Websites / November 16, 2021
Subscribe to receive our weekly e-flyer or other announcements.
Marketers at A/E/C and other firms, both large and small, love using WordPress, it makes updating websites quick and easy. That’s partly why WordPress has become the most widely used CMS (Content Management System) in the world today, by far. Yet as web designers, there are two questions that we hear fairly often from clients unsure about the WordPress platform. Those two questions relate to speed and security. Read on to learn more about how to address both issues.
WordPress is a robust CMS and needs adequate hosting resources to perform at its best. Many A/E/C sites have grown larger and become much more complex in the past years, but their hosting has not followed suit. WordPress websites on shared hosting can be slow to respond. And, since many hosting companies pack more and more websites on their shared servers, the sites get even slower over time. In contrast, well-provisioned hosting (such as WP Engine and VPS hosting) cost a little more but eliminate these issues and help keep your site up to speed.
Most sites built on WordPress start with a pre-existing “theme” or template. Unfortunately, many of these themes are coded poorly or are loaded down with extra code that you do not need or ever utilize. Many existing WordPress themes or frameworks try to be everything to everybody and thus have excess code that can snowball when content is added. WordPress sites built from “scratch,” not built on an existing theme, eliminate unnecessary code. Building websites with minimal code ensures that the website will have exactly what it needs and not suffer from excess code that will slow it down.
One of the major reasons a WordPress site, or any database-driven site, can perform poorly is that server-side scripting and database operations can be time-consuming. The best tool to overcome this is “server-side caching.” This technique generates static HTML files that are served directly to your users instead of having to process your scripts and/or perform database queries whenever a page is requested.
Since WordPress is now the largest CMS in use worldwide, there are, sadly, hackers who write code targeting WordPress sites. But there are also many reputable developers writing code to combat those hackers. One of the most fundamental ways to help keep your site secure is to make sure you (and everyone at your firm with access to your website) choose secure usernames and passwords. WordPress now mandates strong passwords, and will caution you if a weak password is selected:
Some hosting companies, like WP Engine, will add an additional level of security by denying access if a weak password is selected:
WordPress, like all software, needs regular updating. Often, updates are written specifically to combat security issues. It is crucial to make sure you keep WordPress up to date. Additionally, if your site uses plugins for added features, those plugins must also be kept up to date. WordPress notifies you when you need to make updates, which can be made with a click of a button:
We also employ tools for sending alerts and automatically mitigating security vulnerabilities. Wordfence, for example, provides WordPress-specific security features, including: