These days, anyone can build a website. With platforms like Wix and Squarespace, you can set up a site and start promoting your business within a matter of hours.
Even WordPress, Shopify, and Webflow — although harder to use than Wix or Squarespace — are easy to learn if you have the time.
But building a website is only half the battle. If you want a secure, dependable site that gets a lot of traffic, you have to manage it properly.
Similar to a car, you need to maintain your website even when it’s working right, because — just like a car — it’s a pain in the ass when it breaks down.
In this guide, I’m going to share a handful of crucial website management tasks that should be on your to-do list. There are things you should do every week, things you should do every month, and a few you only have to do once a year.
Weekly Website Management Tasks
1. Create a Backup of Your Site
Of all the steps I’m going to share, this might be the most important:
Back. Up. Your. Website.
As a business owner, you can’t afford to deal with the hassle that comes with losing a website. It will not only lead to a loss of traffic and potential revenue, but you’ll also have to put time and money into getting it back online.
Aside from protecting your data, backing up your website also provides a way to:
Fix Your Mistakes
Even WordPress pros make mistakes. A backup is like a time machine that takes you back to the time before you messed up.
Reverse Update-Related Issues
It’s a bummer, but some plugin updates come with bugs. A backup allows you to restore your site to its previous, bug-free version.
Easily Migrate to a New Web Host
If you ever decide to switch to a new hosting service, you’ll have a full copy of your site ready to go. It’ll only take a few hours to do a full website migration.
We use BackupBuddy, a WordPress app that transfers data directly to your chosen off-site storage destination. It’s compatible with Google Drive, Dropbox, Amazon S3, and a number of other storage hosts.
2. Generate a Security Report
No one thinks that they can get hacked until it happens to them. But the reality is that around 30,000 websites are hacked every day, so there’s actually a good chance of it happening to you.
And the results of a hack can be disastrous. According to research from Sucuri, a website security and protection platform, hacked websites lose around 98% of their traffic. (At that point, you might as well not even have a website.)
As a business owner, the last thing you want to do is leave your client data exposed to threats. If you suffer a breach and your client data makes it into someone else’s hands, it can lead to fines, lawsuits, and a ruined reputation.
How to Generate a Website Security Report
There are plenty of tools out there that can scan your site for vulnerabilities, including:
Each of these solutions looks for malware, injected spam, and other intrusions. They’ll score your site and return a “threat score” that tells you how safe and healthy your site is.
If you use WordPress as your content management system, I’d recommend installing the iThemes plugin, which is what we do. It keeps a constant eye out for threats and notifies you if anything ever looks suspicious.
One great feature of iThemes (this isn’t a sponsored post, I promise, it’s just a great product) is that it allows you to hide your login page, which is where hackers enter. This helps to prevent brute force attacks from malicious scripts, limiting potential hacks.
3. Monitor Your Site’s Uptime and Tracking Scripts
According to Hosting Facts, the average site is down for six hours a year due to problems with its host provider. Even if you subscribe to a web host that promises 99.9% Uptime!, like many of them do, it’s bound to go down every once in a while.
The problem, however, is when it extends beyond those six hours. When your site is down for a few hours every month, or a few hours every week, it becomes a bigger issue.
A downed site will affect your SEO, credibility, and profits.
Search engines take note when a site is down a lot. They don’t want to link their uses to inaccessible sites, so you’ll drop down the search rankings.
Would you buy something from a company if their site was down every time you tried to visit? You’ll get away with it once or twice, but eventually, people will move on and look somewhere else.
In 2019, Amazon suffered a 13-minute downtime episode that cost them more than $2.6 million. Even if you’re not doing Bezos-level business, it’s going to cut into your bottom line, so take steps to prevent it from happening.
How to Monitor Your Site’s Uptime and Downtime
One of the side projects we’ve been building is an app called InTrack, which monitors your site and notifies you via Slack and email when it goes down.
Not to pat ourselves on the back too much here, but InTrack differs from similar apps in that it also monitors the uptime of your tracking scripts.
So if you use tools like:
- Google Analytics
- HubSpot’s Tracking Pixel
- Google Ads
- Facebook Pixel
- Google Tag Manager
It’ll monitor those too! That way, you won’t lose out on valuable tracking data if your scripts stop firing.
What to Do if You Have High Downtime
Websites go down for a number of reasons, and it’s not always your host’s fault. It could be a coding issue or the effect of a cyber attack.
It could even be the result of a viral blog post that’s driving too much traffic to your site (which isn’t the worst thing in the world but still sucks).
Whatever the case, you’ll have to identify the problem so you can repair it. This may involve:
- Deleting plugins
- Changing web hosts
- Eliminating malware
4. Update All Plugins
WordPress is a plugin-driven content management system. The variety of plugin options allow you to build sites that look and work exactly the way you want them to.
While that’s a huge benefit, plugins add a whole slew of tasks to your to-do list.
The most important task is to update them as new versions become available. Developers work hard to improve their plugins and fix the bugs, and when they update their version, you should update yours too.
This not only makes your site function better, but it can also improve your security. When they’re working on plugin improvements, developers look for vulnerabilities in the existing version. They patch up these holes to ensure that your site is safe from intruders.
According to research from WPBeginner, 86% of WordPress hacks happen due to outdated plugins and themes, which is why you need to update at least once a week.
