Skip to main content
WordPress made easy with the drag & drop Total WordPress Theme!Learn More

25+ Common WordPress Mistakes to Avoid

February 3, 2015

As a content curator, one of the biggest and most embarrassing) mistakes I made in 2014 is to repeat the known mistakes when it came WordPress and blogging in general. Every New Year calls for new resolutions. Some (try to) lose weight – “I’m going to weigh 130 pounds by the end of this year”, some make adventurous plans – “I’m definitely going skydiving in March”, while some decide to finally tie the knot – “It’s time we eternalized it”! Not that we’re a month into this year, let us all add a resolution to the list – “WordPress mistakes never to repeat in 2015 (or the years to come)”.

I’ve been contributing to WPExplorer for over a year now and I’d like to kick off this year with a brand new post series which deals with the most common WordPress mistakes. We start by looking at 5 crucial factors that deal with launching a WordPress site and move on to recommendations that will bear fruit in the long run. These well-known points can be easily classified under “been there, done that” category, but make sure that you don’t repeat them like I did. Remember, even the trained eye gets weary at times.

WordPress Mistakes & Solutions

You will find a lot of articles online addressing similar issues that I intend to discuss in the upcoming posts. But I found one aspect that was missing from most of them – an in-depth explanation. Why? Why not? What are the consequences? Any solutions? Alternatives? Examples?

These are the questions I was asking myself when I read these articles. I intend to discuss each of the common issues, at length, so that you can have a strong understanding of the subject.

All the points discussed in this post come from experience, experimentation and of course, lessons learnt from past mistakes. I’ve tried to present as many examples as possible, so that you could gain practical experience, and relate what you read, to actual scenarios. I urge you to save this article in an offline reader such as Instapaper or Pocket and read it at your leisure. So just sit back, relax and enjoy the article.

1. Not Taking a Backup

Have you ever found yourself thinking – Hey this is a new site, I barely have any content. Let me worry about the backup later. Dear friend, let me tell you that it is one of the crucial mistakes you can make in your WordPress career. It might cost you a little money, a lot of money or in the worst of cases, everything. There have been spine-chilling stories of online entrepreneurs (bloggers, content curators, etc.) who’ve lost thousands of dollars, just because they postponed the backup.

Scheduling and securing backups is one of the fundamental responsibilities of a webmaster, from any discipline. When it comes to WordPress, the room for error is limited for an apprentice. But once you get down to the technical side of things, like modifying a theme or configuring an advanced plugin, you could:

  • Destroy the site’s look
  • Harbour security loopholes
  • Spawn the White Screen of Death

Unrecoverable incidents are quite common, and you can’t be right all the time. Thus, a backup is a necessary precaution. If you’re one of those folks who think that WordPress automatically backs up your data – you’re wrong. Read more about the common WordPress backup myths in my article – 10 WordPress Backup Tales That Could Kill Your Site.


There are plenty free and premium WordPress backup plugins available each with varying features. If you plan to have a number of WordPress sites, VaultPress is your best choice. It’s designed and maintained by Automattic (the company behind our favourite CMS) and is trusted by millions of users. Some of our favourite WordPress backup plugins include:

  1. VaultPress (premium)
  2. Solid Backups (premium)
  3. BackWPUp (free)

2. Testing New Products on a Live Site

Testing On A Live Site

Many folks repeat this seemingly harmless, yet devastating mistake. Suppose you have a live WordPress site and you want to install a backup plugin – say BackWPUp, after reading my last point (yay!). But you decide to install the plugin directly on the live site – just to save the extra effort.

What if something goes wrong, and you need to put your site offline for a couple of hours in order to fix the new, unprecedented damage? Let’s see some of the things you’re going to lose:

  1. Organic traffic from search engines
  2. Direct referral traffic
  3. Affiliate income
  4. Advertisement clicks
  5. Conversions and sales
  6. Email opt-ins
  7. Lose your search engine rank – when Google redirects a searcher to your site and finds that it’s offline, you automatically lose SEO points

In other words, you’re going to lose traffic and money!


If you are in the business of testing out new themes and plugins in your WordPress site, I’d suggest using an experimental copy of your live site. The best example would be the staging area in WPEngine. It simply replicates a most recent copy of your WordPress site as another installation, for you to experiment. If you break anything, you can simply restore from the last working backup.

If your host does not have access to a staging area (which is why we always recommend using great WordPress hosting environment), I suggest you setup your own staging area (tutorial coming up). Experiment with new products and services on your experimental setup. Once the new addition is properly configured in your site, simply merge it with your live site.

