Book a Call
WooCommerce / WordPress Maintenance Tips You Should Not Ignore - Updated 2023
, ,

WordPress Maintenance Tips You Should Not Ignore - Updated 2023

Enjoying this article?
Share it on social media!

Our WordPress maintenance tips will give you an invaluable glimpse into the intricacies of website management!

If you run a website, you know how important it is to keep your website up-to-date. WordPress is one of the most popular Content Management Systems (CMS) out there, and it makes updating and maintaining your website a breeze. With its user-friendly interface and easy-to-use features, WordPress has made managing websites accessible for everyone.

Are you tired of worrying about your WordPress site's backups, speed, security, and important updates? Well, worry no more! We’ve worked tirelessly to provide you with a comprehensive guide on updating and maintaining your WordPress site.

What we will be reviewing is the following:

1. Our Recommended WordPress Plugins

2. WordPress Backup Process

3. WordPress Speed and Caching Recommendations

4. WordPress Security Audits and Monitoring

5. WordPress Maintenance Checklist

Why is WordPress Maintenance so Important?

WordPress has revolutionized the world of website creation, making it easier for anyone to design and publish a website. However, despite its user-friendly interface and convenience, WordPress is not immune to issues that can compromise its functionality. This is where WordPress maintenance comes in.

WordPress maintenance is essential because it ensures your website remains up-to-date with the latest features and security upgrades. Regular updates help keep your site secure from threats like hackers or malware attacks. Regular maintenance also helps optimize your site's performance by removing any unnecessary plugins or files that may be slowing down your website's speed.

By performing regular checks on your WordPress site, you enhance its performance and ensure that customers have a seamless experience when interacting with your brand online.

Our Recommended WordPress Plugins Banner

Our Recommended WordPress Plugins

Are you struggling to determine which WordPress plugins to use for your website? You're not alone! With over 50,000 plugins available, choosing the right ones can be overwhelming and downright impossible. But don't worry. There are some steps you can take to make the process easier.

Before diving into our recommendations, here are some rules you should follow when finding your plugins. As we mentioned, there are thousands of plugins, so vetting out ones that work well is essential.

Plugin Recommendation #1 - Backup and Staging Plugin

One of the most missed and critical items is backing up the site and doing updates in a staging environment. Most greenhorns will see updates and spray and pray. Nine of ten times, there are no issues with updating a WordPress website. However, it just takes that time to get to bring down the site, and if you do not know how to debug, access web files, or have no coding legs to stand on, then you will have more significant problems with a down site. So we recommend using a tool that will allow you to back up the website and provide a staging area to test these types of tasks.



What is great about this tool is that it allows you to have a back system independently from your current host and add a deployable staging area. We love it because we can back our clients up directly to a Google Drive folder which clients have access to, and it is an Offsite backup, meaning if the host has a catastrophic event and your files are lost, they're still safe on another offsite location. Also, the staging area is a one-click install on the WordPress backend. You can quickly deploy live to staging or the reverse staging to live any time you choose.

Plugin Recommendation #2 - WordPress Security Plugins

A website that is not secure is an excellent deterrent to customers. Search engines like Google also can penalize sites that have been hacked completely, removing them from search. Adding an SSL does not adequately secure your website. Unfortunately, there is no full-proof way to catch a vulnerability before a hacker can exploit it. The only way you can combat hackers is by building enough walls that will not make you easy prey and then maintaining those walls every month.

The best way to prevent this is through security plugins. We recommend two reasonably priced plugins to help secure your site from attacks. WebARX and MalCare will automatically scan your website for any suspicious activity. They even offer one-click solutions to fixing malware problems.


WordPress Security Plugin #1 - WebARX

We started using this tool around two years ago because it removed the need for multiple plugins, which we have been exceptionally pleased with. WebARX helps websites combat spambots and malicious software and prevents malware from gaining access and infecting the website.

It is known to be one of the most advanced security plugins for PHP applications and consistently communicated patches that are firewall rules that protect the website from vulnerabilities.

