Skip to main content
WordPress made easy with the drag & drop Total WordPress Theme!Learn More

15 WordPress Mistakes to Avoid at all Costs

Last updated on:

Only you can make your WordPress site as powerful or weak as you want. Obviously, we all want to build the most formidable of websites, but unfortunately, this won’t happen by chance – you have to make conscious choices and then go to work. While this is the approach every WordPress user should assume, we all end up making mistakes because, firstly, we are always in a hurry and secondly, we are generally careless as a species. To err is human remember?

If you’re new to WordPress, today’s post will show you how to avoid fifteen (15) WordPress mistakes. If you slapped together your WordPress site in a rush and made these among other mistakes, this post will show you how to fix your problems and get you back on the right path.

Grab a pencil and some paper, we’re going to set up your site right in three, two, one…

1. Forgetting/Ignoring Website Backups

Have you checked out this WordPress security post? In that post, we outlined at length the measures you must take to fortify the security of your WordPress website. I would like to echo one point in that post – backing up your WordPress site.

Developing your website without regular backups is like jumping from a plane without a chute. Only Captain America does that, and if you can’t rewind time like Curtis in Misfits, please get into the habit of backing up your WordPress site or you just might lose everything.

Perhaps you forget to backup your website. Perhaps it’s tiring and you don’t have a thing for mundane tasks. Or you probably don’t have the time.  Well, you don’t have to backup your WordPress manually. You can use WordPress backup plugins or commercial services that backup your site automatically on regular basis.

WordPress Backups

Backing up your WordPress site is definitely manageable. So long as you are comfortable logging into your site via SFTP and accessing phpMyAdmin, all you need to do is download your WordPress files and database. Just follow along with our guide to backup WordPress and you’ll be good to go.

Or you can use one of the top backup plugins that we recommend. These plugins make regular manual backups a breeze thanks to built-in features and settings.

Top Backup Services

But if you’d rather take a more hands off approach there are options for that too.

  • WPEngine – Top of the class Managed WordPress Hosting provider. They provide built-in backup features. But to be extra safe you can log in and download copies of your backups to store in a secure location, like your cloud storage or an external hard drive.
  • Jetpack Backups – WordPress Backup and Security. They provide automated backups with easy restores. This is also a part of Jetpack premium Security plans and higher, so if you’re already signed up you may already have access.
  • Check with your web hosting provider. Some web hosts provide regular backups.

2. Ignoring WordPress Updates

WordPress Mistakes: Not Updating WordPress

You will be surprised by the huge number of WordPress users who run their ‘beloved’ websites on outdated versions of WordPress.

The worst part is the majority of said users believe updating to the newest version of WordPress will break their websites. So they cling on to old plugins and themes just because the developers were not bother enough to upgrade. Out here, WordPress is receiving new and exciting features all the time and getting tougher in terms of security.

If upgrades weren’t necessary, we would not have the WordPress we know and love today. Outdated features and security vulnerabilities go hand in hand, and if you’re not running your website on a current version of WordPress (preferably within the latest few releases), you’re begging to be hacked.

Don’t ignore the upgrade notifications and if a theme or plugin breaks after the upgrade, there are better alternatives. If you can’t get a suitable alternative, build one or hire a developer and stop being petty.

3. Using “Admin” as Your Username

Let me see your hand if ‘admin’ is your username? You probably have a weak password and hackers can’t wait to break into your website (if they haven’t already).

“Stop bashing me, WordPress creates the ‘admin’ username by default. It is not my mistake!” Well, you can change it! You can change it when installing WordPress. Leave it as is if you really hate your website. Never ever use ‘admin’ as your username. Then remember to create difficult to crack passwords.

4. Downloading “Free” WordPress Themes from Wherever

Fire up your favorite search engine right now and look up “free WordPress themes.” I will save you the trouble; you will get a mother load of “free” WordPress themes packaged and ready for download.

The only problem is most of these free-for-all themes aren’t really free. Most of them are laden with malicious code and links that benefit you not. The success of your WordPress blog depends on many factors one being the quality of your theme. If you choose the wrong (or defective) WordPress theme, you can as well kiss goodbye to online success. If you’re looking for professional premium WordPress themes, go with a reputable company such as:

On a tight budget? We have you covered. You can get awesome and free WordPress themes at:

Stay clear of free WordPress themes from just anywhere on the web – make sure you only download themes from reputable sources. They will drag you down. Say no to free low-quality themes.

