In my earlier days of freelancing, many of my clients and prospects were against the idea of a WordPress website maintenance plan. Firstly, they didn’t believe they needed to spend more once a website was done. And secondly, they didn’t believe their business was “big enough” to attract the attention of hackers.

To address the concern of the website being “done”, I can understand that desire for doneness if you’re on a budget. This desire may also come from a place of wanting to make the best possible first impression once the “flood gates open” on the day you launch.

While it’s true you’ll get a flood of attention from people you know upon launch… Your website isn’t a one-time show!

Businesses grow and evolve. And websites should too! You should expect new people to want to find your website once you become more established. And I hope to goodness you’re updating information on your pages when things like prices or industry knowledge changes.

With regards to not being “big enough” to get hacked, think again! Hackers actually like to target really small businesses because they’re counting on you thinking this way. I.e. they’re counting on you having a weak password, and lax security, because it’s pretty normal and common to do so.

So, is having a website risky?

Why spend ongoing time and attention on maintaining a website? Does it mean it is unsafe to begin with? Why even start?

Although I can understand where the fear might be. There are some who wish to scare you away from WordPress as a platform because it is prone to being hacked.

Honest truth — any website can get hacked.

Your Facebook account, Instagram, YouTube… All able to be hacked!

And yet I still choose WordPress. This is because its benefits outweigh all the negatives. WordPress websites are especially good when you have a maintenance plan in place. Not only to keep intruders out, but to ensure that your website continues to stay future proof.

Remember how I mentioned weak passwords? Yeah, that’s one of the top reasons why websites get hacked.

So to ensure an extra layer of security, please be sensible with it! If your company is called Tony’s Socks, and your WordPress password is tonyssocks1, I’m afraid that’s going to top the list of a hacker’s guesses.

By the way, sometimes it’s not even an individual person (not even your nasty competitor) trying to hack you. Hackers will run automated programs to scour the internet, hoping to find website back-ends with weak passwords. This is known as ‘Brute forcing’. It’s a kind of attack on your website where a bot will cycle through different username and password combinations to break into your account.

What’s involved in WordPress website maintenance?

Updates to essential systems (i.e. WordPress core, theme and plugins)

To ensure your website is protected from hackers and malware. And that you are giving your users the best possible experience! Updates to plugins may help your website load faster, help with your SEO, or may make improvements to your editing tools.

Backups of your pages, files, and customer data

It’s always a good idea to keep extra copies of your website’s files and data. It’s an even better idea to have multiples of these, in different locations, if you can.

Backups are also useful if you are DIY-ing with a visual website editor, and mess things up badly. Even though WordPress has a built in Revisions” function, it doesn’t always play nice with every theme builder.

You never know what or when something could happen. It could be as simple as one plugin that ruins your whole website.

Uptime monitoring

Uptime monitoring is software that indicates whether or not your website is running or not. Be kept in the loop if your website ever goes down, and when it comes back up.

This could be your first indicator of something going wrong with your web hosting server.

Brute force protection

As mentioned above, brute force attacks are pretty nasty should they ever “succeed”. You can prevent this by installing a brute force protection plugin or Jetpack. To find a brute force protection plugin, search the WordPress plugin repository for one that has been recently updated, and has good reviews.

Performance monitoring

Keep on top of which pages are doing well, and what kind of search queries bring visitors to your website. This helps to “future proof” your website by being ready to adapt when your business requirements change. This kind of information is also useful if you are redesigning your website and want to get the best bang for your buck with rearranging content.

Content audits and updates

It’s important to ensure you get the most out of your website by keeping information up to date, and ensuring you don’t have any broken links. If the information on your website is not accurate for the times, it could affect your customers’ trust in you.

➡️ Related article: Jetpack | Jen Swisher: Website Security: How to Secure & Protect Your Site in 2024.

How often do you need website maintenance?

I recommend performing maintenance on your website monthly, at the very least. Depending on how often information is exchanged and stored on your website, you may want to look into a daily schedule. Certain tasks such as uptime monitoring and backups can be automated to run on a schedule.

A good website developer or consultant should be able to advise you as your business needs change.

How long does WordPress website maintenance take?

Some aspects of website maintenance are “set and forget”. For example, installing and configuring a brute force protection plugin will only need to be done once. You can also set your backup plugin to automatically run and save backup copies of your website.

Website backups should occur quietly, with minimal to no interruptions to a visitor’s access to the website. If your website is particularly busy, it’s often wise to schedule a software update during your least busy time. This is why you might see your bank take their app or website down around 3am for maintenance.

If you are taking care of updates and backups yourself, you may want to allocate half an hour to an hour every month. This is to give you enough time to update your theme and plugins, and manually create a backup.

I would also recommend reviewing your maintenance plan at least every 3-6 months. This is just to ensure your backups are saving correctly and that the frequency of backups make sense for the amount of activity and information saved by your website.

Conclusion

Having a maintenance plan for your WordPress website just makes sense. Even if you’re just starting small and simple, there may come a time when you need to update information and features on your website. And being “small and less relatively known” does not make you immune to hacking attempts either.

Ideally, your website should be a helpful sales and marketing tool for your business, for as long as you are in business. Rarely is a website chiseled in stone — As not only will info about your business and industry change, but so will the needs of users and website best practices.

Again, it’s not my intent to scare you off from owning a website. 99% of these problems can be avoided simply by having a decent password (and not sharing it around, either). If you take away only one thing from this article, it should be having an ultra secure password!

If you have a question about updating your website and/or keeping it happy and healthy, please feel free to reach out. I don’t like pitching services if you don’t need them, but I love giving advice and help where I can.