3. Not Securing your WordPress Backup

Securing Your Website Backups

Or as I like to call it: Backup your backup.

Yep, that’s right. Taking a full backup and keeping it in your computer’s hard drive is as good as taking a backup in a scratched DVD. The most reliable way is to upload your backup to the cloud – and we’ve got plenty of (free) options to choose from – Dropbox, Box, SkyDrive, etc. We recommend the free BackWPUp plugin, or VaultPress – both of which automatically uploads your backup to the cloud.

4. Not using Permalinks

Not Using Permalinks

Permalinks are nothing but the way your site’s URL is structured. By default, WordPress uses the following permalink:<post-id>

Let’s remember this structure will always work, regardless of adding new permalink structures. It is recommend to use a user friendly URL structure – one that contains keywords. This will your visitors remember the URL better, and will improve search engine rankings. Consider my MaxCDN review article. Both the following URLs work, but the second one is more memorable and works well for search engines.



We at WPExplorer use and recommend using the Post Name permalink structure.

  • To change permalinks through the WordPress admin area, your .htaccess file must be writable.
  • To do this, WordPress officially recommends that you change the file permission of the .htaccess file to 644.
  • If you do not have permission to update .htaccess through the admin area, WordPress will give you the code for your chosen permalink structure so that you update the .htaccess file manually. You can then manually update the .htaccess file via your hosting account file manager or using a File Transfer Protocol (FTP) client.

5. Using Cheap Web Hosting

Cheap Web Hosting Pitfall

Most people recommend using a shared host when you start with your WordPress site. We’ve used BlueHost in the past and highly recommend it. While it costs around $5 a month, some people try to go for new hosting companies they’ve seen in various hosting forums. Reason being – they’re cheap. (Some even offer hosting packages for $1 a month!).

The Problem with Cheap Web-Hosting Companies

You get what you pay for. Cheap hosting companies usually flood their servers with one too many client accounts. One traffic spike (or a DDoS attack) and the whole cluster (including all the websites in that cluster) is down! Such hosting companies also have a very low tolerance limit for resource overuse.

Download Related Posts for WordPress

A classic example is the Related Posts Plugin for WordPress. Related Posts queries the WordPress database to find out the posts that are related to a certain post (let’s say XYZ), using search parameters like tags and categories. The resulting posts are then displayed below the current post (XYZ).  This technique serves as an excellent means to improve user engagement and decrease your bounce rate on your WordPress site.

In the backend, YARPP’s search process requires significant queries to the WordPress database, which increases with the number of posts, tags and categories in your WordPress site. More queries = higher server load = slower site.

The problem is, this overuse happens automatically, and you cannot limit the amount of server resource the plugin can use. (Would be awesome though, if you could). But you’re accountable for the resources you use. Once you exceed a certain limit, the server resource monitor logs a resource overuse/abuse against your account. Repeat this a couple of times, and your account is automatically suspended.

Therefore, you should always go for recommended web hosting companies and when the time comes, move to a more powerful solution like a VPS or even better, managed WordPress hosting.

6. Installing Too Many Plugins

network hub

In our last article, we talked about how the YARRP plugin can cause server resource overuse, which can lead to the suspension of your shared hosting account. A similar problem takes place when you install and activate a lot of unnecessary plugins – ones which you rarely use.

It is important to realize the difference between an installed plugin and an activated plugin. All plugins have two states – activated and deactivated.

  • By default, when you install a plugin (irrespective of the method of installation – FTP upload or via the plugin manager), the plugin remains deactivated. You have to manually activate the plugin for it to work.
  • The second state is the active state, where the plugin is active and functioning in your WordPress site

The adverse effects begin to arise when you have multiple active plugins. There are two main problems that can arise:

  1. Inter-plugin and plugin-theme conflicts – A particular plugin (or theme) may not work due to some restriction imposed by another plugin (or theme). Let me introduce you to a programming concept called mutual exclusion. One plugin (or theme) might hold on to a particular resource (for an indefinite amount of time) and not let others use that resource. If another plugin wants to access the resource, it can’t – because it’s previously blocked. Thus, the new plugin wouldn’t work.
  2. Buggy plugins – There are a plethora of plugins available in the WordPress repository. Anyone can contribute to it – a novice programmer, or an expert with a decade of programming experience. The difference lies in the quality of code where the latter would undoubtedly excel. Therefore, we should avoid plugins with a low download count. Even if we do, make sure to test in in an experimental setup