5. Forgetting to Install a Caching Plugin

WordPress Mistakes: Forgetting a Caching WordPress Plugin

If you’re greenhorn as far as WordPress (and web development) is concerned, you probably don’t know what caching is. If you know what caching is but aren’t bothered to install a caching plugin, you are wasting a lot of seconds in page load time.

Want to give your visitors super-fast page load speeds that result in a fulfilling user experience, install a caching plugin or sign up with a Content Delivery Network (CDN). There are many WordPress caching plugins solutions, but here are the solutions we use and recommend:

Also, some WordPress hosting companies include caching options for you. WPEngine has caching built-in, and SiteGround offers a SuperCacher WordPress plugin with some of their plans. Make sure that your host doesn’t provide caching options before you install your own plugin as this could cause conflicts and end up slowing down your site. So just keep an eye out.

6. Keeping the Sample Page

A few days ago, I installed a one-page responsive theme for a client. I installed the theme on a fresh copy of WordPress that, obviously, came with the sample page. Since the one-page theme works with sections (as opposed to multiple pages) and came with its own Options Screen, the sample page was hidden from view. I saw it later when adding extra pages. Suffice to say, I would have missed the sample page if I didn’t need extra pages.

That aside, did you know over one (1) million WordPress users still have the sample page on their websites? If this is surprising, you should know a majority of these people don’t know about the sample page or forgot to delete it. If you are not using the sample page (and why would you be using it anyway when you can create a million and one other pages anyway), go ahead and delete it right away. It doesn’t look good on your professional blog. That’s because it’s a mistake.

7. Never Moderating Comments

Moderating Comments

Comments tell you how your readers are responding to your marketing message. But it takes determination and effort to moderate comments especially if you get more than a few. Many small business owners don’t know how to manage their websites, and they end up stuck with tons of comments that require moderating. They keep putting it off until it bogs them down.

Then we have spam comments, which can really hurt your SEO besides scaring away readers. Never approve spam comments even by accident – no matter how well written. How do you tell good comments from spam comments? How do you separate the wheat from the chaff? Well, it’s easy. If it walks like a duck, quacks like a duck, looks like a duck, it must be a duck. If it’s spam, you will know immediately.

If you don’t want comments, disable comments via Settings > Discussion > Default Article Settings or use a plugin such as Disable Comments Plugin. To keep spam comments in check use Akismet or any of these spam blocking plugins.

8. Too Many Categories, Not Enough Tags

WordPress allows you to create categories and tags easily. This can help you to group related posts to enhance accessibility. Often times, people get carried away and end up creating category after category to go with each new post.

Unfortunately, many people don’t tag their posts as much as they categorize them. They end up creating hundreds of categories and few (if any) tags. This is not good for your SEO and site architecture. Furthermore, you can use categories and tags interchangeably. You can even use tags in navigation menus just like categories. Learn more about WordPress categories vs tags in this guide on our blog.

9. Using the Default Favicon

I’m guilty of this one. In a rush to launch their site and start making money (haha), many WordPress users often forget to change their favicons. You will spot sites that have favicons from their hosting providers e.g. Bluehost or from their framework company e.g. Genesis.

Just like your logo, your favicon is your identity on the web. Moreover, your visitors will see your favicon when they bookmark your site. As you can see, these are great reasons to change your favicon. It’s easy work as you will see in our guide on how to add a WordPress favicon.

10. Going with the Wrong Platform

Stuck between WordPress.com and WordPress.org? Don’t know which option to choose? Many beginners often make the wrong choice and end up regretting later.

While each platform has its benefits, self-hosted WordPress (.ORG) is a great option for many a business – small and large since it gives you more control over your website. You own your domain and content, plus there are many affordable hosting options available. But in the end, choose a platform that suits your needs. This guide on WordPress.com vs WordPress.org should help.

11. Not Having a Mobile or Responsive Website

Mobile Responsive Websites

The future is mobile and you’re doing yourself a disservice if your WordPress website can’t adapt to mobile devices. If your website is not mobile friendly, you might be losing out on a lot of business. Other than that, Google will penalize you if your mobile traffic redirects to your desktop homepage.

You can mobilize your site by simply using a responsive WordPress theme from the get go. Responsive design (uses HTML + CSS3) ensures your website looks good on all devices irrespective of the screen width. But if you’re married to your current non-mobile ready design you can use a plugin such as WPtouch (if you must).