MalCare Dashboard Image

WordPress Security Plugin #2 -

On sites that we found have been compromised and need an extra layer, which primarily deals with scanning and removing vulnerabilities, we use MalCare. This tool works like antivirus software and does deep scanning of every file to find infections that run in the background and does a great job not overloading the server.

What is the difference between and WebARX?

WebARX is a preventative tool where you're blocking malicious attempts to raise havoc on your site. MalCare is a tool used for removing the efforts which have succeeded in compromising your website. Having both is that much better.

Plugin Recommendation #3 - Caching and Speed

WP Rocket Banner

1. WP Rocket

WPRocket is our favorite Caching plugin. Caching is a significant factor in the speed of your website, which also contributes to your SEO and conversion rate.

To keep our sites at top performance, we use WP Rocket. WP Rocket combines all the procedures for WordPress performance optimization in a single plugin. Besides, the plugin is very user-friendly and offers advanced features for those who want to dive deeper into the functionality of their site.

From Brightvessel's experience, our sites sped up by 50% while using this application.

Plugin Recommendation #4 - Form System

Gravity Forms Banner

Gravity Forms

No matter what site you have, Collecting information about your customer's experience is always essential. You can add to your email subscriber list, receive user feedback, and allow your customers to contact you through forms.

Custom building your forms require an excessive amount of work. To personalize the way to receive desired information from your customers, you need to do a lot of coding to deal with the functionality and style of the form. However, if you use a prebuilt form, you limit the personalization factor. By limiting the amount of work and enabling complete customization, Gravity forms allow you to create structures easily for desired feedback.

Plugin Recommendation #5 - Plugin Families Vs. Many Single Plugins

So not every plugin developer does coding in the same way. Finding plugin families is a great way to ensure compatibility and make updating things much easier. We recommend a few Plugin suites that can enhance your website in many ways.

Here are a few examples of plugin families we like to use:

YITH Banner


YITH is a Woocommerce suite that not only adds a lot of enhancements and features to a Woocommerce store. It also has a monthly subscription, which allows you to use its entire family of plugins, making it very cost-helpful as an example when your site is utilizing any booking, subscription, auctions, upselling, and couponing. They also have a few Themes, which are included in the subscription, making a well-rounded suite of plugins.



WPMUDEV is a WordPress plugin that has been around since 2004, making it one of the oldest WordPress plugins and communities. This suite of plugins has everything. Image optimization, caching, forms, pop-ups, security, SEO, and more. They also have a monthly subscription to access their entire plugin library. Their live support makes them stand out and their large community of users.

Monster Insights Banner

3. Monster Insights

Hands down, Monster Insights is the best reporting plugin that integrates into Google Analytics and Google Search Console. You can track your website stats along with Woocommerce sales on your site. There is additional tracking for users, forms, Google Adsense, events, and EU Compliance.

5. SearchWP

Out of the box, search in WordPress needs a bit of work. It is a very straightforward search for a blog, and they have not done much with it over the years to satisfy the needs of Woocommerce, custom fields, shortcode output, taxonomy terms, and PDF & document content. SearchWP covers all those needed enhancements and has a suite of products you can choose from.

Wordpress Backup Process Banner

WordPress Backup Process

As we mentioned, our favorite tool is WPTimeCapsule.

Before we begin, the one crucial thing to remember is backing up the site. 

Rule #1 - NEVER click on the WordPress updates unless you and your a developer know how to get out of a debugging or file replace situation in which your site breaks, and you cannot apply a backup to fix.

Rule #2 - It is best to perform your WordPress updates in a staging area first before doing them live. This way, you're not disrupting your live site, and you're minimizing any impact that may have if you run into issues.

The dilemma: So, staging servers are generally not set up by a traditional host. Which if you're on a WPengine hosting service, they do have a staging setup, but they force updates on their clients, and we feel this is not an excellent service or practice to impose, especially for enterprise sites. We love WPTime Capsule for this reason because it provides an additional offsite backup and staging area where we can work without disrupting the live site.

WordPress Backup: WPTimeCapsule allows you to quickly backup your WordPress website manually or on a schedule to on the server the site resides on or offsite to a Google Docs folder. We recommend doing both to secure your data.