  • Stick to reputed and popular themes and plugins
  • Use the required number of plugins (try to keep it as low as possible)
  • Deactivate unused plugins
  • Avoid downloading plugins that aren’t available in the WordPress repository
  • Check for plugin compatibility with your current WordPress version
  • Perform a full backup before installing a plugin with major functionality
  • Try to create an experimental setup of your WordPress site, and install plugins in it

Some of you may ask – Is it okay to install as many plugins as we want, and activate the ones that are strictly necessary? The answer to this excellent question would be – to your surprise – no! Here’s why:

Certain plugins, for example – WordPress SEO plugin by Yoast, require a certain amount of bookkeeping. The various SEO parameters, custom settings, etc. All of this information is stored in your WordPress database.

Most plugins create new field entries in your WordPress database, the moment you activate them. When you install too many of these plugins, it unnecessarily bloats the database size. Later, even if you deactivate the plugin – the newly created fields in the WordPress database would still continue to exist. So just be sure to put a bit of thought into which plugins you’re activating.

7. Frequent Theme Changes


Themes are the attire to the WordPress site. Some feature-rich themes like the Total WordPress theme can be used in thousand different projects – each with a unique layout. A clean, well-organized theme will do wonders for your conversion rate.

It’s a common practice among novice bloggers (or site owners) to keep jumping from one theme to another. When it comes to WordPress, the temptation is just too much! You have thousands of beautifully crafted free themes – at your fingertips!

Naturally, new WordPress users won’t be satisfied with the theme they’ve installed and would tend to switch themes – in search of the perfect one. I remember the number of themes I switched while constructing my first blog – 27!

Here’s one piece of advice I wish I took:

There’s no such thing as the perfect theme!

Now let’s explore the “why” part.

The Technical Part

customize wp theme

Just like plugins, certain feature-rich themes include additional properties such as custom settings, up-votes, ratings, etc. Storing these settings would require the creation of new tables or fields in your WordPress database. Similar to the plugins case, when you install too many themes, the same effect is carried forward. You ultimately end up having a cluttered database, with an increased query response time.

The Psychological Aspect


When someone visits your site, an image is automatically registered in his mind. If the quality of content and design is good, you earn one point in the visitor’s mind. When the same person visits your site again (at another time and sees the same design), his memory will be refreshed. You will then have scored two reputation points in his mind. This is how you establish your site’s reputation.

Now consider the alternative. Suppose you kept on changing your theme. If the visitor sees a completely different design in his second visit, his memory isn’t refreshed. Your previous impression is lost and a new impression is created. All your previously accumulated impression points are lost.

The Brand Factor


Finally, there’s the branding aspect. Every site or business must strive to establish their brand. Once you’ve established a brand name for your company, there’s no limit to your success. Take Elegant Themes for example. Their Monarchsocial plugin, got a tremendous response from the online community – right from the day of its launch. We must try to keep a single theme associated with our site/brand.

8. Installing WordPress In A Subfolder Called ‘wordpress’

wordpress folder

Many WordPress auto installers like Softaculous install WordPress any way you prefer. Some folks think “Since I’m installing WordPress, I should install it in a proper (named) folder” No! That’s not right!

If you intend to run your site using only one CMS (WordPress), then you should always install it in the base directory – i.e. without using any subfolder. Think about it, looks way more professional than

The only time you would create a different folder for a new WordPress installation is when you’re using a different CMS for your business portfolio and WordPress for the blog. Even in that case, a folder named ‘blog’ sounds much better than ‘wordpress’.

9. Using ‘admin’ As A Username

admin password

During the WordPress installation, the default username is admin. You must ensure that you use a different username. Leaving the default username to ‘admin’ is a serious WordPress security loophole, taking into account the recent bruteforce attack on over half the WordPress sites.

When you have ‘admin’ as the username, it gives hackers a free pass. Half their job (i.e. guessing the correct username) is done. All they need to do is use a series of bruteforce attacks to guess your password. Once done, they infiltrate your site, steal your client’s email address, payment logs and basically destroy what you’ve built for so long. If you already have admin as a username – don’t worry, I’ve made a tutorial specifically for this purpose – How to Delete the WordPress ‘admin’ Username.

10. Using Weak Passwords


This may seem like a silly point. But practically speaking, people still use a lot of vulnerable passwords. If they had used strong passwords, then Twitter would not have published a list of 370 banned passwords. A strong password should always have these three characters in them:

  1. Uppercase
  2. Lowercase
  3. Numbers
  4. Special Characters

I get it – it is impractical to remember this crazy passwords like 6efH&9sD2!LP. As a solution, we can use a free online password manager tool like LastPass, which has extensions for almost all web browsers, mobile operating systems, and a standalone Mac app. The principle is simple – you store all your complex passwords in this tool and have to remember only one password to access it.

