 All right, cool. I'm going to talk about WordPress maintenance and just kind of run through a checklist of what you could be doing weekly Monthly yearly quarterly to kind of keep your website up to date some of its technical some of its content orientated, but it's just a few things to kind of think about My business itself runs This as a service around 80 90 clients at the moment So there's sort of a little bit of experience in there from what we do for most of our clients as well both from a content point of view and like a basic technical point of view Right so Essentially like your site is has been up since launch. It's performing well. It's converting its capturing leads You're securing sales There's always a room for improvement, right? But because of that you're sort of happy to leave your website untouched You know, you may have 20 plug-in updates up in the top left-hand corner But you're a little bit afraid to sort of make those changes not knowing What that might do? So this talk is kind of just talking about that, right? So if you have a successful website at one point in time, there needs to be a fair amount of work that happens to keep that up to date So there's no real reason to reinvent the wheel Just follow a few tools. So is it worth it? Yes So like I said, so your website could be running smoothly today, but it may not be tomorrow So these could be through plug-in updates. They could be through zero Vulnerabilities that come out there's been quite a few over the last month or two around popular plugins that have, you know 100,000 a million installs that Either have changed completely their functionality and like have killed the plug-in the one I recommended only last month exact metrics SEO Google Analytics plug-in changed from a version 5.4 to version 6. They completely rebuilt the plug-in and it broke a bunch of websites Stop tracking it to Google Analytics and also was reporting the wrong analytics data on a lot of sites as well, so It was a great plug-in previously, but since it was acquired I wouldn't be using that one anymore. So used to be called Google dashboard Exact metrics is what it's called now, but good enough Google Analytics for something anyway Google site kit is what we'd recommend and there's a talk about that from a couple of months ago So back on to maintenance. So it could be running fine But then it could all happen and change like at the end, you know It could all just kind of fall apart So maintenance is pretty boring It is kind of time-consuming as well, but there's a few things that we can put in place To make it work a little bit better. So I'll try and run through what I can and make it as exciting as possible, right? So your website does need regular maintenance To build and retain your market value as well as your search ranking and user experience as well So in addition to like the basic factors like state stability security and function as well, so This is a pretty exhaustive checklist. I'll run through kind of two to three points on on each of these ones But these are what I think we look after for most of our clients as well. So Hosting backup security downtime updates Make sure you're monitoring it for malware What are you doing with comments and testing and databases? And things like that. So we'll kind of run through one by one and I'll try and keep it as interesting as I can So WordPress hosting I did a talk about this was it last month of a month before So the first thing I guess in all of this is making sure that you have a decent hosting provider Some of them will actually offer WordPress updates or WordPress core updates WP engine Kinster flywheel and a couple of the other managed hosting providers will do your core updates for you So you don't you don't have to worry about those. So they do point updates essentially overnight Backups will all be done as well. So you don't really have to worry about WordPress core You just worry about your plugins and themes and things like that If you don't have a hosting provider that will do this Then we'll run through a few backups and stuff right cool making sure that we have backups so And and probably more important than making sure that we have backups is testing that the backups work I can't tell you how many times you go and try and use a backup Nobody's actually tested to see whether or not it works and your backups are all failed So either making a backup and then testing it on local any type of local server or Merging it to a staging but just making sure from time to time that your backups are actually working So with managed hosting providers you can get one click backup solutions as well So it means before you're going to do any any point updates or any core updates plug-in updates You'll just kind of click on that one click backup and make sure it has it So if anything goes wrong, you can restore and you know a matter of minutes There are some free plugins like updraft plus and back WP up So those will essentially run for free To update directly to your server It's better than nothing But again, if you can't operate your server or can't get access to your server Those backups are not really that useful at all. So I'd recommend at least moving them off to a third-party server somewhere somewhere some like a Dropbox or Google Cloud or something like that account Google Drive account or You can use a backup solution like blog vault or managed WP Or I'll be talking about a little bit because they kind of cover off a lot of this stuff Unfortunately hackers love WordPress, right? So it was like the back in the old days when Windows XP sort of had 99% of the market share maybe a little bit less but It was sort of the target market right for for a lot of these hacks So because it powers so much of the the internet 35% This is just a big target for it So there's some very basic things that you can follow and a lot of that stuff is on the WordPress developer guides, so you know secure passwords