The experience gained in 8 years of WordPress development is extremely valuable to us. By addressing some of the most frequent questions we got from our clients we hope this collection of considerations, resources and best practices will also prove useful to you. We plan to update this knowledge base constantly, filling in one piece of the puzzle at a time.

Why Should I Choose WordPress for Building My Website?

WordPress is an easy to use, very extendable and customizable content management system you can use to implement and manage your website. You can find a comprehensive list of relevant features on WordPress.org.

WordPress is the platform of choice for anything from small websites to more sophisticated eCommerce websites to even large corporate platforms. In fact, WordPress is used by almost 60% of all websites that use a content management system. This accounts for more than 25% of all existing websites.

What Sort of Websites Can I Build Using WordPress?

WordPress is the ideal choice for building presentation, publishing, portfolio or eCommerce websites and more or less any type of small, medium or even large website.

The blog is built-in since it is the core functionality WordPress provides. Additional tools derived from WordPress include bbPress, a forum software and BuddyPress, a solution for developing and managing online communities.

Is Building a WordPress Website Expensive?

WordPress is a free open source platform supported by a huge community of developers, which means you can find a lot of resources to help you manage and personalize your WordPress website. Among such resources it’s worth mentioning a wide range of free themes and plugins that handle anything from eCommerce to social media integrations. All this generally translates in lower development costs.

In case of large or very specific-purpose websites you will most likely need extensive customization, which can be covered by commercial plugins and custom feature development. This will have an impact on your budget, but in our experience the WordPress core and plugin ecosystem will cover up to 90% of the development effort.

Will a WordPress Website Be Secure?

To a very important extent your website’s security depends on simple best-practices such as using secure user passwords, proper use of user roles and access levels, and most importantly, making sure you have your WordPress core and plugins updated.

“Security” is an extensive topic, so complex security features are not available out of the box. However, these can be significantly optimized during the development phase of a WordPress website.

Is WordPress Easy to Use?

One of WordPress's key selling points is it’s easy of use. In just a few hours a user can get familiar with the WordPress interface. The abundance of how to's and tutorials available, combined with the intuitive user interface makes WordPress easy to master even for non-technical users who can quickly become proficient in using it.

Is It Possible to Implement International Websites Using WordPress?

Yes, there are multiple WordPress plugins that help you internationalize your website, the most popular one (which we also use) being WPML.

As reference, you can check out two such multi-lingual projects we implemented for Finox Biotech and The Dolder Grand Hotel.

What Do I Need to Look at in Terms of Security?

While security has improved significantly in recent years, there are still a few things to look after in terms of securing your WordPress website. We have built a strong culture around taking care of these aspects for you. Whether it is making sure you will always have your WordPress up to date, applying the latest security fixes or simply educating customers on the importance of security (having strong passwords, employ least privileged principles and more), we are committed to deliver a secure experience for you and your business.

In terms of development, we follow a strict security checklist which among others includes:

  • Disabling the file editor in the dashboard;
  • Disabling any unneeded functionality;
  • Using a custom database prefix for the tables;
  • Never using role names as usernames (such as “admin” for an administrator user);
  • Disabling the XML-RPC endpoint if you do not absolutely need it, and more.

We review and test these aspects during our development process and perform a security audit before delivering a website to any of our customers.

We closely follow the latest security reports and make sure we don’t use modules with a well known history of security issues or which are usually targeted by hackers.

Is a WordPress Website Easy to Hack?

Easy, no. But it can be hacked, depending on a series of factors, among which:

  • How strong are the passwords you are using;
  • What version of WordPress you are using (different vulnerabilities are found and patched in new releases, thus it is important to keep your website up to date);
  • What themes and plugins you are using;
  • What third-party libraries you are embedding on your website;
  • How secure is the server you are hosting your website on.
Are WordPress Core Updates Important?

Yes, especially the minor version updates, which are usually released to fix bugs or address security issues. One of the simplest ways to maximize security for your WordPress website is to always have the latest security patches installed. If we manage your website hosting you do not need to bother with this since we will take care of everything.

Is It Complicated to Update My WordPress?

Updating WordPress can sometimes be cumbersome, especially if this implies updating a large variety of plugins that you use together with WordPress. If you use several well maintained plugins the update should be really simple. However, in case you’re using custom plugins or premium plugins that don’t come with automatic updates you may be better off leaving the update to a WordPress developer.

My WordPress Website Got Hacked. What Do I Need to Do?

First you need to identify the vulnerability that lead to the hack (an SQL query that was not sanitized, a server security issue, a weak password, etc.) and fix it. Second, you need to check for modified files (added files that are not yours) or changes in the database, identify what has been altered and fix it.

To minimize the damage of the hack, we recommended that you have a backup of your website stored locally to make sure you do not compromise your data. You can temporarily switch to the backup site (with limited or restricted functionality) until the vulnerability is analyzed and a security fix is applied.

What Do I Need to Do to Keep My WordPress Website Safe?

