Here are the steps I take when setting up a WordPress website. I’ve included links to some of the plugins I use, and to helpful articles with more comprehensive instructions. I’m not claiming this is all necessarily best practice, but it’s what I do.
Three ways to use WordPress
- Most of the time, I use self-hosted WordPress.
- However, I do think that WordPress.com has its place and would choose it in some circumstances. See my blog article “Self-hosted WordPress Versus the Rest“. Unless you opt for the relatively expensive Business Plan, WordPress.com does not allow you to install your own themes and plugins, but it has some advantages.
- In certain situations, it might be worth considering a static hosting solution, such as HardyPress. My blog post “Building Static Websites Using WordPress” explores this approach.
If you are new to WordPress then you may find this free online guide helpful: Easy WP Guide.
Obtain Hosting and a Domain Name
Self-hosted WordPress needs a host in order to work. WordPress.com and HardyPress (or similar services) include hosting.
While I’m not able to recommend the “best” host to you, I can tell you that my own sites are mainly with UK host Guru, with one at Eco Web Hosting. Other UK based hosts I’ve seen recommended include 34SP, 20i, Krystal, Kualo and Clook, but I have no personal experience of their services. If you would feel more confident going with managed WordPress hosting, and can afford the considerable extra cost, then you might want to look at Kinsta as I’ve heard that they are good. [UPDATE: Apparently 20i also offers fully managed WordPress hosting – see the comment by Richard Chambers at the end of this article.]
Many hosts will include a free domain name. Taking advantage of this can be easiest way to connect your domain name to your site, but it’s generally considered to be a good idea to register your domain with a different company. That way if you decide to switch hosts, you can just point your domain to the new host and carry on. I’ve registered domains with 123-reg and I’ve often seen Namecheap mentioned.
Connect the Domain Name to the Host
If you haven’t registered your domain name with your host then you’ll need to point the DNS records of the domain to your host’s nameservers. Search your host’s documentation to find out what their nameservers are called.
Hopefully, your domain registrar will give you instructions telling you where to input these names. Here’s a link to 123-reg’s instructions but these may be different for other companies: How do I change the nameservers for my domain name?
It may take a couple of days for the change to take effect.
Many hosts will have an easy way to install WordPress from their control panel. (Note that you would not need to take this step with WordPress.com and HardyPress has its own method of creating a WordPress website.)
WPBeginner have a tutorial covering the most common auto-installer tools: How to Install WordPress.
It’s very important that you don’t choose “Admin”, or another easy to guess name, as your username.
Note that if your host provides an SSL certificate and you are given the option of choosing https:// rather than http:// then you should do so.
It may be that your host will have automatically installed and configured an SSL certificate, but if not then you should check their support/help documentation for any special instructions about how to ensure that the SSL certificate has been applied to your site.
Check the Permalinks
It’s worth checking that the permalink setting will give your pages and posts the structure that you require.
I want a nice, simple, informative url for my WordPress posts…
so I usually choose the “Post name” option as the permalink setting.
Install and Activate a Security Plugin
There are several possible plugins you could choose, and I use WordFence . (This step applies to self-hosted WordPress, only).
Under the settings for this plugin, I lock users out after a small number of login failures and forgot password attempts, or if they use an invalid user name of “admin” or my website name.
Install a Coming Soon Plugin
If I don’t want people to be able to see my website while it’s being developed, then I use Coming Soon Page & Maintenance Mode by SeedProd.
Under Users: Your Profile you can choose the name that is displayed as the author of posts. So, my username should be something people won’t guess, but I can have a nickname of “Jane” and can specify that this is the name that is displayed publicly.
I usually switch the site language from English (United States) to English (UK) in the General Settings area.
You can also change the date and time format, the site name and description (Tagline) and ensure that you have the correct email address.
This is a good time to check the image sizes in Media Settings, before uploading any images.
Install and Activate a Theme
There are hundreds of different themes to choose from if you are using self-hosted WordPress, the WordPress.com Business Plan or a service such as HardyPress. Many of these are free and can be installed directly from the WordPress dashboard. WordPress makes it easy to change themes and you can try out lots of them to find one you like.
Having said that, I pretty much always use my favourite theme, GeneratePress.