See full install directions here:

WordPress Staging: You can spin up your staging area on the live site in the settings area for the plugin. It's a one-click install and one-click deploy. Keep in mind when you create a staging area. You cannot work in the live area, as those changes will not carry over; instead, if you need to add pages or posts while you're fixing some coding issues, add them to staging.

See full documentation:

Wordpress Speed Caching Recommendations

WordPress Speed and Caching Recommendations

Does the speed of your WordPress website matter?

Repeated research has shown that a faster site increases the conversion rate. The faster loading time you have, the better. Even a few milliseconds will increase the probability of your customer completing the desired task. Faster sites allow you to conquer your competition and keep your customers on your website.

Image Source:

What is WordPress site speed?

Site speed is how fast users can view the content of your site. Site speed reports provide you with your site's performance. This data can later be used to make improvements on your website for increased speed.

Site speed reports provide you with two perspectives of site latency:

  • Loading times: The loading time is the amount of time it takes for your site's page to load in the user's browser. In the Page Timings report allows you to see the load times of your website on many different browsers and countries.
  • Speed of response to user interactions: These interactions can be as simple as clicking a button. In the User Timings report will state the response time to any interaction of the user.

Image Source:

WordPress Speed Statistics:

  • Mobify: Mobify research shows that for every 100-millisecond decrease in homepage load speed, customers see a 1.11% lift in session-based conversion.
  • Digital Commerce 360: Faster page loading contributed to a 12-13% increase in sales
  • Medium: Walmart saw a sharp decline in conversion rate as the average site load tie increased 1 to 4 seconds3
  • Think With Google: On average, it takes 15.3 seconds to load a mobile landing page.
  • WebMasters: On mobile, 46% percent of people state that long loading times are their least favorite part of browsing.
  • Akamai: Research by Akamai has shown that a two-second delay in page load time is likely to increase the bounce rate by greater than 100%.
  • Dotcom-Monitor:40% of site visitors who encountered problems are likely to tell their peers. After 3 seconds of page load time, 75% of users will bounce.
  • Neil Patel: 79% of customers who have a bad experience on a site will never revisit that site. A bad experience can include the site's load time.
  • Royal.Pingdom: Pages with a load time of 5 seconds have a bounce rate of 38% while pages with a 2 second load time have a 9% bounce rate.
  • The main problem that marketers face with loading time is that most of them can't grasp the importance of improving page speed by a few milliseconds: it's just not tangible enough.

WordPress Website Performance

The performance of your site primarily depends on the time it takes for your website to load once opened. You want your site to run as fast as possible. If your site takes a long time to load, customers will move on to your competitors. Below, you will find all the main contributing factors to the high-performance site.

Ways to improve performance:

  • Ensure your website has a good hosting server (Shared is never optimal).
  • Images need to be sized to fit and optimized. Make your site simple yet well-designed and professional.
  • Reduce the number of plugins your website uses.
  • Use a Content Delivery Network. This gives many users alternative server nodes that enable content to be downloaded simultaneously.
  • Minimize the amount of CSS coding that your site uses.
  • Use cache. This reduces the load on the servers that the site is hosted on. It also decreases the time it takes your users to download content.
  • Database optimization. Cleaning out all unnecessary data from your website

WordPress Caching Recommendation:

WP Rocket is our favorite Caching plugins. Caching is a significant factor in the speed of your website, which also contributes to your SEO and conversion rate.

To keep our sites at top performance, we use WP Rocket. WP Rocket combines all the procedures for WordPress performance optimization in a single plugin. Besides, the plugin is very user-friendly and offers advanced features for those who want to dive deeper into the functionality of their site.

From Brightvessel's personal experience, our sites sped up by 50% while using this application.

A significant benefit of WPRocket is that the plugin will provide your site with catching as soon as the plugin is activated. WPRocket also allows advanced users to enable caching on their website exactly how they want it through settings.

WP Rocket appeals to many users by providing various options from beginner to complicated settings allowing them to start small and then go big. Their user-friendly dashboard helps simplify the processes and provides detailed information for each setting.

