Skip to content

7 mistakes made frequently with WordPress websites

Written on August 31, 2023 at 5:32 pm


This is a short list of some common mistakes I’ve seen made with WordPress websites. Working with an experienced WordPress website developer can help you avoid these problems when building or planning your new WordPress website.

1. Editing the theme file, instead of using a child theme

When using a pre-built theme, you want to make changes to the website in a way that will allow you to update the theme later on. WordPress has a built-in way to do this called Child themes. If you put your theme changes in a child theme, they won’t be overwritten when you need to update your Parent theme later on, and you can continue to receive security updates and bug fixes from the developer.

2. Using cheap web hosting

Don't settle for cheap web hosting.

When you’re planning to build your website, you may be tempted by the cheap hosting plans offered by companies like GoDaddy, which currently start at around $4.99 US per month. The main problems with cheap hosting is slow page loading (including in the WP admin), security problems (website hacked), and terrible customer service.

It can be challenging for inexperienced WordPress users to choose the correct hosting plan, because web hosts are not always transparent about what the plan includes. For example, shared hosting companies rarely display how much CPU is allotted for each plan, and this is important for determining your website’s performance.

There are now also many companies offering “Managed WordPress” plans, but clearly a $6 managed WordPress hosting plan is not providing the same services and level of support as a $20 plan.

Recommended Hosting Plans:

For regular WP users:

For advanced users:

3. Using too many plugins

If a WordPress website is built correctly, you shouldn’t need too many plugins to keep it running smoothly. The plugins that you add could potentially be adding code to the front end of your site that will increase load times. Sometimes I see users add a number of different plugins that do the same thing, and then they don’t uninstall the old ones. Then it becomes confusing as to which one is really in use.

I recommend occasionally having a professional audit the plugins that you have installed to check the following:

  • Is it still in use?
  • Are there other plugins installed that already do the same thing?
  • Is the plugin still listed on the WP directory, or has it been removed due to lack of support?
  • Could you do the same thing with a few lines of code, or with a default WP feature?

4. Not testing the design for phones and tablets

Design and test your website for smart phones and tablets.

In spite of the popularity of smart phones, responsive web design is often overlooked by novice WordPress designers, and website administrators. It’s important to design and test websites for all popular screen sizes. And, when adding new content to the website, to test again to ensure that everything still looks great.

5. Not backing up the website

Does your WordPress website have backups? What will you do if your website is hacked, or if you accidentally break something and can’t get things back to the way they were? Having backups of your site can save you hours of work. If you choose one of the managed WordPress plans mentioned above, they should include managed backups. But even if you have an affordable hosting plan, you can still back up the site with a plugin. My favourite free backup plugin is Updraft Plus.

6. Not securing your website against hackers

Protect your WordPress website against hackers

WordPress on its own is a secure platform. It receives security updates on a regular basis from their development team. But WordPress plugins and themes are built by independent developers, which means it’s up to them to keep their plugins up to date. That’s why it’s important to install plugins and themes from reliable development teams, and to keep them up to date on your site. There are also additional things you can do to improve security on your WordPress site:

  1. Choose a good hosting plan with security features, such as a firewall, CDN, and backups
  2. Use a login security plugin
  3. If you’re on a basic hosting plan, use a security plugin such as WordFence, which includes a malware scan and a firewall. It will also notify you if a plugin has been removed from the WordPress directory.
  4. Remove unnecessary themes and plugins from the website.
  5. Allow WordPress to receive minor updates automatically (security and bug fixes).
  6. Use a strong password. Don’t use a password related to your website name or information that’s publicly available on the website.
  7. Hire us to complete a security checklist on your website, which includes checking all of the above, as well as WordPress hardening.

7. Getting and confused

If this has happened to you, it isn’t your fault. It’s confusing that there are two platforms with the same name. How should you choose between the two?

  • is a paid CMS with a free plan that allows you to create a basic website with limited ability to customize. Premium plans do allow additional customization with plugins and themes. A site is hosted on
  • is an open source (free) CMS that you install on a web hosting plan. allows for greater customization at a lower monthly fee.

Get professional help for your WordPress website

Hiring an experienced WordPress developer can help prevent making mistakes such as these or help you repair an existing website. Looking for help with your WordPress website? Get in touch today for a custom estimate.