Fully Booked VA Blog

Don’t Do It – 5 Common WordPress Mistakes to Avoid

I’ve got a special treat for you guys today. As you probably know, I’m not the most tech savvy human on planet earth! So I’m okay with doing things like hiring someone to help me, when they can do something in two minutes that takes me an hour or two. After all. time is money!

Anyway, I invited my tech guy “G” to talk to you guys today and share some common WordPress mistakes he’s encountered – plus he’ll show you how to avoid them. Take it away G!

Hello everyone. I’m Grayson, the tech guy here for Fully Booked VA (Gina refers to me as G)! She gave me the awesome opportunity to chat with you guys today and throw some technical jargon around in hope of helping and inspiring those of you using the WordPress platform.

I’m not just the tech guy here, but also on 30 other sites in various niches. Personally, I’ve been blogging on WordPress for almost 11  years. Blogging isn’t just a passion of mine – it’s also my business.

As someone who’s helped site owners with various projects (and problems), I wanted to share five of the most common WordPress issues I run across. These issues appear everywhere from smaller, beginner sites to larger ones that have been running for a number of years.

I hope this post will give you some insight into the blogging world, but also the necessary kick to get your site cleaned and buttoned up. Let’s dive in!

1. You’re Using “Admin” as Your User Login

I can’t count the number of times I’ve seen this one. When WordPress is installed, an administrator is required to control the site. With many web hosting companies, WordPress can be installed with a few clicks from a software library.

These installation programs allow site owners to get WordPress up and running without dealing with database creation and sending files over FTP. The issue with some of these quick install programs is they don’t allow users to change the default WordPress administrator username during the installation, it’s just “admin.”

The “admin” username is a hacker’s paradise. It’s the default, so if they want to try and hack into your site, they only need to guess your password.

For many, it’s not hard to do. WordPress hacking is almost a sport. It’s something I fight hard against and I make sure my clients are secured from the worst of the worst.

Action step: If your user login is “admin,” then you need to change it immediately. There are a number of ways to do it, but the easiest is to just create a new user, delete the admin username and re-attribute posts to your new name.

2. You’re Not Backing Up

I don’t shake my head often, but this is one that will get me to do it. You work so hard on your site. You put sweat and tears into the look, feel, and content.

It would be a shame (devastating really) if you lost all of that hard work. Unfortunately, this happens to people all of the time. And it’s because they don’t have proper backups in place.

Backing up your site is easy and necessary. There are a variety of plugins which work – some free and others paid. I recommend trying out UpdraftPlus or BackupBuddy. These plugins backup your site on a regular basis, allowing you to keep attention focused on more important things.

Never rely on your web host to backup your site. They tend to be unreliable, and it’s also bad practice to keep your site backups on the same server as your site. If the server goes down or gets corrupted, you lose it all.

Action step: Take the necessary precautions and have your backup stored in Google Drive, Dropbox, or Amazon S3. Or consider using one of the above plugins.

3. You’re Not Keeping Up with Updates

WordPress releases new versions on a regular basis. It’s currently on 4.2.2, but I’m certain the next version is not far behind. WordPress is open source and allows many contributors to help keep the platform stable.

That’s not to say that it’s going to be bug-free or without problems. WordPress is installed on over 60 million sites worldwide – it’s the most popular content management system available.

As WordPress releases new versions, their hope is that site owners heed their advice by updating to the newest available. Some updates are for product enhancements and others are for security fixes.

When you don’t keep your WordPress installation up-to-date, you’re putting your site at risk. As WordPress grows, more people are trying to hack it and find vulnerabilities. It comes with the territory.

If you keep your site up-to-date and on the latest version, you not only get full use of the available features, but you lessen your security risk. This works the same way with plugins. When WordPress provides updates, so do most of the popular plugins.

Action step: Always keep your site up-to-date by installing the latest updates. Just make sure to back it up before you do!

4. Your Images Are Too Big

We all love images! And a striking image can have lasting effects on your visitors.

Just look at the success of Pinterest.

It’s all about the visual overload. Considering the human brain can process information in an image faster than text, it’s no wonder sites are now using a lot of images. This is both good and bad.