Quick Review:

[av_video src='' mobile_image='' attachment='' attachment_size='' format='16-9' width='16' height='9' conditional_play='' av_uid='av-jaeuib' custom_class='']

For the best settings for WPRocket, click here:

WordPress Database Optimization Recommendations

First, let's start with why you should optimize your WordPress Database.

WordPress loves accumulating useless data in post revisions, trash, transient options, spam comments, orphaned metadata, etc.

The data can increase over time, increasing server space for site and backup files.

You'll need to clean that mess up, which will significantly reduce your WordPress database size and increase the performance overall.

One easy-to-use plugin is WP Optimize.

Here is a list of features:

  • Removal of post revisions:
  • Clear post-auto-drafts and empty posts trash
  • Spam comment removal and comment clean up:
  • Remove transient options:
  • Remove pingbacks and trackbacks:
  • Scheduled automatic clean-up:

See more details here:

Wordpress Security Audits Monitoring

WordPress Security Audits and Monitoring

Many people think websites, in general, do not get attack much. This is very far from the truth. It does not matter if you have a small or large site. Attacks will happen and quite often.

IBM's Charmain, Ginni Rometty, stated: "Cybercrime is the greatest threat to every company in the world." 

Let's break it down into some statistics on security to give an in-depth understanding of the growing issues in security.

  • Every 39 seconds, there is an attack on the web in which users with non-secure usernames and passwords are more vulnerable. (Source:
  • 73% of black hat hackers or stating traditional firewalls and antivirus software are becoming obsolete. (Source: Forbes)
  • 30,000 new websites are hacked every day. (Source: Forbes)
  • 300, 000 unique pieces of malware are created daily (Source: McAfee)
  • On average, 75 records are stolen every second. (Source: Breach Level Index)
  • The most vulnerable area of WordPress is the plugins, with makeup 98% of the vulnerabilities. (Source:

The graph below demonstrates what parts of a WordPress site are the most vulnerable.

(Source: Wordfence)

A statistic from 2017 posted on the Threat Post indicates the most vulnerable WordPress Plugins which, as you can see, are just simple plugins that are downloaded millions of times and used by millions of sites.

(Source: ThreatPost)

Top 10 WordPress Security Audits You Should Perform on Your Site

  • You must always keep WordPress/Woocommerce Core, Theme, and all Plugins up to date.
  • Secure Your wp-config.php
  • Do not keep inactive plugins on the webserver.
  • Make sure your current host is running a security program like Imunify360.
  • Use the latest version of PHP of the server.
  • Use strong usernames and passwords. Never use the user "admin" as an example and try a password generator.
  • Limit the number of login attempts
  • Always update your passwords every 30 to 90 days and store in an app like PassCamp.
  • Use a proactive and preventive Security plugin like WebARX or MalCare.

The following items can be done with WebARX and MalCare. You can also click the links below to free plugins and instructions that can help.

Wordpress Maintenance Checklist Banner

WordPress Maintenance Checklist

In a WordPress Maintenance Checklist, you will find standard operating procedures for updating and maintaining websites. It is essential to know that every website is different, so when creating your SOP, develop guidelines specific to your website's theme and plugins so you can ensure the correct information is followed.

  1. Prepare web and database backups on the website.
  2. Perform a compatibility check for WordPress core files, theme, and plugin files.
  3. Review each site page and check essential functions such as the search and checkout process.
  4. Ensure there are no errors with tracking scripts. Ex: Facebook, Google Adwords, and Google Analytics.
  5. Check for broken links on the website.
  6. Make sure there are no 404 error pages, and set up proper redirects if you have them.
  7. Ensure the server has enough space and resources to grow.
  8. Check to ensure metadata is on all pages.
  9. Make sure Google Analytics is installed and working correctly.
  10. Ensure Google Search Console is set up and your sitemap has been submitted.
  11. Ensure security audits have been performed.
  12. Ensure caching, lazy load, and minification for load time are active and configured.
  13. Review of desktop and mobile displays.
  14. Call Bright Vessel because they will handle all this WordPress maintenance and let you do what you do best.
Enjoyed this article?
Share it on social media!

Check out another blog post!

Back to all Blog posts

Let’s work together!

© 2024 Bright Vessel. All rights reserved.