11. Ignoring WordPress Updates


It is of critical importance that you update your WordPress website(s) as soon as they become available. Here’s why:

  • Everyday new bugs, vulnerabilities and performance improvement tips are discovered and reported by a global community of developers. These suggestions are reviewed and incorporated into a future release of WordPress.
  • If the vulnerability is server enough, then an immediate update is released.
  • With every major WordPress release, exciting new features like the awesome WordPress image editor (which by the way, lets you crop and resize images on the go) are also introduced.

What happens if I don’t update WordPress?

  • Ignoring WordPress updates means not rectifying known or identified security loopholes. This does nothing but makes the hacker’s job easy. What happens thereafter? Find out in the next heading!
  • You miss out on a load new features and performance improvements updates.

Consequences of a Hacked Website:

Let’s take a look at a few consequences of a hacked WordPress website:

  • Your email list (one of the most crucial assets of any website) is stolen and bombarded with spam. To make matters worse, this email list can also be sold to other “black market” buyers.
  • Your site can also be infected with malware. This in turn will infect anyone who visits your site. The worst part is when you don’t know that your site has been hacked – this causes the maximum damage as it gives you an illusion of safety.
  • The effect of a hacked site is most disastrous when you run a membership site. People who pay to view your site’s content get their PCs/devices infected and their privacy violated.
  • Once Google identifies your site as a malware infected domain, your search engine rank falls through the roof. Recovery from a blacklisted domain is an incredibly painful and expensive process.
  • Sometimes people may even need to stop their business and go for a whole new brand!
  • In short, once hacked, your site’s reputation and all future prospects is unrecoverably destroyed.


The obvious remedy is updating your WordPress site on a proactive basis. Thanks to the new Automatic Background Updates feature (which was introduced with WordPress 3.7), people don’t have to worry about updating their site. WordPress takes care of it in the background.

If you’re on a Managed WordPress hosting services like WPEngine, you’re already experiencing the one of the finest WordPress services in the industry. Not only does WPEngine automatically update your WordPress core, the updates are fine-tuned to their server’s specification and security measures, so that you get every last bit of performance and security boost.

If by an unfortunate turn of events, your site does get hacked, then I would recommend hiring professional WordPress security developers such as Sucuri to clean it up. Oh and did I mention WPEngine also gives you a free hack clean-up?

12. Pirated Themes and Plugins

pirate ship2

Let’ face it – for every new theme or plugin released in Themeforest (or any other major WordPress marketplace for that matter), a pirated or “nulled” version of the product is available in many sites for free.

Why do you think somebody would buy a $75 theme and give it to you for free?

Some of you might be aware that these pirated theme/plugins aren’t hosted in Themeforest. They’re hosted in file-sharing services or “cyberlockers”. I’ve mashed up a little introduction to such “cyberlockers” if you’re interested.

The 411 on Cyberlockers:

  • Cyberlockers are services that host your files for free.
  • Their main source of revenue include ads and premium accounts.
  • The ads are displayed on the file’s download page.
  • Premium accounts give the downloader advantages such as faster/uncapped download speed and zero “waiting time” before the download.
  • Some cyberlockers also pay “uploaders” a miniscule amount of $2-5 USD, for every 1000 downloads a file receives.
  • The bad part: Certain cyberlockers display malicious ads which carry a host of malware. Their “download” buttons are intentionally misleading to trick you to clicking the malicious advertisement.
  • They also include many pop-ups and pop-unders which wreak havoc to your system if proper antivirus isn’t installed.

These are jus a few of the dangers of downloading from a cyberlocker. Of course this doesn’t mean that everyone uses cyberlockers for illegal purposes. MediaFire is an excellent example of a good file-sharing service and is used by millions for legitimate purposes.

Getting back to Nulled WordPress Themes…

If you were to calculate revenue generated from these dishonest means, you’d find that the business isn’t profitable. The risks involved are far greater than the ROI. So one must ask – what’s the catch?

Rest assured, there is one. And it’s a nasty one too! The ultimate reason behind uploading nulled themes and plugins is to inject malicious code in your website. This creates what hackers and exploiters call “backdoors” in your server. Once a hacker gains entry in your website, you know the endless possibilities.