making sure you updated your plugins and things but Most of these hacks are just down to bots. So even though if you have 35 visitors on your site per week It's really got nothing to do with the size of your site It's about they're all automated bot bot attacks So you can consider a website firewalls like cloudflare or security Those firewalls will sit in front of your website. So from your from your DNS You'll change your name service to cloudflare or security and that will help protect the traffic before it actually gets to your website If you are using WordPress plugins solutions like WordPress, there's a security one as well WP server, I think security those ones will essentially run on your server. So if you're getting a lot of traffic It may not actually protect you because you'll be getting that traffic and it'll be running PHP You'll be running your MySQL so it can actually bring the website down. So depending on the type of hack or the type of attack that you're on I try And at least get out in front of it before it actually gets to the server if at all possible. So cloud here cloudflare have a free Account and security is about $200 per year but they do They'll do your free security Restore and and fix if you do get hacked as well Then there's a 7g firewall. So this is by a company called perishable press There's been many variations of it But the 7g one has just come out of beta in the last couple of months Essentially, it's for Apache and it's HD access rules So you can download it chuck it into HD access and it will stop a lot of bad bot traffic And some of your directories and things like that it can protect. So have a look at that It's about 12 kilobytes compressed. So it's pretty reasonable to be adding to your server And keeping that one up to date Right. So downtime monitoring as well, right? So making sure that your website is actually online when you when you need it to be especially for e-commerce Providers or marketing if you're sending out a big email campaign or something like that So what would happen to the business if you sent out a Blast to 10 to 15,000 people and they hit your website and nothing happens It's unavailable. So you can do things like uptime robot, which is a free product Fresh ping as well, which is a free product And what they would do is that every five minutes ten minutes on the free account It'll ping your website to make sure it's operational and Then, you know, you can monitor that it will send you an email or a slack message or something like that if your website's not There are a couple of tweaks that you can do on that because sometimes your website may be down But still returning a ping so a 200 result So you can do things like checking for copyright in the footer So it checks for a little piece of text on your footer So therefore, you know that it's it's rendered the whole page to the footer And that's a good idea as well rather than just pinging to see whether or not the website's up because it could still be broken Although it's up You can use cloud services like ping them manage WP or blog vault. They offer that as part of their service as well So if you are subscribed to any of those Then they will include that in their service as well WordPress update so, you know pretty standard stuff here. Make sure that you have a backup first And check that that backup works from time to time Perform those updates on a staging server if at all possible So using managed hosting providers you can spin up staging sites pretty easily perform those tests that way and Then once they they work then you can move them back to the live server So if possible read plug-in change logs, especially for major version changes So from 5.1 to 5.2. It's probably a small bug fix here and there From 5 to 6. It could be a complete rebuild of the product. So for something I would WooCom S4 Which came out last week. It's not actually backwards compatible So there will be features and functionality that could break by just hitting that update button So making sure that you're doing those dates first on a staging server and then actually reading about what those changes are Rather than just hitting the the update button So we do it in this process first, so we'll back up first then we'll update WordPress We'll back up again. We'll update plugins one by one And then check the site after every plug-in update and then we'll update the themes last as well And you can use a cloud service managed WP to do all that for you Managed WP and blog vote will both do revision testing Regression testing so visual regression testing to make sure that they take a screenshot of the website They run the update make sure the screenshot looks the same and then it will proceed with the next update So monitoring your SEO right so how is your website performing? We we've given a couple of talks on this recently Robert's gone through Google Analytics and monitoring that traffic as well as search console To monitoring your keywords if you are looking for a free tool Then you can look at Ubersuggest, which is the tool by Neil Patel Which will allow you to monitor keywords and analyze competitors and things like that They have a paid plan, which is pretty reasonable at ten dollars a month compared to some of the other SEO Services out there so you can chuck in you know your 20 30 keywords and I'll analyze it against all you of your traffic And then you can chuck in you know five of your competitors and see how you rank Towards those I think the free plan will allow for one to two competitors and I think 30 keywords, so it's still a pretty decent product just for free and You can use a cloud service like managed WP for your reporting as well And that will essentially track every page of your website Against the keywords that you have and then tell you how they're ranking each week or each month So you might go up or down one spot As you know, Google is moving everything further and further down the