12. Forgetting to Setup Permalinks

Unfortunately many people use the default WordPress URL structure i.e. yourdomain.com/?p=23. Which really isn’t the best for SEO or usability. While you can leave your permalinks looking like this – we recommend using a permalink structure that better suits your site setup.

WordPress Permalink Structures

To choose a permalink structure go to Settings > Permalinks and select an available setting (we feel the Post Name option makes sense for the majority of websites) or create a custom structure using available tags.

Note: It’s best to choose a permalink structure when you first create your site with WordPress and stick with it. You can change your format later on, however we recommend reading through this guide on changing permalinks before you make any changes.

13. Not Having a Contact Page

The contact page is an integral part of most websites. It should work really hard for your online business, but it is surprising to see how many WordPress users shoot themselves in the foot by forgetting to include a one.

Depending on the nature of your business you may want to list your information publicly, or use a contact form. Just be careful making your email address readily available as this will inevitably attract spam to your mailbox.

A contact form is a great option on the other hand will facilitate engagement. There are plenty of free and premium contact form plugins available, as well as many premium themes with contact forms built-in.

14. Forgetting Google Analytics

Google Analytics

The majority of new users don’t install Google Analytics after installing WordPress. Maybe you are okay with Jetpack stats but you should know you’re missing out on so much insight about your site.

Google Analytics helps you to break down your traffic, so you will know what to optimize for better performance. We recommend installing Google Analytics and signing up with Google Search Console.

15. Not Optimizing Images

When you start using WordPress, you’re in hurry to publish your first post that you may forget to optimize images. Heavy images slow down your website negatively affecting user experience.

Before uploading images to your WordPress site, optimize them for best performance. To avoid using media that is too large try using these tips:

  • Check your image editor for the ‘Save For Web’ option
  • Compress images with optimization software or with a web option like TinyPNG
  • Add an image optimization plugin to your site

Over to you…

We’ve just listed fifteen WordPress mistakes you should avoid at all costs. Hopefully this guide will help you get started on the right track! Aware of other WordPress mistakes other readers should avoid? Please be kind enough to share in the comments.

Article by Freddy WPExplorer.com guest author
Subscribe to the Newsletter

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.

26 Comments

  1. Bruce Gerencser

    Great list, Freddy. While I am not a designer or a WordPress expert, I do get asked quite frequently about how to get started blogging. Your 15 points are excellent advice for anyone wanting to start a blog.

    • Freddy

      Thank you for your comment Bruce. It’s much appreciated 🙂

    • sayem

      This is really amazing content. The maximum of the WordPress bloggers of us is not aware of these kinda mistakes. You have grabbed all of theme. Thanks for the reminder. Keep writing more.

      Regards,
      Sayem Ibn Kashem

  2. franklinle

    Hi freddy, great checklist provided by you in this blog post i am also in this same field which solve the problem and issue regarding wordpress and developing wordpress website so this post will help me,looking forward to read your new post regarding wordpress

    • Freddy

      Thanks for passing by Frank!

  3. Steve Covello

    Don’t forget to VALIDATE your code and check the debug report. Don’t assume all themes and plugins are compliant.

    • AJ Clarke

      Great tip! But also don’t forget validation for HTML5 is “experimental”, so unless you know what you are doing you might think a theme is broken when it’s not. So always ask the developer regarding the errors!

  4. Mathijslemmers

    Great post!
    Relieved that I knew of all the mistakes, but it was really helpfull to see some different solutions to everything.
    Thanks a lot!

    • Freddy

      Thank you for passing by!

  5. Josh N.

    Use a Database Query Checker plugin to make sure you’re not using a ton of database calls where you don’t need them. If you don’t, you could be adding a few seconds to page load time, which can cripple your website’s traffic.

  6. Dan Knauss

    It does not matter what your username is, whether it is admin or anything else. All usernames are exposed to public view; they are not a security mechanism.

    Re. caching and Cloudflare, they are generally a waste of time unless you have a very high volume of visitors — in which case you should be using a host that handles caching on the server. If you have a low volume site, its still a great benefit of the best WP hosts nowadays that they take care of caching for you. Just add widget cache, lazy loading and optimize your images. If you must use a caching plugin, try one of the simple ones that reduce your site to a completely static set of files.

