common wordpress mistakes featured

5 Common WordPress mistakes new users make

WordPress is easy to set up – there’s no doubt about that. However, because it is so easy to set up, it attracts a large number of newbies – which results in a large number of WordPress mistakes being made relating to reliability, SEO, and speed.

But this issue also affects businesses. Businesses are sometimes more focused on making sure their pages and content are in line with their brand guidelines – leaving out some steps critical to the site’s reliability and functionality.

In this article, I’ll go over the most common mistakes new users make when it comes to WordPress. Being able to identify the issues is the first step to resolving them.

1. Choosing sub-par WordPress hosting

There are really no two ways of putting this – your hosting is the infrastructure of your website, and your business depends on it. Making sure to choose a great WordPress hosting company will ensure that your website is reliable and has great uptime.

Good hosting platforms will also come with additional features which make your life easier such as automated installers, vulnerability detection, security enhancements, and more.

Here are the most important features you should look at for your hosting:

SSD Storage – Ensures that any assets that need to be loaded from your website can be accessed quickly, even in high-traffic periods.

Free SSL – Some companies do not tell you this, but SSL can be free, you are not obligated to pay for it.

Automated Backups – Backups are crucial to ensuring that you do not run into an unresolvable issue.

2. Not backing up your website

cd being locked with padlock

WordPress website managers that do not back up their website are susceptible to losing it – out of all WordPress mistakes, this might be the most common one. Data on websites can be lost due to human error, hackers, provider issues, or other situations.

As an online business, data loss of a high level can put you out of commission for a long period of time – or even put you out of business. Due to this, it’s crucial to back up your data periodically. The interval of backups depends on the frequency of editing the data itself, but it’s generally a good idea to back up at least once per week.

Even if your hosting provider does have automated backups, it’s still a good idea to have your own backup to a different location. This will protect you from provider-related issues, as not all providers might be as reliable.

There are plenty of WordPress plugins you can use for backing up your website. One of the most popular ones is Updraft Plus which also allows you to back up your website to a remote location.

3. Not updating your theme and plugins

WordPress is notoriously extensible by themes and plugins. However, each of those plugins can bring with it certain code issues or vulnerabilities at worst. One of the common attack vectors on WordPress is outdated plugins with public vulnerabilities.

The WordFence Blog frequently publishes articles related to theme and plugin vulnerabilities. Even if these are fixed later on – you have to update for the patch to be applied to you as well.

It’s important to update as soon as possible because the longer your plugin remains vulnerable, the more time a hacker has to try and penetrate your website.

WordPress mistakes such as not updating plugins can be detrimental to your website’s functionality and kill your business.

Bear in mind that backups are limited in time. Even if you have an automated backup system, the clean backups could be deleted by the time you notice the intrusion – therefore making it much harder to clean up your website.

4. Not making basic SEO optimizations

While building a website with WordPress is not difficult to do, it provides no value in and of itself. The next step is bringing traffic to your website. One of the WordPress mistakes users make at this step is not doing any basic SEO optimizations.

Basic SEO optimizations include:

Optimizing SEO Title and Meta Description. This allows you to better control which keywords show your pages, the functionality is provided by most SEO plugins.

Performance optimizations.  While this is a broader topic, you can start by optimizing your images before uploading them to WordPress. You an use some optimization service such as tinyjpg, or similar.

Ensuring all your links are working. Search engines will usually follow links and if any are broken, the 404 pages might be indexed. Furthermore, having broken links on a page can negatively impact the rankings.

5. Not changing the default “admin” user

One of the more critical WordPress mistakes is keeping the default “admin” user – which is a security risk. Since it’s the default username, it’s much easier for attackers to brute-force a website with this username.

Of course, if you have a randomized 100-character password, it would still be quite difficult to gain access to your website. However, leaving this username available gives the attackers a much easier target.

If you are still using this username, you can go to Users → Add New, and create a new user, then give it admin permissions. Once you do so, log in through that user and delete the default “admin” account.


Choosing WordPress to manage your websites is a great idea that helps you save time and money. However, make sure to set it up properly so that you are not vulnerable to attacks, or losing out on any traffic and revenue.

It’s important you get the setup right at the beginning – and especially the WordPress hosting part, since that is hard to change at a later point.

There are many WordPress mistakes that new users make. In this article we were able to go through a small portion of them that I believe are among the most important ones.