Moral Police, Standby…

This is the very reason why you should never install nulled/pirated themes and plugins. Developers put in several hundred hours of work, developing, maintaining and updating their product. I don’t mean to preach, but the next time you download a product for free, just put yourself in their shoes and see how you’d feel.

13. Free Themes from Shady Sources


Just like “nulled themes”, there are a few “free” WordPress themes that appear to be harmless. I’m not referring to the thousands of themes in the official WordPress theme repository. All the themes submitted in the repository undergo a strict selection criteria, which, rest assured, involves scrutiny for harmful code.

I’m referring to the ones you find in the never-heard-before websites, offering you “free beautiful WordPress themes”. There have been incidents where these “free themes” were loaded with malware. As a rule of thumb, download free themes from:

14. Not Disabling Directory Browsing

This is not so much a security loophole, as a precautionary measure. Directory browsing simply refers to process browsing the contents of the folders present in the web root directory. You should disable directory browsing for a number of security reasons. Please check out this tutorial, where I’ve discussed these issues and outlined how to disable directory browsing in WordPress and a few other tips!

15. Not Installing a Security Plugin

ithemes security

Finally, we have the highlight point of this post – a security plugin. I’ve already talked a lot about security, the consequences of getting your site hacked, etc. Today, I’d like to point out a few key terms.

  • There are plenty of known and unknown vulnerabilities when it comes to WordPress
  • A lot of them depend on your hosting environment and the way you installed WordPress.
  • Addressing each of these vulnerabilities is a tedious task to say the least.
  • Moreover, a lot of WordPress users don’t have the technical background required to process and implement the security measures.

This is why we recommend a security plugin. Let’s take Solid Security for example. The plugin addresses all the aforementioned issues and keeps your site secure.

You can pay a premium for added security measures, which are usually necessary for membership sites. Once you start generating revenue from your online business, it is a good practice to:

  • Shift to a managed WordPress hosting environment
  • Subscribe to a premium security plugin such as Solid Security Pro

16. Not Optimizing Images

unoptimized image

Image optimization is one of the fundamental factors that plays a role in a website’s speed, performance and user experience. The first thing that someone sees on a blog post is the header image. The effect is more profound when the header image is used as a background to the text – for instance, check out the posts on Medium.

The outcome is most significant when you strike the perfect balance between quality and quantity.

Quality refers to the contextual use of images. The header images for your blog post should be relevant, current and should be able to connect with the reader. Choosing the right stock image requires a lot of brain storming. Check out Carly’s presentation on how to select a good stock image for some cool practical tips.

Quantity refers to the technical aspects of the image – such as dimension, size, responsive property, format, etc. There are a lot of factors to consider and I’ve discussed them at length in the article WordPress Image Optimization Techniques.

17. Using the Default or No Favicon


A favicon is the little image that’s displayed on the left corner of a web browser’s title bar. It is an important branding factor when it comes to your website. You might wonder why I’m stressing on the importance of branding. Here’s why.

Branding 101

The branding of a website evolves over time. We must focus on the product first, rather than spend time and money on fancy logos and banners to share on social media. But this does not mean that branding can be neglected.

Even if you have a great product, no one’s going to take a second look, if your branding is ordinary. In other words –

Branding is how you hook attention

Once you have a decent amount of content ready, work on your branding. Spend time and money on it. If budget allows, don’t go for a 5$ graphic designer – most of them are amateurs looking to make a quick buck (no offence). Once you have a logo for your product/website, you can use it as your social media profiles. It is recommended to use the same logo as your site’s favicon. This further improves your site’s brand awareness! If you’re working on a small project and need a quick fix, you can find a lot of free favicons from sites like IconFinder.

18. Not Removing Default Posts

default posts

One of the cornerstone ideas behind WordPress is to make publishing to the web an intuitive process. Following those footsteps, WordPress generates couple of sample things, immediately after the installation completes. These samples are meant to help you get started with WordPress – to give you a feel of what everything looks like. They include:

  1. A post entitled “Hello World
  2. A page called “Sample Page
  3. A comment on the “Hello World” post
  4. A default category called “Uncategorized” for the “Hello World” post

You’re supposed to delete these samples before you index/submit your website to search engines. Unfortunately, thousands of websites forget to delete the sample post and page. Thus there are thousands of copies of the same data in all these websites.

That’s bad. Can you guess why? Well, it’s mainly due to two reasons:

  1. Because you’re (unintentionally) hosting duplicate content, your SEO scores are adversely affected. In some cases, they are even considered as spam,
  2. It looks really unprofessional and you appear to be careless to your visitors.