While images look great, they tend to also take up a good amount of space in your hosting account. The more space used and the larger the images, the slower your hosting server gets. This affects your site’s speed and can leave a negative impression on your audience.

One thing I see on a lot of sites are owners using images which are too big for their theme. While WordPress will shrink down the image to make it fit, site owners should only upload images up to the size their theme can handle.

This ensures you aren’t filling up your hosting account with huge images that are slowing down your site’s loading speed – and they’ll still look good on your site.

If you rely on a plugin to compress your images, such as WP Smush, you might want to try a different method. Size (dimensional) isn’t the only factor when it comes to image, you also have to think about file size itself.

Consider trying out a free service like TinyPNG to push your images through before you even upload them. Your server will thank you!

Action step: Only use photo file sizes that your theme will support. Consider compressing or shrinking images before you upload them.

5. You Have a Lack of Site Security

With so many blogs and sites running on WordPress, you can imagine how many are hacked on a daily basis. The number is large and the reason is due to a general lack of security.

WordPress itself is relatively secure, but when you add plugins to your site, your site’s security is compromised. Plugins are great, but not every one is coded properly or secure, unfortunately.

Site security should be established at the onset of setting up your site. Do this by making sure you have a plugin that locks down the login page.

Basically, this translates into locking a user out if they fail to get the right username and password after a number of attempts. I typically choose three. One plugin which does this well is Wordfence. And that’s only one of the plugin’s benefits.

When I first install a site, I typically run with Sucuri, a free plugin that does a great job. Sucuri allows you to harden your installation, making sure hackers can’t use backdoors to manipulate your site. I also create a lock down wall, so no one can see the login page without a username or password. It’s a two-step authentication process.

A little upfront security can go a long way with WordPress and keep you from becoming a victim of a malicious hack. No one likes to click over to their site and see it redirected to one they don’t know or own.

Action step: Use a plugin to lock down your login page and/or create a lock down wall to increase the security of your site and lessen the chances of it getting hacked.

In Conclusion

WordPress is a great platform and one I recommend to everyone. I use it myself and I understand it. I’m the guy behind the pink here on Fully Booked VA, which allows Gina to focus on building her freelancing empire (Gina: it’s so true!).

These five common mistakes are made a lot, but with just a few simple clicks they can be circumvented. Look them over and see what you can do to improve your WordPress site.

If you have questions, please reach out. I’d be happy to help! You can find out more about the services I offer and get in touch via my site, iMark Interactive.

Want to Win a Site Audit?

Grayson was generous enough to give something away to my wonderful readers! In the spirit of WordPress, he wanted to provide one reader with a free site audit (a $50 value).

Enter by leaving a comment below asking a question or letting us know an issue you’re going to fix on your own site. Giveaway ends 12pm CST on Friday, July 3rd. We’ll then pick a random comment and get in touch with a free site audit for the winner.


Grayson Bell

Grayson has been a blogger for nearly 11 years. He runs a large personal finance blog, along with other blogs in that same niche. He also runs a blog management service to help other bloggers and site owners focus on their business and not worry about technical issues. When he’s not online, he’s enjoying the outdoors, family life, and brewing beer at home. Let’s face it though, there aren’t many times he’s not online!

Thanks G for all of the helpful information! These are all things that you can implement on your own. Or if you’re like me, hire someone like Grayson to do them for you. That way you won’t have to learn something that doesn’t really interest you and he can take care of it in half the time. Win, win!!

Photo Credit: Blake Richard Verdoorn via Unsplash

This post may include affiliate links. If that’s not kosher, we might not be friends. Kidding of course, but this is my due diligence disclosure notice.

Gina Horkey

Gina Horkey


Gina Horkey is a married, millennial mama from Minnesota. Additionally, she’s the founder of Horkey HandBook and loves helping others find or become a kickass virtual assistant. Gina’s background includes making a living as a professional writer, an online business marketing consultant and a decade of experience in the financial services industry.

Not sure which services to offer as a Virtual Assistant?

Enter your email and we’ll send you a full list of what you can sell, how valuable those skills are and where to find clients to serve!