Skip to main content
WordPress made easy with the drag & drop Total WordPress Theme!Learn More

WordPress Tips: 15 WordPress Mistakes to Avoid at all Costs

December 26, 2017

Only you can make your WordPress site as powerful or weak as you want. Obviously, we all want to build the most formidable of websites, but unfortunately, this won’t happen by chance – you have to make conscious choices and then go to work. While this is the approach every WordPress user should assume, we all end up making mistakes because, firstly, we are always in a hurry and secondly, we are generally careless as a species. To err is human remember?

If you’re new to WordPress, today’s post will show you how to avoid fifteen (15) WordPress mistakes. If you slapped together your WordPress site in a rush and made these among other mistakes, this post will show you how to fix your problems and get you back on the right path.

Grab a pencil and some paper, we’re going to set up your site right in three, two, one…

1. Forgetting/Ignoring Website Backups

Have you checked out this WordPress security post? In that post, we outlined at length the measures you must take to fortify the security of your WordPress website. I would like to echo one point in that post – backing up your WordPress site.

Developing your website without regular backups is like jumping from a plane without a chute. Only Captain America does that, and if you can’t rewind time like Curtis in Misfits, please get into the habit of backing up your WordPress site or you just might lose everything.

Perhaps you forget to backup your website. Perhaps it’s tiring and you don’t have a thing for mundane tasks. Or you probably don’t have the time.  Well, you don’t have to backup your WordPress manually. You can use WordPress backup plugins or commercial services that backup your site automatically on regular basis. I would like to recommend:

Top Backup Services

  • WPEngine – Top of the class Managed WordPress Hosting provider. They provide built-in backup features.
  • VaultPress – WordPress Backup and Security. They provide automated backups with easy restores.
  • Check with your web hosting provider. Some web hosts provide regular backups.

WordPress Backup Plugins

2. Ignoring WordPress Updates

Updating WordPress

You will be surprised by the huge number of WordPress users who run their ‘beloved’ websites on outdated versions of WordPress.

The worst part is the majority of said users believe updating to the newest version of WordPress will break their websites. So they cling on to old plugins and themes just because the developers were not bother enough to upgrade. Out here, WordPress is receiving new and exciting features all the time and getting tougher in terms of security.

If upgrades weren’t necessary, we would not have the WordPress we know and love today. Outdated features and security vulnerabilities go hand in hand, and if you’re not running your website on WordPress 3.9.1 or higher, you’re begging to be hacked.

Don’t ignore the upgrade notifications and if a theme or plugin breaks after the upgrade, there are better alternatives. If you can’t get a suitable alternative, build one or hire a developer and stop being petty.

3. Using “Admin” As Your Username

Let me see your hand if ‘admin’ is your username? You probably have a weak password and hackers can’t wait to break into your website (if they haven’t already).

“Stop bashing me, WordPress creates the ‘admin’ username by default. It is not my mistake!” Well, you can change it! You can change it when installing WordPress. Leave it as is if you really hate your website. Never ever use ‘admin’ as your username. Then remember to create difficult to crack passwords.

4. Downloading “Free” WordPress Themes From Wherever

Fire up your favorite search engine right now and look up “free WordPress themes.” I will save you the trouble; you will get a mother load of “free” WordPress themes packaged and ready for download.

The only problem is most of these free-for-all themes aren’t really free. Most of them are laden with malicious code and links that benefit you not. The success of your WordPress blog depends on many factors one being the quality of your theme. If you choose the wrong (or defective) WordPress theme, you can as well kiss goodbye to online success. If you’re looking for professional premium WordPress themes, go with a reputable company such as:

On a tight budget? We have you covered. You can get awesome and free WordPress themes at:

Stay clear of free WordPress themes from just anywhere on the web – make sure you only download themes from reputable sources. They will drag you down. Say no to free low-quality themes.

5. Forgetting To Install A Caching Plugin

Caching WordPress Plugin

If you’re greenhorn as far as WordPress (and web development) is concerned, you probably don’t know what caching is. If you know what caching is but aren’t bothered to install a caching plugin, you are wasting a lot of seconds in page load time.