If you haven’t deleted the sample posts, you should do so immediately. Visit Google Webmaster Central, find the sample pages form the list of indexed pages, and hand submit a de-index request. This will accelerate the process of removing the page from your site’s index.

19. Publishing Incomplete Posts

incomplete posts

Yes, some people do that. If you’re one of them, I highly recommend against it. Here’s why:

  1. Once you publish a post, WordPress automatically pings a number of search engines which eventually start to index your page. Once they’ve indexed a page, the next iteration to index the same page usually happens after a long It also depends on how popular your website is. During this interval, you might update your post with new content, but the results won’t be reflected, until much later. This basically harms your SEO campaigns to a significant extent.
  2. When people visit your site through social media channels, and find out that your posts are half complete, they are going to leave your site – and even actively start avoiding it.


Sometimes it is not possible to publish all your content in one go. There can simply be a lot of content and/or not enough time, or just too much content to publish in one post. The solution is simple –

Divide and conquer – break it up into smaller posts

This technique works really well. At WPExplorer, we use a mix of two things:

  1. We split up (really long) posts into two parts, for example
    • Marketing Tips for WordPress Themes – Part 1
    • Marketing Tips for WordPress Themes – Part 2
  2. Create a new post-series. Take this post series for example. Every week I share new content on WordPress beginner’s mistakes. This keeps the audience engaged and I don’t have to worry about writing it all down in one go.

Case Study – MacRumors

A really cool and slightly different implementation of the post series idea is done by MacRumors. They cover the latest tech from Apple – before Apple officially launches them. For example, check out their coverage on the iPhone XR. There is a master page dedicated to it which covers all the information at a glance. It then simply links to all the previously related content under a “Timeline”.

TIP: You can always experiment with various publishing techniques and schedules and use the one that works best with your site’s niche.

20. Not Using Responsive Design


Google has started to rank sites better depending on how well they work on mobile devices. Very soon, they are going to penalize sites that aren’t mobile responsive. Almost every free WordPress theme (forget premium) released nowadays is mobile responsive.

Its 2015. And there’s no excuse for this.

By some cosmic miracle, if you site is not mobile responsive, please go ahead and get it updated. Here are a few tips to help you with that –

  • If you’re an agency with a lot of branding issues involved, hire a professional designer to shift your current WordPress theme to a framework such as the Genesis or the Total framework. This will be immensely beneficial in the future.
  • If your theme does not have a responsive version and you don’t want to change your theme, then you can use Jetpack’s mobile module, which simply creates a mobile/tablet optimized version of your site.

However in such a case, the design of your site won’t be consistent (different design and colour schemes across different devices). This could adversely affect your branding efforts due to inconsistency. Therefore it is highly recommended that you get a standard WordPress theme which is HTML5 based (i.e. essentially futureproof) and has a proper responsive version.

21. Not Using Child Themes

WordPress Child Themes

Initially, WordPress beginners don’t have the technical know-how to start modifying the look of the WordPress theme. That’s why they prefer changing from one theme to the next. We’ve talked about this in Part 2 of this series, point 7. Once you get a “feel” of how things work around WordPress, you might want to start to experiment with stuff.

That’s great, but try to remember our little talk on testing new things on a live WordPress site (Part 1, Point 2). Now let’s say you follow all those rules and start modifying a theme on a secondary (or cloned) WordPress installation. Yet, there’s something wrong with it. You’re not using a child theme.

Child Themes 101

A WordPress child theme is an extension of the parent theme. It inherits all the attributes from the parent theme and appends its own modifications to it. (The modifications being coded by you, of course).

Consider a case where you’re not using a child theme. You’re directly editing the parent theme. Say you want to edit the theme’s font family and the layout. You’d probably start editing the theme’s stylesheet.css and functions.php files. This is where the problem lies.

Standard WordPress themes are constantly updated to erase bugs, improve performance, remove obsolete elements, add new features, or simply keep up with the latest version of WordPress. Just as it is important to update your WordPress core, you need to update your WordPress theme as well.

When you update the parent theme, all the modifications made on that theme is lost. After the update, all the changes you made to the theme will be lost. Therefore it is recommend to always use a child theme while making changes to your theme.

When you use a child theme, all the code from the parent theme is automatically inherited. You can add new properties or modify existing ones (for instance, the font family). The properties you don’t modify revert to their original definition (that are defined in the parent theme), since they are already inherited.

The Benefit

  • All the changes that you make to the theme are organized into a file.
  • When the parent theme is updated, the new features are automatically inherited to your child theme.
  • You get the updates without losing your own modifications.

