The Most Common WordPress Mistakes of 2024

The Most Common WordPress Mistakes of 2024

Sometimes businesses setting up their WordPress websites are so focused on aligning text, images, and colors with their brand guidelines that they can be left unprepared for errors that can affect the site’s functionality. In this guide, we’ll take a closer look at some common WordPress mistakes. Being able to identify and fix these mistakes will ensure not only that you have a well-designed site optimized for user experience, but that it can be launched on time.

Here is a list of some of the most common WordPress mistakes. Click on any link to jump to the solution.

  1. Not backing up WordPress
  2. Using a non-mobile-friendly theme
  3. Choosing a cheap WordPress host
  4. Using too many plugins
  5. Not updating plugins
  6. Deleting WordPress database
  7. Not updating your WordPress core
  8. Updating your WordPress at the wrong times
  9. Not using a child theme
  10. Not uninstalling unused plugins
  11. Not compressing images
  12. Not understanding basic SEO
  13. Not installing Google Analytics
  14. Testing your changes on a live site
  15. Changing permalink structure and not 301ing
  16. Giving users admin privileges (do not do)
  17. Blocking search engines (no indexing)
  18. Forgetting about WP caching
  19. Using “Admin” as your user account name
  20. Leaving comments open
  21. Not understanding categories vs. tags
  22. Not uploading a favicon

1. Not backing up WordPress

WordPress users who don’t backup their data are susceptible to losing it. Anything online can be lost due to human mistakes, theft, hacking attempts, and other situations. Data loss can render your site unusable, and if you don’t have backups, recovering your website data could be an impossible task.

When website data can’t be recovered, it means you permanently lose all of your valuable content. You’ll have to start over—not just with producing content, but also with building traffic and domain authority.

Don’t worry—the solution to this problem is simply setting up automated backups. There are several WordPress backup plugins you can choose from. Popular plugins include BackupBuddy, UpdraftPlus, and BackWPup.

Check that the backup plugin you install allows for automatic backups and make sure you store your backup files on a remote location and not on the web hosting server. Keeping your backups on the server means they’re also gone if you lose your website data. Instead, store your backups using a cloud storage service like Dropbox, Microsoft OneDrive, or Box. Most plugins also allow for storing your backups in a remote location automatically.

2. Using a non-mobile-friendly theme

A non-mobile-friendly theme refers to one that does not modify to easily work while someone is browsing your site on a tablet or mobile device. If your website isn’t responsive to most browsers and screen sizes, you could lose the web traffic that comes from mobile devices. It’s unlikely these visitors will try to view your website from another device if they didn’t have a good experience the first time.

Luckily, most WordPress themes are mobile friendly. Google also offers a quick and easy tool to conduct a “mobile-friendly test” with your URL. Since it’s your website, be sure to test that it responds well to mobile screens. Also, check for outdated plugins or bad code breaks, as these can affect the responsiveness of your website.

3. Choosing a cheap WordPress host

There are ways to save money when building a WordPress website, but choosing free or cheap WordPress hosts isn’t always one of them, as they may not offer the same security and features as pricier web hosting servers.

When choosing a website hosting provider, consider the features that are important to you, such as technical support, security, load times, and automatic backups. Do your research and compare providers before setting up your WordPress website.

As discussed, automatic backups are important so you don’t lose your website data. WordPress security and technical support are also critical since you don’t want to lose your website to hackers or your own mistakes.

Also, pay attention to load times because this can affect your web traffic, and many visitors will abandon a website if it doesn’t load quickly. There are many web hosts on the market, so take time to review different web hosting companies to choose the best options for your needs.

4. Using too many plugins

WordPress plugins are important in maintaining your website. They offer many different solutions ranging from security plugins to contact form plugins. While plugins can prove to be very effective in running your site, using too many can lead to a variety of problems, including security breaches, website crashes, and slow loading speeds.

To avoid these problems, it’s recommended that you only install the plugins you absolutely need. Although there is no set rule on what the ideal number of plugins is, a good rule of thumb is to only install reputable ones that bring the most benefits to you and your website visitors. Here are some criteria you can use to verify a plugin:

  • Check for the last plugin update. If the last update was over a year ago, it’s outdated, so don’t install it. Look for plugins that are updated weekly or at least monthly.
  • Check for the total number of downloads and read the reviews. Most of the time, you can find reputable plugins with thousands of downloads and at least four stars.
  • Check the “Support” tab for each plugin description. You’ll need support if any issues arise with the plugin. If the tab doesn’t take you to a forum or support page, don’t download the plugin.

5. Not updating plugins

Outdated plugins can cause a variety of problems. From site crashes to slow website speed, corrupt plugins can also compromise your site’s security. Developers release regular updates that contain codes to fix holes in a plugin’s security. This is why it’s a good idea to update plugins as soon as they’re released. You can find these under the “Updates” section of your dashboard. You should also review whether or not a particular plugin can be set to automatically update.

6. Deleting your WordPress database

Your WordPress database contains all of your content and settings, plus comments, links, and posts that visitors made on your website or blog. Although there are some instances where it might make sense to delete your database, don’t delete your WordPress database without verifying that you have everything backed up. This is incredibly important if you accidentally delete your database, because you can then recover your information from your most recent backup.

To restore your deleted database from a backup copy, you can use the phpMyAdmin program from your web hosting server. If this is beyond your capabilities, contact tech support. They should be able to walk you through how to restore your database successfully.

7. Not updating your WordPress core

WordPress core is a term that refers to all the files that you download from to run your WordPress website. These files allow you to access the admin dashboard, manage users, upload media files, delete content, add tags and categories, and much more.

WordPress will send core updates to ensure that WordPress sites continue to function properly. WordPress core updates deal with new security threats and functionality issues, and they can also include exciting new features.

You can update the core files from your dashboard. When a new version is out, you’ll see a “new version” banner link at the top of your admin area. Click on the “Update Now” button and you’re all set.

8. Updating your WordPress at the wrong times

Remember that updates are released to fix security issues reported by other users. You should update to the latest version of WordPress as soon as you see one pop up. When you wait too long to update, you can leave your site vulnerable to the security issues the update was supposed to fix. This can lead to bigger problems, like getting hacked and losing your website or getting your information stolen.

Regularly check your dashboard for WordPress updates. You’ll typically see a “new version” banner when one is available.

9. Not using a child theme

A child theme is a sub-theme of a larger parent theme that inherits all of the functionality, features, and style of the related parent theme. When a child theme is used, it allows you to customize a parent theme without touching any core files.

The problem with using a parent theme is that if you make any modifications to the theme, everything will be lost once the theme is updated by the developer. To avoid losing any customizations, be sure your site uses a child theme.

You can choose to use a parent theme with an existing child theme or you can create your own. Here are the steps for creating a child theme in WordPress:

  • Create a child theme folder. Go to the File Manager in the control panel of your WordPress hosting provider. Click the public_html folder and then click the wp-content folder. Find the folder labeled “themes.” Then click +Folder from the toolbar at the top of the screen. Name this folder using the parent theme’s name and add “-child” to the end. For instance, if you have a Twenty Twenty One theme, you’ll name this folder, “twentytwentyone-child.”
  • Create a stylesheet for your child theme. Inside your child theme folder, create a stylesheet file named style.css. Copy and paste this code and change the values accordingly.
  • Enqueue the parent and child theme stylesheets. Create another file in your child theme’s directory. Name it “functions.php” and add the code.
  • Activate the child theme. Visit your website and access Appearance > Theme and activate the child theme you just made.

10. Not uninstalling unused plugins

As we mentioned previously, having too many unused plugins can cause site crashes, security breaches, and slow load times—all of which can expose your website and your data to theft or permanent loss.

You can check which plugins are being used manually or use a plugin like Plugin Activation Status that will provide you with two lists: those plugins that are active somewhere and those that are currently not being used.

Once you identify which plugins aren’t being used, simply go to the plugins tab on your WordPress dashboard and delete or deactivate any plugins that are not being used.

11. Not compressing images

Images make content more engaging, but the larger file size means that it can take longer to load. Slow site loads can affect user experience and you can possibly lose traffic. If your bounce rate—the percentage of users who leave your site immediately—is high, search engines like Google will categorize your site as malicious or spammy. This categorization can lower your domain authority and ranking.