Want to give your visitors super-fast page load speeds that result in a fulfilling user experience, install a caching plugin or sign up with a Content Delivery Network (CDN). Here are the solutions I use to supercharge my websites:

Other options:

Also, some WordPress hosting companies include caching options for you. WPEngine has caching built-in, and SiteGround offers a SuperCacher WordPress plugin with some of their plans. Make sure that your host doesn’t’ provide caching options before you install your own plugin as this could cause conflicts and end up slowing down your site. So just keep an eye out.

6. Keeping The Sample Page

A few days ago, I installed a one-page responsive theme for a client. I installed the theme on a fresh copy of WordPress that, obviously, came with the sample page. Since the one-page theme works with sections (as opposed to multiple pages) and came with its own Options Screen, the sample page was hidden from view. I saw it later when adding extra pages. Suffice to say, I would have missed the sample page if I didn’t need extra pages.

That aside, did you know over one (1) million WordPress users still have the sample page on their websites? If this is surprising, you should know a majority of these people don’t know about the sample page or forgot to delete it. If you are not using the sample page (and why would you be using it anyway when you can create a million and one other pages anyway), go ahead and delete it right away. It doesn’t look good on your professional blog. That’s because it’s a mistake.

7. Never Moderating Comments

Moderating Comments

Comments tell you how your readers are responding to your marketing message. But it takes determination and effort to moderate comments especially if you get more than a few. Many small business owners don’t know how to manage their websites, and they end up stuck with tons of comments that require moderating. They keep putting it off until it bogs them down.

Then we have spam comments, which can really hurt your SEO besides scaring away readers. Never approve spam comments even by accident – no matter how well written. How do you tell good comments from spam comments? How do you separate the wheat from the chaff? Well, it’s easy. If it walks like a duck, quacks like a duck, looks like a duck, it must be a duck. If it’s spam, you will know immediately.

If you don’t want comments, disable comments via Settings >> Discussion >> Default Article Settings or use a plugin such as Disable Comments Plugin. To keep spam comments in check use Akismet or any of these spam blocking plugins.

More resources:

8. Too Many Categories, Not Enough Tags

WordPress allows you to create categories and tags easily. This can help you to group related posts to enhance accessibility. Often times, people get carried away and end up creating category after category to go with each new post.

Unfortunately, many people don’t tag their posts as much as they categorize them. They end up creating hundreds of categories and few (if any) tags. This is not good for your SEO and site architecture. Furthermore, you can use categories and tags interchangeably. You can even use tags in navigation menus just like categories. Learn more about Categories vs Tags in the Codex.

9. Using The Default Favicon

I’m guilty of this one. In a rush to launch their site and start making money (haha), many WordPress users often forget to change their favicons. You will spot sites that have favicons from their hosting providers e.g. Bluehost or from their framework company e.g. Genesis.

Just like your logo, your favicon is your identity on the web. Moreover, your visitors will see your favicon when they bookmark your site. As you can see, these are great reasons to change your favicon. It’s easy work as you will see in Redesigning Your WordPress Website (To Add A Personal Touch).

10. Going With The Wrong Platform

Stuck between WordPress.com and WordPress.org? Don’t know which option to choose? Many beginners often make the wrong choice and end up regretting later.

While each platform has its benefits, self-hosted WordPress is a great option for many a business – small and large since it gives you more control over your website. Choose a platform that suits your needs. This guide on WordPress.com vs WordPress.org should help.

11. Not Having A Mobile Or Responsive Site

Mobile Responsive Websites

The future is mobile and you’re doing yourself a disservice if your WordPress website can’t adapt to mobile devices. If your website is not mobile friendly, you might be losing out on a lot of business. Other than that, Google will penalize you if your mobile traffic redirects to your desktop homepage.

You can mobilize your site using plugins such as WPtouch or use responsive design from the get go. Responsive design (uses HTML + CSS3) ensures your website looks good on all devices irrespective of the screen width.