The theme itself is free but, to make it easier to customise, and to take advantage of some extra features, you can install the GP Premium plugin. Note that this is an affiliate link so I may receive commission for refering you. But I wouldn’t hesitate to recommend GeneratePress even if I wasn’t an affiliate. It’s a very flexible, well written theme by a respected developer who provides outstanding support. I wrote a blog post explaining why I like this theme so much.
When I’m using GeneratePress, I install and activate the GP Premium plugin and input my license key. I activate the add-ons I need e.g. Colors, Typography, Menu Plus, Blog, Spacing, Disable Elements, Copyright… Then I can edit the copyright in the footer to be my own name/website name.
Add a Logo and Site Icon
Many themes will allow you to add a logo in the Customiser. You may want to consider using an svg file for your logo so that it looks sharp on all screen sizes.
Install an Anti-Spam Plugin
WordPress tends to come with the Akismet plugin ready installed but not activated. A subscription costs £4 a month for a commercial site. WordPress.com automatically uses Akismet and this step is not relevant for HardyPress.
I usually use a free alternative, Anti-spam, to prevent spam comments.
Install an SEO Plugin
A lot of people swear by the Yoast plugin for Search Engine Optimisation purposes. I have no reason to suggest you shouldn’t go for that, but the one I use is The SEO Framework.
They have an article called “Set up our plugin in 5 minutes” that you may find useful.
Install a Search Plugin
This is an optional step that may, or may not, be useful on your website. You might not realise that the default WordPress search does not search things such as category and tag names. You could consider installing a plugin such as WP Extended Search to get around this limitation.
HardyPress has its own solution for searches, as the usual WordPress search does not work for static websites.
Set Up Backups
One option is to use the free UpdraftPlus plugin and connect it up to a Dropbox account. See this article by WP Beginner for more information: How to Backup & Restore Your WordPress Site with UpdraftPlus.
Alternatively, you could choose the All-in-One Migration plugin – for instructions, see the user guide. The free version will allow you to backup your site manually and download the backup file, but you’d need to purchase an extension to schedule regular backups to be stored in, for example, Dropbox, Google Drive or Amazon S3. (Note: you can download a free plugin to increase the size of imports to 512MB).
This is another area that is not relevant to WordPress.com, with the exception of the Business Plan.
Unless the site is merely a blog, you’re likely to want several pages. See Adding a New Page from The Easy WP Guide and also my articles “A Simple Page Layout With GenerateBlocks” and “A Simple Page Layout with the WordPress Block Editor“.
You might find it helpful to read through my article “Experimenting with WordPress Image Sizes” if your posts and pages contain photos or illustrations.
WebNots have a useful article on 6 Ways to Copy and Duplicate Gutenberg Blocks in WordPress which could save you some time when building your pages.
You can specify which page will be the homepage in the customiser.
Set Up The Menu
By default, WordPress will add all your pages to the navigation menu, but it’s likely that you will want to decide which pages appear, and in what order.
WPBeginner have a tutorial explaining how to do this: How to Add Navigation Menu in WordPress.
Most themes have several widget areas, where you can add the widgets that come as standard with WordPress, or are added by plugins.
See Widgets at the Easy WP Guide for an explanation.
Add a Contact Form
Caldera provide instructions here: Getting Started With Caldera Forms. To increase the chance of your form being delivered, and not being treated as spam, it’s a good idea to use something along the lines of email@example.com in the “From Email” field – even if this email address does not exist.
Sometimes you may find that messages sent via WordPress forms seem to go missing. If this happens to you then Kinsta have an article that may help.
Note that if you are using HardyPress then you will have to use the Contact Form 7 plugin and follow their instructions.
You may decide that you would rather just provide an email address, rather than a form, to enable your visitors to contact you.
Customise the Website’s Appearance
Many themes will provide options in the customiser, allowing you to change various aspects of the site’s appearance. How much control you have does vary from theme to theme.
For some excellent design advice, see Jennifer Bourn’s slideshow on Website Design Principles.
You should also consider the ramifications of the GDPR. See “A Guide to GDPR” on the ico website. Here’s a sensible article on the subject by the Design Space: How to Get Busted for Non Compliance with GDPR.
I have seen people recommend the Complianz plugin, so that may be worth a look.
Toptal’s Web Developer Checklist: https://www.toptal.com/developers/webdevchecklist