WordPress Best Practices

Does your Marketing department complain about website functionality? Lack of conversions and downtime? As a WordPress trainer for IT departments and Marketing departments, I’ve witnessed the front line on both sides of the struggle between Marketing and IT. Implementing a few WordPress best practices can help.

Does this sound familiar?

Ugh! We can’t get anything done!

The website is slow!

IT says no to everything!

Our website is out of date.

If we wait for IT to make a decision then nothing will get done! (Let’s just not tell them.)

It seems like no matter what you do, it’s not enough.

Don’t get me wrong. I LOVE the Marketing department. They think like me. And, I don’t consider myself an IT professional. But, I’ve had the privilege of working with both IT and Marketing–in the same room–for WordPress Training. I’ve seen the frustrations coming from both points of view.

Now, back to you… the IT pro.

You want to keep things stable and secure. Meanwhile, marketing just hired a “Growth Hacker” who spends his entire day TRYING to break everything. For whatever reason, “experimenting” and “creativity” is more important than security and stability.

And, did I mention . . . IT is always the last to know? Why did nobody check with you first? Who’s idea was it to switch to WordPress anyway?

All the feuds between IT and marketers could be summed up in one phrase: no respect.

Training in WordPress best practices can help

I’m Emily Journey and I am a WordPress Instructor for IT departments. Our training team works with business owners, IT staff, marketing teams and administrative staff to help them gain confidence and learn WordPress best practices.

Since 2012, I have trained mixed groups of professionals who work for the same company but have very different goals. The face of marketing and sales has changed dramatically. Remember when the website was the domain of technology and there was a very clear boundary? It used to be that creative types couldn’t even figure out how to check their email!

Things have changed. The website management boundary is unclear.

Marketing has become digital. Everything is “content” and the host of all this creative output is technology based. Marketing?teams are struggling to keep up. Those who do keep up win the prizes of a stronger brand and more sales. That’s their bottom line. Experts in Marketing have lofty goals and the company website is a means to achieve those goals. These are different goals than those of IT. But, the truth is, their differing goals are equally valuable.

If you have an IT and Marketing department that work well together and have mutual respect, then read no further! You are among the lucky few. This unicorn does exist. I’ve seen it in the wild and it is sometimes found with smaller teams. (You know who you are.)

In the rest of this article, you’ll learn how to utilize a little training in WordPress as the secret weapon of your IT department. Once the IT?staff is equipped with a strong understanding of WordPress, they will be better prepared to head off conflicts with Marketing.

WordPress best practices for IT

Whenever I am consulting IT staff in WordPress, I put the IT spin on best practices for WordPress. Participants are ensured a strong foundation in WordPress best practices specific to the IT goals of network security and stability.

1. Limiting access based upon role.

IT administrators can utilize the built-in permission levels of WordPress to limit access. Many problems could be solved with the right role guidelines. You understand the implications of giving a guest blogger an Administrator role, but the overzealous business owner or marketing intern may not.

• Create a list of every necessary user. The boss’ cousin who helped with social media that one time may not be necessary.
• Evaluate the MOST they need to do. Nothing more, nothing less. If they don’t need to edit code, they don’t need permissions that high.

This process, combined with a lesson on the roles themselves, will get your company on the same page. No more role-based nightmares.

2. Understand WordPress Security

As the IT Department, your priority is security. You need everything to stay safe and secure, including the WordPress website. You and your team need to be up-to-date on the latest WordPress security measures.

Matt Cromwell, former Head of Support and Community Outreach at Impress.org, said this about WordPress security…

“Security isn’t easy, and it’s getting more challenging and necessary by the day. Paying for security is always a worthy investment. With that in mind, I find the following to be indispensable practices with regard to WordPress security.

Learn what hardening is and why it works. In many ways it just comes down to learning about file permissions. 777 is never good. Some things need and deserve 444.

You should also learn the difference between server-side security, app-level security, and domain- or DNS-level security. Basically, where does the line between your host’s responsibility, your security plugin’s responsibility, and your domain’s responsibility start and end? They are different things and often you can’t just point and click your way into making them all work nicely together.”

Some time with a WordPress consultant can teach your IT Department about each of these things — and more.

3. Optimize the website for speed

There are tons of ways to speed up your WordPress site with the right optimization. Pantheon outlined the following as the top optimization tips:

• Modernize PHP
• Reduce load with persistent object cache
• Improve speed and volume with reverse proxy page cache
• Tackle the ultimate bottleneck with SSD Databases & the InnoDB Engine
• Streamline search with dedicated search index

Don’t know how to implement those things? Let’s make this part of the discussion.

Some of the biggest problem areas for WordPress speed are also the easiest to address.

• Keeping too many files in the database. Remove unused WordPress plugins and themes you have in your dashboard. They are just taking up space and slowing things down.
• Images that are too large. Stick to images around 600 to 700 pixels wide. Images that are too large cause slow load times.
• Using too many plugins. "Code bloat" is a result of too much code running. All that Javascript slows things down. Often, people don't realize how many plugins they have installed. Think twice before adding another.
• Not investing in a good server. Look for space on a dedicated server or VPS hosting (virtual private server). $100 a year may sound like a deal, but cheap hosting affects website loading speeds (not to mention site security).