12. Forgetting To Setup Your Permalinks

As we saw in Built-In WordPress Options You Should Be Using, many people use the default URL structure i.e. yourdomain.com/?p=23. You don’t want to leave your permalinks looking like this – it’s bad for your SEO as well as user experience. After installing WordPress, go to Settings >> Permalinks and update your permalinks.

13. Not Installing A Contact Form

The contact form is an integral part of any website. The contact page should work really hard for your online business, but it is surprising to see how many WordPress users shoot themselves in the foot by forgetting to include a contact form on their contact pages.

Many people just list emails and perhaps a telephone number and forget about the contact form entirely. Bad move. Listing your emails will only attract spam to your mailbox. A contact form on the other hand will facilitate engagement. WordPress has a built in contact form builder that is accessible via the post editor but if you need more features, you can check out Contact Form 7 or Gravity Forms.

14. Forgetting Google Analytics

Google Analytics

The majority of new users don’t install Google Analytics after installing WordPress. Maybe you are okay with Jetpack stats but you should know you’re missing out on so much insight about your site.

Google Analytics helps you to break down your traffic, so you will know what to optimize for better performance. We recommend installing Google Analytics and signing up with Google Webmaster Tools.

15. Not Optimizing Images

When you start using WordPress, you’re in hurry to publish your first post that you forget to optimize your images. Heavy images slow down your website negatively affecting user experience. Before uploading images to your WordPress site, optimize them for best performance. If you use Adobe Photoshop, ensure you save your images for the web with the ‘Save For Web’ options. Check your image editing software for the ‘Save For Web’ option.

Over to you…

We’ve just listed fifteen (15) of the worst WordPress mistakes you should avoid at all costs. Aware of other WordPress mistakes other readers should avoid? Please be kind enough to share in the comments 🙂

avoid-wordpress-mistakes
Article by Freddy WPExplorer Author
Published on: June 23, 2014
Last updated on: December 26, 2017
Subscribe to the Newsletter

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.

25 Comments

  1. Bruce Gerencser says:

    Great list, Freddy. While I am not a designer or a WordPress expert, I do get asked quite frequently about how to get started blogging. Your 15 points are excellent advice for anyone wanting to start a blog.

  2. franklinle says:

    Hi freddy, great checklist provided by you in this blog post i am also in this same field which solve the problem and issue regarding wordpress and developing wordpress website so this post will help me,looking forward to read your new post regarding wordpress

  3. Steve Covello says:

    Don’t forget to VALIDATE your code and check the debug report. Don’t assume all themes and plugins are compliant.

    • AJ Clarke says:

      Great tip! But also don’t forget validation for HTML5 is “experimental”, so unless you know what you are doing you might think a theme is broken when it’s not. So always ask the developer regarding the errors!

  4. Mathijslemmers says:

    Great post!
    Relieved that I knew of all the mistakes, but it was really helpfull to see some different solutions to everything.
    Thanks a lot!

  5. Josh N. says:

    Use a Database Query Checker plugin to make sure you’re not using a ton of database calls where you don’t need them. If you don’t, you could be adding a few seconds to page load time, which can cripple your website’s traffic.

  6. Dan Knauss says:

    It does not matter what your username is, whether it is admin or anything else. All usernames are exposed to public view; they are not a security mechanism.

    Re. caching and Cloudflare, they are generally a waste of time unless you have a very high volume of visitors — in which case you should be using a host that handles caching on the server. If you have a low volume site, its still a great benefit of the best WP hosts nowadays that they take care of caching for you. Just add widget cache, lazy loading and optimize your images. If you must use a caching plugin, try one of the simple ones that reduce your site to a completely static set of files.

    • AJ Clarke says:

      Hi Dan,

      * A lot of the spammers out there will try to guess your password using admin as the login, by changing it they will have to guess both. It’s not a huge layer of “security” but it’s a good habit. I personally leave the “admin” username but I set it to “subscriber”.