WordPress child themes are really easy to build. Check out the official WordPress codex to get started.

22. Not Leveraging WordPress Caching

WordPress Caching

Caching your WordPress site significantly improves performance and consumes less server resources in the long run. This is great for improving you SEO scores as Google loves fast websites. Furthermore, your visitors love being served a super-fast website (which improves user experience) while delivering minimum load on your server. This is ideal for shared hosting environments, where the server’s resources are shared. We’ve got a whole post-series on WordPress caching, explaining what it is, how it works, and how to implement it.

23. Not Moderating Comments

Moderating Comments

Comments start to flow in from the first day only under the following circumstances:

  • Your content gets featured in Reddit or Digg
  • Gets viral on social media
  • You announce your blog to your friends and family
  • You already have a huge email base where you announce your new website

In all other cases, a steady flow of comments take time. It also depends on how engaging your content is, or how you conclude your posts. In any case, once comments start flowing in, you should start moderating your comments. Here are a few tips to help you with that –

  • Install an anti-spam plugin, for example, Akismet.
  • You can also use a comment management plugin like Disqus or Livefyre. This saves you the burden of installing social login plugins
  • Don’t approve all the comments that come along your way. Read the comment. If it’s a link bait, change the name of the commenter. If someone named “best hair spa boston” writes “thanks I found this very insightful”, it usually means the bot (used for mass commenting) has a good algorithm!
  • Once the spam queue or the thrashed comments start to bloat, empty it. This will reduce the size of your WordPress database, since all comments, (spam or otherwise) are stored in it.

24. Improper Balance between Categories and Tags


While tags tend to get indexed faster, in the long run, a well-structured website will always win. Some SEO “experts” tell you to use as many tags as possible. “Title of the post? Use it as a tag!”

Do yourself a favour and don’t listen to them. Only trust authority blogs like Moz, SEJ or Matt Cutts – people who know what they’re talking about. Here’s a general rule of thumb when it comes to tags and categories. Since most of us are WordPress enthusiasts here, let’s take that as an example.

Suppose our site has the following categories –

  • Tips
  • Tutorials
  • Theme Lists
  • Product Reviews
  • Opinion

You can dig deeper by using sub-categories. For example, the Tips category can be refined into Security Tips, Performance Tips and Monetization Tips. How you choose to refine your site is solely up to you.

Tags on the other hand need to be handled delicately. Keep the number of tags to a minimum. Manage them thoroughly. For example, if your site focuses on security, you should use security tips as a tag rather than a category. Consider the following posts:

  • Review of a WordPress security plugin
  • Round-up of free security plugins for WordPress
  • Tutorial on .htaccess tips to improve security
  • (Opinion) Why WordPress Security should be a Priority

All these posts have one thing in common – security. Each of them belong to a different category. Thus, instead of assigning multiple categories to each of these posts, assign one category and “security tips” as a tag!

There is no “perfect” solution on which one to use – tag or category? The important thing to remember is not to overuse either of them. Google’s only getting smarter. Play the game fair (which undoubtedly will take substantial time and effort). At the end of the day, your site will see negligible downfall in traffic while others crumble at the release of a new search algorithm.

The last two tips are my favourite. I have committed them as I’m sure 99% of WordPress users have, in their first attempt.

25. Indexing your Site after Installation

Indexing your Site after Installation

During the final phases of WordPress installation, it gives you a small check box that reads “Allow Search Engines to index my site”. You don’t have any content to index right then, do you? Even if you planned everything out, chances are that you will modify some of the features like tags and categories.

My advice is to uncheck that box during installation. Once you have 2-3 posts ready to be published, revert the setting. This can be done from WP Dashboard > Settings > Reading > Allow Search Engines to index my site. Once done, don’t publish the post just yet!

Go to Google/Bing Webmaster Central and manually register your site. Once the request is submitted, head back and publish the post. WordPress will now ping all search engines about your new post.

This tip is more of a suggestion, learnt from practical experience. Search engines are very good at prioritizing your site’s content. Once they see that a piece of content or a post/page is missing, they will eventually remove it! This is just to give you a head start in your new business endeavour.

26. Bonus Tip – Start Building your Email List

Start Building Your Email List

I did not know about the importance of an email list before I read Jon Chow’s blog. Don’t make the same mistake I did! Email newsletters are one of the most crucial aspects of any online business! They are an evergreen, on-demand source of traffic that only increases. You can get stared for free with email marketing software like MailChimp.