You can take several steps to minimize security risks, among which:

  • Update your WordPress and your plugins regularly (though we highly recommend you let us deal with this);
  • Always use strong passwords, especially for administrator users;
  • Always check plugin ratings and relevant user comments before installing a plugin;
  • Never login while using public networks if your website does not have an SSL certificate installed.
Should I Go for a Premium Theme or Am I Better off with a Custom Theme?

In case your needs (or budget) do not call for a custom theme and you are confident you can model your website solely on what a premium theme is offering, you can go for a premium theme. However, you need to be prepared to learn that a lot of things cannot be handled the way you want to, but rather in the way that the theme was designed to handle them.

In case your budget matches your ambitions our advice is to go for a custom theme.

What Are the Pros and Cons of Using Premium Themes?

A premium theme requires no development time, only configurations, but there is a very limited amount of configurations that can be done in terms of design and functionality. Additionally, if you are using a premium theme you may encounter issues when updating it.

What eCommerce Solutions Are There Available for WordPress?

There are multiple eCommerce plugins available for WordPress, but we recommend you use the WooCommerce suite.

How Does WooCommerce Compare to Magento or PrestaShop?

Magento and PrestaShop are stand-alone eCommerce solutions, while the WooCommerce plugin is based on the WordPress CMS and integrates with it directly.

Can I Use WooCommerce for International Online Shops?

Yes you can, while also using WPML or other internalization plugins.

Is WordPress Good for SEO?

Though WordPress is search engine friendly you still need to do some manual SEO work to achieve best results. WordPress as a CMS has nothing to do with SEO.

The SEO tags are displayed in the markup by the theme or by plugins. So standalone WordPress is neither good nor bad for SEO, it depends a lot on how you write your content.

How Can I Improve SEO for My WordPress Website?

You can improve your SEO rank by installing a plugin and by configuring the appropriate titles, search engine friendly URLs, descriptions and meta tags for each page.

There are plenty of plugins available for that, though we recommend that you use the Yoast SEO plugin. It will also analyze your SEO score and give you recommendations on how to improve your page rank.

How Can I Improve Page Speed for My WordPress Website?

You can improve your page speed considerably by:

  • Serving compressed images;
  • Using caching and compression to speed up the page transfer;
  • Concatenating and minimizing your assets;
  • Taking several other optimizations into account, such as: homepage and database optimization, remove unnecessary PHP executions and DB access and more.

Another important factor is the choice of a good host. In case you lack sysadmin experience, opting for a shared hosting solution would be the obvious choice, but you should keep in mind that shared hosting usually accounts for slower website load speed and frequent downtime during high traffic periods. In order to mitigate such issues you can use several plugins meant to increase your overall site load speed performance, such as MaxCDN, W3 Total Cache or WP Fastest Cache.

What Plugins Do You Use Most Often?

Some of the plugins we often use are Advanced Custom Fields, WPML, WooCommerce, Regenerate Thumbnails, Contact Form 7 and Yoast SEO. We also have about a dozen plugins developed in-house, which we use extensively, the latest of which is our DP Image Optimizer plugin.

What Other Plugins Do You Recommend?

Depending on your use case and needs a wide variety of plugins can be recommended.

Besides the ones showcased above, we can also recommend Google Analytics Dashboard for WP if you want to track Google Analytics statistics, Akismet which provides spam protection and CloudFlare to protect yourself against DDoS attacks many more which can cover a wide variety of use cases.

How many plugins should my website use?

We recommend you to use as few plugins as possible. Keeping their number to a minimum will reduce update times and the issues that may appear when two or several plugins generate conflicts.

Furthermore, using fewer plugins will decrease the chances of security threats by reducing the overall attack surface and increase performance by reducing the footprint of your website.

As a rule of thumb, use only the plugins you need to run your website and either deactivate or uninstall the rest.

I’m a Designer. What Do I Need to Consider When Designing a Website?

WordPress as a platform has no limitations over the design itself and is very permissive. You should just keep in mind some common web design principles like sticking to a grid and being consistent in your design.

Are There Any Limitations in Regards to What Fonts I Can Use?

There are no font-related limitations with WordPress, but as a general advice, be consistent and do not use more than 3-4 font families and more than a couple of font sizes.

If you want to get better website load times it’s recommended to serve fonts from your own server, as opposed to loading them from third party platforms may impact your website performance. However, you should note that opening an account on a web foundry will be less expensive as buying the fonts you need to host. We regularly use Google Web Fonts which offer a wide variety of free and open source fonts and fonts.com.

What Data Formats Are Good for Web Design?

You can use any format you desire but there are a couple of dedicated formats that are preferred because of their widespread use in the design of a WordPress website, namely Sketch, Adobe Illustrator and Adobe Photoshop formats.

WordPress is a very versatile platform, but when it comes to design it’s important to use the tools of the trade.

We use. We work.

We take great pride in delivering high quality projects. Seeing the end results is simple enough, but there’s an entire technology stack we rely on throughout the lifetime of each project. These are the tools and technologies that make our work easier: