What Goes into Managing a WordPress Website?

Beyond convenience, an obvious benefit of technology is that it enables us to be more productive and more responsive to customer needs. On the flip side, technology is not only a performance multiplier, but more complex and difficult to manage, and more difficult to defend from the bad guys.

The same is true of websites. Today’s websites rely on hundreds of thousands of lines of programming code, much of it cobbled together from discrete application modules available from third-party sources, which is often necessary to implement all the advanced features companies want. When everything is put together right, companies are happy because their customers are happy. The reason customers are happy is because they are able to find information easily, launch an email or chat session to get their questions answered, order items online in a safe manner, and access private portals to track healthcare, finance and myriad other types of personal accounts.

It would be prohibitively expensive to hire a dedicated team of programmers to build such a website from scratch. That’s why many companies have standardized on WordPress as the means to quickly and economically implement their websites. In fact, over half of websites globally are built with this content management system. The resulting websites are visually stunning, feature-rich and highly functional.

This does not mean, however, that a WordPress site can operate in “set-and-forget” mode. Once a website is launched, there is a lot of behind-the-scenes work that goes into keeping it secure and functional. This responsibility falls to the webmaster, and if he or she is doing the job right, it looks to the client like nothing at all is happening; after all, the website has never crashed, been defaced, or suffered catastrophic loss. When things are going this well, the client may even come to believe that the continued services of a webmaster are unnecessary and that quite a lot of money can be saved by doing without one.

So what are webmasters doing below the surface to make it seem that their services are not essential?

Much of the time of webmasters is consumed in keeping client websites safe from hackers. For starters, the WordPress platform, themes and plugins must be continually updated as patched versions become available. These updates can be set to occur automatically, but if something goes wrong – such as an incompatibility between plugins or plugins that require a newer version of WordPress – the webmaster has to sort things out to restore the website to proper operation.

Many themes and plugins must be licensed, so the webmaster has to track renewals to prevent critical website functionality from being suspended. Even auto-renewals may experience problems with expired credit cards, forcing the webmaster to interface with the client to update payment information.

Beyond performing requested content updates, here are a few other webmaster responsibilities that often go unappreciated in the grand scheme of things, but which are absolutely essential for protecting the security and performance of client websites:

  • PHP, the underlying programming language of WordPress, must be updated to the latest version. Doing so may break elements of the website, which must be fixed; but failure to do so may leave the website exposed to security vulnerabilities and may prevent some plugins from operating properly.
  • Once optional, but now mandatory, SSL certificates can be difficult to implement and renew. Failure to get this right can break various elements of a website, such as an online store, and discourage visitors from entering the website, particularly after an ominous message is displayed warning of potential risk.
  • Scanning the website for security vulnerabilities is important for preserving the integrity of the website. Such scanning can be scheduled to occur automatically at regular intervals, but if a problem surfaces the webmaster must track down and eliminate the malicious code without triggering additional problems, which also must be fixed.
  • Full website backups, including databases, must be performed on a regular basis to prevent catastrophic loss of the website. Backups can be set to occur at specified intervals. However, it is a best practice to manually initiate a backup right after a successful upgrade of WordPress and critical plugins.
  • The webmaster must deal with DNS records to enable the website and certain applications to work properly, such as email and VoIP.
  • Often a host provider undergoes changes that could inadvertently diminish website performance or the quality of customer service. The webmaster must provide the client with hosting alternatives and then implement the approved migration.

Like any useful technology, today’s websites require continual maintenance and fine tuning. A lot of this has to do with the nature of the threat environment that forces webmasters to devote much of their time to preventing problems and also fixing problems. To the client all of this happens out of view. And that’s the result of having an excellent webmaster who understands and appreciates technology’s double-edged sword.


Everything you need. More than you expect.
703-407-4363
[email protected]