WordPress administration Basic Steps
So, you have installed a new wordpress release on your server. What should you do next? Here is the guide to the best practices for WordPress server administration:
- Setting up a strong username and password: If I had a dollar for a username/password combination of “admin/admin” I would be a rich man. Seriously, you need change your default username and password. Change the admin username to something other than an admin (that is harder to guess) and make the password really strong.
- Setup a backup. What if your server gets corrupted or gets hacked. You need to be able to recover quickly. Use a good wordpress backup plugin and at least once a week backup the whole installation and keep it in a different server (like Dropobox).
- Use a good permalink structure. By default, your wordpress posts have a URL format: http://yoursitename.com/?p=123 You need to change this ASAP as it is quite user-unfriendly and also bad for your SEO. To do this use Apache mod_rewrite and then go to Settings ? Permalinks panel to change the permalink structure. Use this link for more information.
- Use a WordPress Security scan plugin to scan for vulnerabilities and suggests things to make your installation secure.
- Social sharing. Your site can get popular only if you allow easy sharing. Setup social sharing plugins that let your users to directly share your content from the post.
- Constantly update your wordpress installation. Once a new release is stable your should try to upgrade. When upgrading choose a time when you have least visitors and then test all the plugins work after you upgrade.
- When you setup your databases as a part of the installation, change the default database prefixes from wp_
- Protect yoru wp-c0nfig.php file in your .htaccess of Apache server. Prevent any user from accidentally or intentionally access this file.