      * I agree 100% about the caching and CDN, the issue is a lot of people are on a tight budget and can’t afford or aren’t willing to pay the price of some of the better hosts that do include built-in caching. Or on the other spectrum, if you have a fully dedicated server it’s not going to have that built-in so you will need to add something, if you aren’t very tech-savvy Cloud-flare can come into handy for speeding things up on your dv environment.

  7. Alex says:

    Nice post for beginners, they often forget to remove the sample page and comment. Another mistake is to keep the uncategorized category.

    Otherwise, you can check the WP Rocket caching plugin. WP Tavern reviewed it a few weeks ago :
    http://wptavern.com/wp-rocket-launches-commercial-caching-plugin-for-wordpress

    The best point is that it’s really easy to set up compared to W3TC and WSC.

    Keep up the great work 🙂
    Alex

  8. Denis Giuffrè says:

    I’m glad to realize I’m already following all the 15 tips….I also like taking care of SEO optimization (through a dedicated plug-in for example) and yet of website security against spammers, bad queries, thieves and so on … since I’m not a programmer I use plugins and step by step tutorials

  9. Freddy says:

    Yeah, many people keep the uncategorized category 🙂 WP Rocket looks like a great commercial caching plugin. Thank you for sharing and your kind words 🙂

  10. Cabochon2 says:

    Could you explain how to change the username? I’ll admint that I have “admin”, but the username field is grayed out on the dashboard and it says “user names cannot be changed.” Help!

    • AJ Clarke says:

      Simply create a new admin account and give it a normal name then you should be able to make your old admin account a “subscriber” this way if it gets hacked it’s only a subscriber so it’s a useless account 😉

  11. Priyanka Jain says:

    couple of webdesign errors I see these days on blogs that would definitely scare me, nice to read your article i will redesign my website according to your article guidance. thank you.

  12. Dzon says:

    Hi guys, do you think, by any circumstance, is using a cache plugin can be a mistake? I don’t know, for some specific case?
    Thank you

    • AJ Clarke says:

      You should ALWAYS cache your site when using WordPress. However, some hosts like WPEngine which we use have built-in cache so using a cache plugin can actually make things A LOT worse. But also specific options in your caching plugin may not be “compatible” with your webhost so you need to take your time and setup the plugin exactly to match your needs. That’s why when using WordPress we usually recommend hosts that have caching built-in so there isn’t any setup necessary, caching plugins can be a pain to deal with.

  13. muslitta says:

    I am one of those who do not know what Caching plagin is)) bu I like the article, there is some information useful to know. thanks

    • Freddy says:

      Hey Muslitta. Caching is temporarily storing recently used data (HTML, images, files, web objects etc) on the local hard drive in order to make it faster for the user to access it. For instance, when you return to a web page you have recently accessed, the browser pulls those files from the cache instead of the original server, improving the page load speeds. A caching plugin helps you to build a cache (memory dedicated to temporary data storage) for your WordPress site, making it faster for returning users. Caching plugins create static version of your content, so that the user doesn’t need to load the content dynamically from the server every time they return to your site. Hope that helps.

  14. Shivam Sahu says:

    Hey Freddy,
    Great article, and while I knew most of these tips there are a still a few I didn’t know about. One thing I see on some new (and maybe even older) WordPress site is people don’t disable/remove the meta admin widget from their sidebar. No reader/viewer/client/customer, etc needs to see a link for you to log into your WordPress dashboard when they got to your site. That tab is completely useless (just go to yoursite.com/WP-admin) and should be removed as soon as your site is active.

    • AJ Clarke Avatar AJ Clarke says:

      That’s a good call, I actually see that fairly often as well. Another thing is people that use free themes and don’t change the footer copyright content. I know some themes don’t allow it, but for example our free themes all have settings in the Customizer to add your own custom copyright info instead of the default theme links but people often never see the option or even think about changing the text. I’ll update the post to add a few more tips 😉 Thanks for the good one!

Leave a Reply

Your email address will not be published. Required fields are marked *

Learn how your comment data is processed by viewing our privacy policy here.