When you compress your images, you essentially make the file size smaller to optimize your load time. To optimize your images for WordPress, use Photoshop or another editing software to compress your photos before uploading them to the website. Another solution is to install an image compression plugin. This plugin will optimize images automatically. Popular plugins in this category include EWWW Image Optimizer, Optimole, and ShortPixel Image Optimizer.

12. Not understanding basic SEO

Whether you’re a blogger building a WordPress website for personal use or a business owner creating a site to expand your e-commerce capabilities, you should start by understanding the basics of search engine optimization (SEO). Knowing SEO best practices helps you optimize your website for search engines like Google. When Google is able to find your site, it can then show it to people who are looking for the products you sell or the content you produce.

There are many tutorials and posts online to get you started with SEO best practices. If you’re a WordPress beginner, some basics you’ll want to familiarize yourself with include:

  • Optimizing on-page SEO, including URLs, title tags, and meta descriptions
  • Building an effective backlink portfolio
  • Effective keyword research
  • Using the Yoast SEO plugin for additional SEO features
  • Understanding how search engines index your website

13. Not installing Google Analytics

It’s important to start gathering information about your website as soon as possible. If you know where your customers are coming from, how long they’re staying on your website, and what they’re looking at, then you can modify your SEO and marketing strategies to give them more of what they want.

Google Analytics is a popular tool you can use to collect and analyze data. With Google Analytics, you can:

  • See who is visiting your website and how they’re finding it
  • Track what people are doing on your website
  • Find the most visited pages on your website
  • Track conversions

To install Google Analytics, set up an account and add your website as a property. Then, add the tracking code provided to the pages on your website.

14. Testing your changes on a live site

Although you can customize and update your live site, it’s not best practice. If you make a mistake or type the wrong code, you can crash your site, for instance. Most developers use a staging site that replicates a live website, and they test any changes here before pushing it live on an actual site. Testing on a staging site allows you to experiment without worrying that you’ll lose content.

For instance, if you want to make changes to your navigation bar, you’ll want to test out the new feature on a developer site. This way, you can work out any bugs before pushing it live.

One way to create a staging site for WordPress is to use a staging plugin like WP Staging. You can also hire a developer.

15. Changing the permalink structure and not 301ing

A permalink is the part of a web address that follows your domain name. For instance, let’s say you’re a wedding photographer and dedicate a page on your site to headshots. Your URL could be The domain name is and the permalink is headshot-packages.

Google and other search engines crawl and index your website for content relevancy, and sometimes these permalinks might have dates in them from when you originally published the page. If the content is still relevant, however, you’d want to consider changing the permalink to something more evergreen. WordPress allows you to easily change a permalink by going to Settings > Permalink and selecting the style you want.

If you want to change several pages to a new permalink structure, you’ll also need to set up a 301 redirect. This is because any old links, whether on your site or elsewhere, are now broken, and any content that is indexed by search engines with the old structure is also incorrect.

There are several plugins that can help you do this. They’ll guide any old permalinks to the new permalink structure you chose.

16. Giving users admin privileges (do not do this)

Admin privileges allow you to add new posts, edit posts by any users, and delete posts. As an admin, you can also install, edit, and delete plugins and themes. It gives you complete control of the website. This is why the admin role is typically reserved for site owners or developers.

We all make mistakes, and the last thing you want is someone unknowingly deleting entire pages on your site. To avoid this, WordPress offers different levels of access to your site. Administrators, for instance, have complete access to your site while an author is someone who can publish and manage their own posts. Blogging sites, for example, typically offer author access to multiple contributors if they’re publishing at a high volume.

17. Blocking search engines (no indexing)

WordPress gives you an option to “discourage search engines from indexing pages.” This is a helpful feature when you’re still setting up your website and don’t want visitors to see an unfinished site. However, when your site is ready for visitors, don’t forget to untick the box.

Turning that setting off means Google and other search engines can now crawl, index, and rank your website. To make sure your website can be indexed, go to “Settings” and click on “Reading.” Make sure the “Search Engine Visibility” option isn’t checked. If it’s checked, untick it and save the changes.