    • AJ Clarke

      Hi Dan,

      * A lot of the spammers out there will try to guess your password using admin as the login, by changing it they will have to guess both. It’s not a huge layer of “security” but it’s a good habit. I personally leave the “admin” username but I set it to “subscriber”.

      * I agree 100% about the caching and CDN, the issue is a lot of people are on a tight budget and can’t afford or aren’t willing to pay the price of some of the better hosts that do include built-in caching. Or on the other spectrum, if you have a fully dedicated server it’s not going to have that built-in so you will need to add something, if you aren’t very tech-savvy Cloud-flare can come into handy for speeding things up on your dv environment.

  7. Alex

    Nice post for beginners, they often forget to remove the sample page and comment. Another mistake is to keep the uncategorized category.

    Otherwise, you can check the WP Rocket caching plugin. WP Tavern reviewed it a few weeks ago :
    http://wptavern.com/wp-rocket-launches-commercial-caching-plugin-for-wordpress

    The best point is that it’s really easy to set up compared to W3TC and WSC.

    Keep up the great work 🙂
    Alex

  8. Denis Giuffrè

    I’m glad to realize I’m already following all the 15 tips….I also like taking care of SEO optimization (through a dedicated plug-in for example) and yet of website security against spammers, bad queries, thieves and so on … since I’m not a programmer I use plugins and step by step tutorials

    • Freddy

      Awesome! Thank you for passing by Dennis 🙂

  9. Freddy

    Yeah, many people keep the uncategorized category 🙂 WP Rocket looks like a great commercial caching plugin. Thank you for sharing and your kind words 🙂

  10. Cabochon2

    Could you explain how to change the username? I’ll admint that I have “admin”, but the username field is grayed out on the dashboard and it says “user names cannot be changed.” Help!

    • AJ Clarke

      Simply create a new admin account and give it a normal name then you should be able to make your old admin account a “subscriber” this way if it gets hacked it’s only a subscriber so it’s a useless account 😉

  11. Priyanka Jain

    couple of webdesign errors I see these days on blogs that would definitely scare me, nice to read your article i will redesign my website according to your article guidance. thank you.

  12. Dzon

    Hi guys, do you think, by any circumstance, is using a cache plugin can be a mistake? I don’t know, for some specific case?
    Thank you

    • AJ Clarke

      You should ALWAYS cache your site when using WordPress. However, some hosts like WPEngine which we use have built-in cache so using a cache plugin can actually make things A LOT worse. But also specific options in your caching plugin may not be “compatible” with your webhost so you need to take your time and setup the plugin exactly to match your needs. That’s why when using WordPress we usually recommend hosts that have caching built-in so there isn’t any setup necessary, caching plugins can be a pain to deal with.

      • Dzon

        Thank you very much AJ!
        Regards

  13. muslitta

    I am one of those who do not know what Caching plagin is)) bu I like the article, there is some information useful to know. thanks

    • Freddy

      Hey Muslitta. Caching is temporarily storing recently used data (HTML, images, files, web objects etc) on the local hard drive in order to make it faster for the user to access it. For instance, when you return to a web page you have recently accessed, the browser pulls those files from the cache instead of the original server, improving the page load speeds. A caching plugin helps you to build a cache (memory dedicated to temporary data storage) for your WordPress site, making it faster for returning users. Caching plugins create static version of your content, so that the user doesn’t need to load the content dynamically from the server every time they return to your site. Hope that helps.

  14. Shivam Sahu

    Hey Freddy,
    Great article, and while I knew most of these tips there are a still a few I didn’t know about. One thing I see on some new (and maybe even older) WordPress site is people don’t disable/remove the meta admin widget from their sidebar. No reader/viewer/client/customer, etc needs to see a link for you to log into your WordPress dashboard when they got to your site. That tab is completely useless (just go to yoursite.com/WP-admin) and should be removed as soon as your site is active.

    • AJ Clarke

      That’s a good call, I actually see that fairly often as well. Another thing is people that use free themes and don’t change the footer copyright content. I know some themes don’t allow it, but for example our free themes all have settings in the Customizer to add your own custom copyright info instead of the default theme links but people often never see the option or even think about changing the text. I’ll update the post to add a few more tips 😉 Thanks for the good one!

Leave a Reply

Your email address will not be published. Required fields are marked *

Learn how your comment data is processed by viewing our privacy policy here.