Over to You

This concludes our post-series. I got to relive that magical moment when I got my first email subscriber, or that first comment in my blog. Now that I look back at the mistakes, I don’t regret making them. Because I learnt from them. And today I’ m sharing them with you. So if you have already committed several or all of these mistakes, don’t (even for a second) feel bad.

Why do we fall, Master Wayne?

In times like these, Alfred’s question gives me inspiration. Batman’s answer rejuvenates my soul –

To get up and fight again

I won’t ask you to comment, because you already have (like always). Thank you for that! I hope that you’ve learnt something new from this post series. If you have a story to tell or a tip to share, we’ll eager to hear!

Article by Sourav guest author
Subscribe to the Newsletter

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.


  1. Brandon Stosh

    Great article, and I couldn’t agree more with the webhost section. Secure and fast webhosting is #1. You should take a look at CloudFlare, great CDN and security service for websites.
    They have free and paid plans, really great service.

    Regardless, great article. Keep up the good work!

  2. rakesh kumar

    Hi Sourav
    Installing a lots of plugins is not a problem at all. The problem always lies in -how these plugins are coded and how they are interacting with other system. If they are using Javascript or standalone css how they are loading these two and how many database calls they are making to produce a particular solution. Thus according to me having a lots of plugins is not a problem all the way. after all WordPress is designed this way.

  3. oyekan

    hi sourav
    thank you for this great blog post, i like how ‘bodacious’ your post picture look very clear.
    both post were a great reminder,
    how do i achiever your kind of bio and social media button below your page its simple n unique
    oyekan from Nigeria

  4. m.imrannazish

    Sourav you are really a nice contributor at this site. You have shared very nice info. It help me a lot to learn what things are really bad for seo. Specially pirating themes and plugins.


  5. anshulsukhwalvit

    Great article, Sourav. Loved all the points that you mentioned. Baking up one’s website is very crucial and you rightly put it up as the #1 point. All other points are equally relevant. Loved the way you concluded the post by asking whether people spend more time promoting their content or on technical aspects of their websites.

    Thanks a ton for sharing your insights with us.

  6. Matt

    Great article. This is exactly what I was looking for. First point is crucial agree. I would even suggest to store 2-3 website backups 🙂

  7. Joy Healey


    I use the free (with paid option) plugin Wordfence to help secure my site. It warns me when plugins need updating and when people try to login – which is depressingly often. I can block people even trying to login with admin, which as you say, no-one should ever use.


  8. Emily

    Very helpful!

  9. krangara

    BRILLIANT – I am bookmarking this series! I am a technophobe who is deeply grateful for your efforts, Sourav 🙂

  10. Gerard Hansen

    Yes very helpful

  11. Matt Robust

    This is a wonderful 4 part series. I enjoyed reading it and it has been very informative for me while picking up WP. Thanks for putting it together.

  12. BarSamcha Consulting

    Couldn’t agree more about the need for properly managed backups!

    One correction, though: BackupBuddy (which I own and highly recommend) is not “freemium.” Official pricing via currently starts at $80.

    • Kyla

      You are correct – I don’t see the free trial anymore :-/ Thanks for the update!

  13. Meme

    This is really an eye-opener. So, I’m guilty of one or two things as a blogger. Keep us informed, please. If not, how can we know what’s right and what’s wrong.

  14. jaynenz

    Excellent article – thank you so very much. As a newbie I didn’t know about half of these things but have put it in my Evernote file so I can follow up. I will also be looking up some of the people you mentioned. Thanks again.

  15. makarand dada


  16. josmosis

    speed at which your site is loading, with such an amount of beautiful pictures, is simply amazing. Congrats

    • Kyla

      Why thank you 😀

  17. Newbie Berbagi

    awesome tips!

  18. Newbie Berbagi

    i’m really like your article, you’re the best contributor for me 🙂

  19. Kamran Javed

    Updating Is Important for security reasons. So I believe It’s truly Important.

  20. priyajain

    nice post, one of the great mistake in WordPress site is Choosing a bad Quality Theme,it entirely collapse the site,so always choose with best quality theme for WordPress sites.

  21. Karen Jain

    Good one,Ignoring WordPress Updates is a Worst Mistake,You cannot ignore the importance of WordPress updates otherwise it may result in site security issue.

  22. Bangalorewebsitedesign

    what are the newest 2016 updates and trends of WordPress and design?

    • Kyla

      Good question! I’ll get right on it 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

Learn how your comment data is processed by viewing our privacy policy here.