HTML code is written since each element affects memory consumption, style computations, and layout reflows.

HTML components buried many layers deep may rapidly degrade performance in many themes.

When it comes to themes, most developers are more concerned with aesthetics than code efficiency, which we see with page builders.

2. With the help of Page Builders

Using page builders is a terrible error, in my view.

I can see why they’re popular — they make it simpler for designers to contribute and amend their work.

In addition, they clog up your code with extraneous HTTP requests and HTML problems that you can’t correct.

Clean, efficient code is unheard of in page builders.

There are numerous similarities between WordPress page builders and website builders, which I covered in a lengthy piece.

3. Excessive Plugins Installed

With only one or two plugins, you can add a lot of functionality to your site. In the past, adding a new feature meant hiring a developer and shelling out several thousand dollars. Those days are long gone.

There are, however, several downsides to this.

Firstly, there is a wide variety in these plugins’ development quality. Many plugins, like themes, are written shoddily, resulting in sluggish loading times and the appearance of HTML mistakes on your website.

These plugins often load many scripts, CSS files, pictures, and fonts, all of which add to the slowdown and diminish the user’s experience.

Because it’s so simple, many individuals make the error of installing too many plugins.

There is still a lot of processing power needed to run the functionality of your websites and load any external files that they incorporate, even if they are well-coded.

4. Unoptimized Media Sources

Adding fresh photographs to our WordPress websites has never been easier than it is now that we all carry high-powered cameras in our pockets, but this also leads to a frequent and serious errors.

In most cases, the image you snap with your smartphone or tablet will be far bigger than what you need for your website.

You may print these high-resolution photographs or trim a portion of them to show full size without sacrificing quality. Your WordPress media library may typically contain full-sized and unoptimized photos if you upload them directly.

Some themes automatically resize uploads depending on a set of dimensions to avoid this problem. Though many don’t.

For those who already have a WordPress website but are just now beginning to handle this problem, there are plugins available that can automatically downsize your media library files.

I want to emphasize the need of creating a backup of your website before using any of these tools, in case they accidentally remove or rewrite data that you didn’t want them to.

How to Improve Page Speed for More Traffic and Conversions teaches you more about media optimization.

5. Sitemap omission is fifth.

An XML sitemap is useful for all websites, but it is particularly helpful for big ones since it aids search engines in finding and crawling your whole site. This is especially important for pages that are difficult to find and have just a few links going to them.

Despite its importance, this functionality is not yet built-in to WordPress, necessitating the use of a plugin.

Most of the time, I use the Yoast SEO plugin for this, but others will automatically generate an XML sitemap each time you add, alter, or remove anything on your site.

6. Ignoring New Updates

In my work, I am exposed to the backend of several websites and am always astounded at how out-of-date certain plugins, themes, and even the WordPress core can become.

After so many years of witnessing it regularly, I should not be shocked by this.

Updates fix the speed, design, and usability concerns, but they also address security gaps that hackers may use to access your site.

From the obvious – like removing or defacing a website – to the subtle – like stealing credit card information or establishing outbound connections, they may do anything bad once they’re in.

If you know that you won’t be able to update WordPress core regularly, I recommend turning on automatic updates.

7. Overlooking the security of one’s home or business

We’ve previously discussed the dangers of not keeping your plugins, themes, and WordPress core up to date, but website security extends far further than that.

It’s critical to note that no website can be guaranteed to be 100% safe. However, if you take the necessary precautions, you will prevent most hackers, except those with a special interest in your company.

A big part of hacking involves finding flaws in hundreds of millions of websites and exploiting them as quickly as possible.

Make Your Username.

In most WordPress installations, the initial username is “admin,” which should be changed since it’s the username hackers would attempt first.

In the case of a new website, this is a simple matter of adjusting during installation.

The WordPress admin area does not allow username changes, but you may use your hosting account’s phpMyAdmin and make changes directly to the WordPress database.

For privacy reasons, you should alter your display name in your user profile to avoid revealing your username in every post.

Your administrative section should be shut down.

Most hacking efforts may be thwarted by limiting access to your admin area to a single IP address.

a Linux Server (Most Web Servers)

Creating and uploading an a.htaccess file to your wp-admin folder is an easy procedure.

To get started, open a text editor, create a new file, and then paste the code from this page into the file. Replace xx.xx.xx.xx with your IP address by searching for “what’s my IP?” on Google.

Servers using Microsoft’s Windows operating system

The technique described here is unfamiliar to me since I’ve never posted anything on a Windows server. If you’re on a Windows server, I suggest checking Microsoft’s support materials to see what steps you need to take.


The least efficient way to prohibit access to a certain IP address is one that I save for the last option. Changing your IP will not allow you to update the plugin, which creates another issue.

At this point, the only method to get into your admin area is to use FTP to remove the plugin. To save yourself the trouble, simply use. Access in the first place instead.

Activate the Time-Based Access Control feature (Two Factor Authentication)

When you use two-factor authentication, a code is sent to the mobile device that you must input before signing in to your website. As a result, anybody else who doesn’t have physical access to your device will be unable to log into your admin area.

A plugin is needed for this, and there are both free and commercial plugins available.

Limit the number of times a user may log in.

After a given number of unsuccessful login attempts, you may enhance your WordPress website’s security by restricting access from a certain IP address.

To do this, you will need a plugin, and there are both free and paid options available.

8. Not Having Backups in Place

Automated backups are essential for everyone. When you have a website, this is a must-have.

If your website has been hacked, you may be able to swiftly restore a previous version of it using this tool.

In general, you should back up your website at least once a week, although this depends on how often you make changes to it. The more backups I have, the more prepared we are should there be an attack that goes unreported for some time, and a clean backup is no longer available from which to restore.

To speed up the recovery process, you may keep these backups on your web server, but they should also be backed up to the cloud so that you always have a copy.

9. Leaving out Schema

For SEO, we need every advantage we can get. Although schema may not directly affect ranking, it may have a beneficial impact on clickthrough rates because of additional visual clues.

Your placement in the search results could have drawn more attention than other, higher-ranking websites, so you might get clicks otherwise going to them.

Search engines use schema to understand what your content is about and how the many elements are interconnected.

You’ll want to use JavaScript to implement your schema rather than HTML markup, microdata.

There are a lot of free and commercial plugins that can assist with this. Still, I prefer to build the JSON myself and put it into the code myself since this offers me better flexibility without having to install yet another plugin to my website.

When plugins can’t handle some of the more complicated situations we encounter, we have no choice but to resort to this method.

Think of a national brand that has multiple franchise locations as an example. Schemas for the parent firm may be required on certain pages, while schemas for the parent company and the local franchise may be required on others. That need a tailored strategy.

10.Using the Wrong Permalink Configuration

Because WordPress’s default permalinks aren’t search-friendly, we’ll want to alter them.

Fixing your URL structure can assist search engines in better grasping your site’s hierarchy, which is why it’s so important.

You May Also Like…