listing pages So malware scans as well. So has your website been hacked? There's a few services that offer this as well. So WordPress plugins are one so word per word fence Security site check and WP server. There's more, but these are the kind of main ones that we use They'll periodically scan your website for malware things like word friends and and security site check will check your website against change logs in the WordPress repository as Well as you know your core changes as well. So if people are adding errored files or something like that into your Your site directories into your you know public HTML directories or something like that then they'll fly up here You can delete them directly from the plugins as well So managed WordPress hosts will generally remove that malware for free either restoring a backup or they'll recover that hack for you depending on the company And then you can use a security service like managed WP for reporting as well So that'll check against Norton and if and security site check in about four or five other systems and report back to you either daily Weekly or monthly depending on what you want Managed WP will also let you know if there's any zero-day Plug-in vulnerabilities that you can address as well or you can check out the vulnerability database Do we even need comments anymore? I mean most people are not really running blogs or if you are running a blog you're probably getting one Real comment a week, baby So we typically turn it off for for most We may integrate Facebook or something like discuss, but generally we'll turn it off and just save the database If you are using it make sure that you're moderating those comments weekly and deleting spam comments especially removing links We had a client just recently that couldn't get any Facebook ads on because she was approving comments That were spam comments But they were kind of hard to distinguish that they were spam, but they were redirecting links So they had a decent URL But it was redirecting to sort of spam links after that so Facebook wasn't a big fan of that So it took us a while to kind of find what was happening out here So again, you can use a cloud service like managed WP to manage Removing and deleting all these all these comments and then making sure that you're testing your website as well, so how's your website performing and Testing your website and desktop and mobile devices as well and in popular browsers. So due to software updates so Mac Windows or Any sort of browser software that could be updated Firefox new versions Chrome new versions Make sure that you're testing your website not just in the browser that you use all the time Especially the browser that comes up in your analytics that people use all the time and especially at the screen resolution That people use as well. I can't tell you the amount of time that people check websites on a 27 inch iMac and think it looks weird at full screen, but Making sure that you're testing on your most popular browser sizes as well cleaning your database so This can be done a number of ways it could be done directly through PHP my admin or whatever database tool that you'd like to use But there's a lot of stuff that WordPress can add to the database which isn't necessarily needed So you can use spam remove spam comments Sometimes depending on the plug-in if you uninstall it it may leave five to ten tables In the back end as well, which will may never be used again while they won't be called all the time Depending on what other plugins you may have it could be searching throughout that data every time you make a request so You can do that as well and things like limiting post revisions So by default WordPress will keep a revision of everything that you do on the website So if you change the title you change any content you can roll back any of those changes You probably don't need, you know, 90 days worth of post changes for one post. We like to limit it ourselves to about seven days and There's some code in the repository that you can check out for that as well for limiting post revisions Just a bit of code you add to WP config To limit those revisions a lot of times we just remove them completely because we have daily backups And that sort of works for us. You can use WP rocket WP optimizer WP sweep To perform that regular maintenance as well. So WP rockets are paid caching plug-in that runs some Database automations as well cleaning up tables and transients and things WP optimizes directly for databases, but they now have caching built into it and WP sweep will pretty much go through All your databases and clean that up as well Again before you do anything to the database make sure you have a backup Alright, so clean your users. So Generally when we build sites as well, we'll build, you know, one to two admin Accounts for the clients and then we'll build Sort of like an advanced editor account. So editors that have a few more position Permissions, but I can't tell you how many times I've gone into a website and found sort of 20 Admin accounts with old developers and and people that are nowhere near the business anymore If you don't want to delete those users, you can downgrade them to a subscriber Or if you do delete them make sure that you're Migrating that data across from that deleted user to somebody else I had a client try and clean up their website recently They deleted about 10 users, but didn't remap all the content. So last half of their website at the same time So we did have backups and restored that but if you are looking at cleaning up these users then focus on the people with admin permissions first and Enforcing two-factor authentication and secure passwords if you can as well. So There's Microsoft Authenticator or Google Authenticator as well, which you can use as basic two-factor authentication Which is pretty simple, especially for your admin users Checking your broken links as well. So depending on the age of your site, you've