18. Forgetting about WP caching

Web browsers maintain their own cache. A cache refers to a static file stored from a website you visit; when you visit the site again, it will load that much faster because part of it is already stored within your browser. An example most of us use regularly is website logins. If you allow a site to store your login, this becomes cached, which means the site will load much more quickly for you the next time you visit because it’s stored.

When you don’t use caching, your website is not optimized to load faster and the end result is that you’ll lose the visitors who can’t wait for your website to load. WordPress offers many caching plugins to optimize your page load times. These plugins create and store duplicate content of your most visited posts and pages for visitors, which reduces future load times when they visit your site again.

19. Using “Admin” as your user account name

Using the default “Admin” as your user account name for your WordPress login can be a security risk. “Admin” can be easily guessed, and it leaves your website data at the mercy of hackers. Your username should not be easy to guess. Don’t use the same as your published name, an email, or something that someone can figure out easily.

If you still have “Admin” as a username, fix it now. Create a new administrator account in your WordPress dashboard. Go to “Users” and select “Add new.” Create a new user and ensure that the role of the new user is set to administrator. Log out of your account. Log in again under your new administrator account. Delete the old “Admin” account under “Users.” Use your new administrator account to log in from now on.

20. Leaving comments open

Deciding whether to leave comments open on your WordPress site is something you should decide early on. If you do have a blogging aspect to your site, you’ll likely want some comments. However, open comments without any restrictions can quickly lead to spam comments, and then suddenly you have content that doesn’t look authoritative. The same spam posts can affect your SEO ranking because search engines might index them as part of your website. Since these posts aren’t relevant to your content and audience, your ranking may decrease. Also, spam posts and generic comments can take up space in your database.

There are a few ways to limit comments on your WordPress site. For instance, you can go to the “Discussion” section of your post and make sure “Allow Comments” isn’t clicked. There are also multiple plugins available that can help you limit comments based on what makes the most sense across your site.

21. Not understanding categories vs. tags

WordPress offers two ways to organize your content: Through categories and tags. Categories are very broad topics and every WordPress post you produce has to be “categorized.” Tags, on the other hand, are much more specific, and not every post needs to have them. For instance, if you run a marketing agency, one category might be “case studies” while tags include specific industries you serve (e.g., hospitality, finance, and real estate).

On WordPress, if you don’t assign categories to your posts, they’ll end up in the default setting “Uncategorized.” Aside from the fact that your readers will have a hard time looking for content most useful to them, this can also affect your SEO ranking. If you don't use categories and tags, you’re not giving Google additional information to help it understand your content.

22. Not uploading a favicon

A favicon is a small icon that identifies your site when it’s opened in a tab. If you look at the tab at the top of this page, for instance, you’ll see a green circle with “UP” in it for Upwork. Most WordPress themes come with a default favicon; before you publish your site, make sure you replace it with your own favicon. A unique favicon separates your website from all other sites.

Using your company logo as a favicon is an excellent way to display your brand and it enforces brand consistency across platforms. If you don’t have a business logo, you can easily connect with a professional on Upwork to get a logo design at a flat rate.

To change your favicon, go to your WordPress admin dashboard. Go to “Appearance” and then “Customize,” and click on the “Site Identity” tab. Find the option to set your site icon and upload your logo.

Next steps

Nowadays, you can build a website without knowing how to code. But even though there are easy-to-upload themes and templates for customizable websites, there’s a lot that goes into website development.

There are many things to consider from start to finish. That’s why it’s sometimes better to let a professional handle it. Use Upwork to connect with talented professionals from all over the world. Search for a skilled WordPress developer to help you with your website and avoid these mistakes.

Upwork is not affiliated with and does not sponsor or endorse any of the tools or services discussed in this section. These tools and services are provided only as potential options, and each reader and company should take the time needed to adequately analyze and determine the tools or services that would best fit their specific needs and situation.


Projects related to this article:
No items found.

Author spotlight

The Most Common WordPress Mistakes of 2024
The Upwork Team

Upwork is the world’s work marketplace that connects businesses with independent talent from across the globe. We serve everyone from one-person startups to large Fortune 100 enterprises, with a powerful, trust-driven platform that enables companies and freelancers to work together in new ways that unlock their potential.

Get this article as a PDF

For easy printing, reading, and sharing.

Download PDF

Latest articles

X Icon