As a general rule, we software developers are selfish, stubborn, and we think we know best. But, in spite of all this, we are passionate and we love what we do (our own work that is). We blame everything else that isn't done by us (in case something goes wrong).
While I have many years of experience with different Content Management Systems, (I’ve even created my own, but that’s a different story), I deal mostly with WordPress.
No doubt, WordPress is the most popular CMS in the world as it's hands down easiest to use and install. Heck, you can have your own blog/website in under 5 minutes!
Because of its popularity, there are thousands of free or commercial themes and plugins available to suit your needs.
However, I find most WordPress themes you find on the Internet either have too many features that you don’t need (bloats) or are so basic that they are just plain ugly.
There are thousands of plugins too, so much so that the phrase “there’s a plugin for that” has been uttered by most developers at one time or another. Yes, there is a plugin for anything you need, but not all of them are well developed. In fact, I find that many of them are poorly coded, posing security risks, and even severely slowing down the whole site.
With that said, I’ve put together some pointers on choosing the right plugins, and developing your own WordPress theme, to help you avoid a lot of the common pit falls when starting a new WordPress project.
To strengthen your website’s security, and the first thing YOU MUST do before you even start your WordPress installation, is to change your database prefix. While this is not the best and only security solution, changing the default database prefix adds an extra layer of protection against successful SQL injection attacks. It will take you less than 5 seconds, but may save you lots of headaches in the future.
You can do this when you first install WordPress. When you’re asked to enter your database details, make sure you enter something random in the “Table Prefix” field. Never use the default settings (see picture below).
You can also find this setting in the “wp-config.php” file if you ever decide to change it in the future, but make sure to back up your database first.
This is targeted at a more experienced developer. But don’t fret, developing a theme for WordPress is super easy (there are thousands of tutorials on the web, just Google it!).
But, for those of us who are selfish, stubborn and like to be in control, I highly recommend a starter theme called Underscores.
Why Underscores? It is developed by Automatic - the guys that develop WordPress, so the support is there, and there are lot of things already covered in this theme to support WordPress. It is a starter theme, sort of like a half-baked theme. It gives you the foundations and you add all the things that YOU need. You don’t really need to know any WordPress functions, most of them are already written. So you can just start styling!
If you need your website to be responsive, which, unless you’re building a separate mobile version as well, you do, consider combining Underscores with UnderStrap.
When it comes to plugins, the rule of thumb is to make sure it’s compatible and has been tested with your version of WordPress, and is frequently updated and maintained BEFORE installing it.
Another tip is to read the reviews. Chances are, lots of people have already installed that plugin and have shared their feedback. Find out why the plugin’s received those 5 or even 1 star ratings. TIP: Lots of 1 star ratings is a good indication that a plugin is to be avoided at all costs.
Below are some useful plugins that I can’t live without.
Contact Form 7: What’s a website without a contact form? One of the best ones I’ve found is Contact Form 7. It does everything you need, it’s free, simple, and super flexible. It also supports multiple forms, CAPTCHA, Aksimet spam filtering, file uploading and more.
Flamingo: From the same developer, Flamingo is a must have plugin if you wish to save all form submissions into your database.
Meta Box: If you need to extend your website beyond a simple blog functionality, a lot of developers would recommend the Advanced Custom Fields (ACF) plugin because it’s easy to use and has a user-friendly interface. But, for those of us who are comfortable with code and like to get our hands dirty, I would recommend Meta Box. It gives you full control over features and functionality and comes with good support and documentation.
Widget Context: Widget Context is very useful when you need to display or hide widgets on certain sections of your site. It supports all post types, and can even target your widgets by URLs for more flexibility. A definite must have!
All in One WP Security & Firewall: The importance of website security cannot be stressed enough, and a great app that can help you take care of that is the All in One WP Security & Firewall. It does just what the name says, it adds extra security and a firewall to your site.
Below are links to several tools that you should bookmark for your next WordPress project:
That’s it. Hope these tips and tools will help to make your next WordPress project easier. Happy coding!
If you need help on your next web development project or have any ideas to share get in touch with us today.