probably got a whole bunch of broken links. So That may be linking out to third-party sites. That may be, you know, your own internal links that you've changed But things like that can really hinder your SEO because Your sort of Google Bing juice Once they check your website, you'll find, you know, X amount of broken links The spider will follow each of those links and the more of those sort of broken ones you have the Less chance that you have for ranking the rest of your site. So making those Connected is a good idea. So you can use a plugin called the broken link checker. That's bi-managed WP But it is very sort of heavy because it runs, you know, runs through the database every time someone loads up a page So you can use that sparingly or use it on a staging site or from time to time There's a few SaaS services as well that deadlink checker is a decent one They do have paid plans as well. So there's some limits that apply on that, but That's a good one to kind of check through Google search console as well is a good one to sort of think about how your site is performing So check that data once a month with Google site kit You can chuck that into your WordPress admin so you don't have to bother logging in And it'll give you data on your most popular pages queries, you know devices and things And make sure that your site map is actually linked in and check any errors with your structured data So your schema data Google's I think moving to I think about 80% of sites are now mobile first Linked as well. So make sure that you're testing it on mobile Unused themes as well. So again, like we don't really need 2010 installed anymore unless we're actively using it WordPress, I think still does install the most recent version on any kind of any major updates So if you do have any of these old versions, you don't really need them anymore I always try and keep one default theme just for testing But the rest are all delete deleted. So Edmunds gonna run through child and parent themes In a little bit, but try and keep your active child theme And keep your parent theme in there as well then kind of delete everything else besides 2020 Unless you have another favorite 2013 or something like that Theme that you like to roll back to obviously if you're using one of the WordPress core themes as a parent theme then don't delete that But try and clean that up as much as possible Mainly because if there are vulnerabilities in these themes Then you don't want that especially if you're not using it or act or being active and the same applies with plugins as well So to get your website loading time down you can test your website and GTMetrics or Pingdom There's also a website web page speed test is another decent one that'll run three or four checks And give you a waterfall of how everything's loading Just be wary that like a top score doesn't necessarily mean a fast site So you may get a hundred or an A grade that doesn't necessarily mean it's better than anything else They are just recommendations that people provide some things you have no control over So if you're linking to analytics scripts for example or tracking scripts on third-party sites There's no way you can control those headers. So do as much as you can But you know things like the New York Times Another large media sites don't rank very well on these recommendations, but they still load up nice and fast So it's better to have a better server than a rank of you know a hundred grade or an A grade and Then review your setup as well. So Whether or not this is annually quarterly or sort of half yearly Running through your your setup just to see whether or not you still need anything anymore If you bought something on AppSumo and installed it and never used it again Then kind of review that as well So there may be plugins there may be alternatives to those plugins So it's a good idea to check look at those there may be different themes You probably don't really want to change your theme Too often depending on sort of how your website's been built and then review your hosting company as well So if your hosting company still doesn't offer free SSL, then it's probably time to look at moving And then third-party services as well So if you do have any analytics scripts or anything like that that you're not really using anymore You put hotjar tracking on it and then never actually logged into it things like that you can review and get rid of And then reviewing your content So this is going through kind of page by page Or at least your most popular content page by page checking your opt-ins Checking your call to actions Does it still fit with your target audience and have a bit of a content review? Making sure that everything's still tracked your goals are being set your event tracking is still working a Check through your content that gets the most likes and shares and then look at sort of building more content around those pillars and then determine what content sort of commands the highest time so Highest time on site and the lowest bounce rate and things like that for your conversions So That's it So it's crucial to kind of carry out this there's a lot of stuff that we went through there But most of these tips will serve you a lot of time You can shortcut a lot of it by using you know solutions like SAS solutions like managed WP, which is a go daddy product now That will kind of manage all that for you. They have paid in free plans And the same as blog vault as well But yes, you can spend your time and more productive work, but That's about it really unless we have any questions Yeah So I used them a while ago and to be honest, I thought a lot of their code was junk about sort of six seven years ago I've tested a couple of plugins. I tested their form plug-in just recently and I really like it So I think their plug-in suite has come a long way. I haven't used it personally But I think their subscription model is a lot better than it used to be and they're their code from what I've seen But yeah, anything that saves you time. There's also main WP That's another one which you install on your own separate WordPress install. You can do it locally and That will update your websites for you as well Yeah, you used to be able to buy the plugins one by one previously now, it's yeah, it's all subscription now Yeah, it was all a bit dodgy but Yeah, a developer of mine just started working on the The form plug-in forminator and we run through that it actually runs really well, so Just a problem that you have to buy everything to use one There's a theme review plug-in, but not really like I Think there's a theme test mode plug-in, but I haven't used it in a long time What I would mainly do is just try and spin up a staging server if at all possible If you're running a backup, you could use local by flywheel or ma'am Wamp Spin up a local install download your you know your current website and then test it locally. That's what I'll do first I Think any of those plugins essentially Would be a stopgap measure anyway Yeah, so I'd be wary of doing it on a live server just in case There is one right theme test or test theme Yeah through the theme itself yeah, I Have so I had a one I had a client that we didn't build but we took over a site And for some reason they're running an old version of Divi and they kind of have to at the moment just because For some reason every time we upgraded it breaks the whole front-end display Of the website even though we've tried to rebuild it. It's just not possible So we've have to keep that in an old version and it kind of gets hacked once a week At the moment we've just monitoring and restoring that's kind of the only thing we can do at the moment I've got another client who has 10 websites There's a custom theme which was built 10 different versions of that same theme Which is a disaster. We're actually rebuilding it thankfully on a multi-site, but yeah, that gets hacked probably Once a month those as well. That's just us trying to close down somebody else's bugs so it actually worked out easier for us to discount some of the Development package to ease us time on maintenance going forward through rebuilding a site But yeah, that's the kind of main hacks essentially through themes and through plugins Yeah, there's a lot of bad code out there in terms of not escaping URLs and and inputs and things like that generally So what about buying things online? Yeah Now they offer six months. I think out of the box. They'll give you six months You can actually still get it. It's just not an automatic update So if you go and download the theme and re-upload it you still have access But you can't plug in yours, you know your site key or whatever into the Envato plug and update it automatically Again with any of those marketplaces. It's hard to tell generally the most popular things would be okay but things like slider revolution and Visual composer both had a lot of big bugs Over the years so the things I'd kind of stare away from if possible. They're really patched Relatively quickly, but there's been a lot of problems with those in in particular those two So look for a reputable developer and something that's been updated as well So if you're looking at the changelog of a plugin, it's been or a theme and it's been updated once in the last year I probably wouldn't worry about it For some plugins It doesn't really make any sense to update it because they just work all the time things like disabled comments Like that plugins just going to work. It's not really going to need any core updates So while it they will refresh it from time to time so it gets doesn't get pulled from the repo Sometimes it doesn't warrant any current any updates There's WordPress theme review, but that's not going to scan it for any malicious code It's just going to code it for scan it for theme like standards So not really no If you weren't using multi-site then yeah, you would need to optimize that theme ten times Or optimize it once from the from a code point of view and then upload it ten times If you're using multi-site, then you can essentially Install it once and they'll propagate against all the ten sites Yeah Yeah So it really depends on the theme that's being built whether or not you're using a front-end Front-end API for that for using cloudflare is more to get out in front. So cloudflare will do optimization So it'll minify your content. It'll minify Your JavaScript your CSS and things like that at the server level Well, sort of at the CDN level it'll also distribute your information across their network as well So CDNs unless you're like have a wide global audience are not really going to save you that much more time It'd be better to invest your money in a faster server Than a global CDN unless you're talking to Brazil and US Singapore and Australia or at the same time They're all important to you So cloudflare will kind of bridge that gap And if people are using, you know DNS at 1.1.1.1 then that's going to be faster generally because it's all cached on their own system But in terms of applying sort of JavaScript updates across the whole network of site You can do it on cloudflare as long as all ten sites are in but it's again one one site by one That just tells cloudflare which pages to cache and all of them are But for me I'd use more of these icons Yeah, if you're looking at a network then Open source doesn't necessarily mean security It means that it can be patched by anyone at the same time as well So again, it really depends on the theme that you're using Most themes if they're well coded and well developed You shouldn't really have any security issues with the theme itself It would generally be about integrations with customizer because that's where you would get your content in Or if you're using a page builder It would be related to that for the most part or plugins Cool, any more? Alright, I'll pass over to Edmund who's going to give us a chat