How to Update WordPress Plugins
If you haven’t backed up your site yet, do that before you update anything. Plugin updates can be buggy, so it’s good to have a site copy in case you need to go back in time.
Then, you can either:
- Click the Updates button on your Dashboard (the one on the left with the little orange circle next to it) and follow the instructions there.
- Manually update WordPress through a File Transfer Protocol (FTP). That’s a whole process I won’t get into now, but you can find instructions here.
5. Uninstall Useless Plugins
Not all plugins are necessary for your business. And if you don’t need them, you should get rid of them.
Plugins with prebuilt themes are great if you use them. But if you don’t, why waste your storage space? That’s like filling an already small closet with a bunch of clothes you don’t even wear.
Too many plugins can lead to database bloat, which causes slow loading speeds. And, as we discussed, outdated plugins are points of vulnerability. The more you have, the more opportunities hackers have to break into your site.
You can seal up those doors by removing all of the plugins you don’t use.
So, go through your plugins and ask yourself these questions about each one:
- Do I use this?
- Do I even know what it does?
- Am I just keeping it around because I’ve been telling myself I’m going to use it?
- Do I use all (or at least most) of the features this offers?
- Does the developer even make updates for it anymore?
If you answer no to any or all of these questions, do yourself a favor and delete it. You’ll have a safer, faster site.
Monthly Website Management Tasks
6. Check Site Speed
Who remembers the days of dial-up internet, when it took ten minutes to get online and no less than 90 seconds for a website to load? (raises hand).
Today’s customers can’t imagine having that kind of patience. Even those of us who were around during the time of AOL (R.I.P) would be furious if a site took that long to load.
In fact, a lot of customers just won’t stand for it. According to research from Kissmetrics, 47% of users will leave a site if it doesn’t load in less than two seconds.
A high bounce rate can lead to less user engagement, and can also affect your SEO ranking.
So, you should take steps to ensure that your site loads as fast as possible.
We use Pingdom to monitor our site speed. This tool lets you know how fast your site loads. If it’s slow, Pingdom shows you why.
Here are a few reasons why your site might be slow (along with tips on how to fix them):
This is the most common cause of slow loading time. You should compress all of your images with TinyPNG or another loss-free compression tool.
Too Many HTTP Requests
Are you someone with a do-it-yourself attitude who likes to get under the hood and mess with your site code? If so, make sure your code is as clean as possible. Minify everything to ensure your site runs as fast as possible.
Too Many Ads
Ad banners are a great way to make money, especially if you run an online business or e-commerce site, but be careful not to have too many. They’ll only slow your site down.
7. Test Your Site on Different Browsers
Don’t assume that everyone uses the same browser as you. Even if your site works fine in Google Chrome, that doesn’t mean it works on Firefox, Safari, or Internet Explorer.
There are dozens of web browsers out there, and it’s important that your site works equally well on all of them.
Otherwise, you’ll run the risk of losing visitors (and potential customers).
When testing your site on multiple browsers, you pretty much have two options:
- Download each browser and test them separately
- Use a cross-platform testing service like Browserling or Browsershots to test them all at once
As you might imagine, the second option is much better. You’ll have to pay a few bucks to use these services, but it’ll save you a lot of time.
Test Your Site on Mobile Devices
Don’t forget to test your site’s mobile compatibility. Mobile traffic accounts for more than 50% of all internet traffic, so if your site doesn’t work on smartphones, you’ll lose a big portion of your audience.
Plus, mobile optimization is increasingly important for SEO. So if you want your site to rank high in the SERPS, you must make your site mobile-friendly.
If you already use Google Search Console to track your analytics, you can use it to test the mobile-friendliness of your page. Just enter your URL into the input box and click Test URL. It’ll let you know what you need to do to improve your site for mobile users!
8. Test Your Website Forms
Most websites have at least a few forms. You might have a mailing list signup form, for example, or an inquiry form.
At least once a month, you should test all of your forms to make sure that they’re working as intended. If you don’t, you could lose out on whatever type of information your form is designed to collect.
Here’s how to test your web forms:
1. Fill out the form.
Pretend that you’re an outside user and enter your information into the appropriate box.
2. Check for an error response.
What happens if you fill out the form incorrectly?
Does an error message pop up (like it’s supposed to)?
3. Make sure you get a confirmation page/email.
If the form is filled out correctly, make sure you receive the page or email that you want your visitors to receive.
4. Check form entries.
Go to the Form Entries section of your WordPress Dashboard and make sure that successful forms are showing up.
5. Test Third-Party Integrations
If you use a CRM like Salesforce to manage form submissions, check that the process is working right.
Also, if you run an e-commerce business and use a payment processing tool to collect money through your site, make sure that your payment forms are working as intended.
For a more in-depth guide to testing form submissions, check out this resource from WiredImpact.
9. Audit Metrics in Google Analytics
Google Analytics is a valuable tool that allows you to measure your site’s performance. It tracks a variety of metrics to tell you things like:
- How many people visit your site
- Their age, gender, and location
- How they arrive at your site (search engines, social, etc.)
- How long they stay on the site
- Whether or not they convert into buyers
This information can help you improve your internet marketing strategy. Even if you don’t sell things directly through your site, it’s a useful tool for any business.
If nothing else, you should at least check these two metrics every month:
Bounce rate measures the number of people who leave your site without browsing past the entrance page.
In other words, if someone arrives at your home page and looks around for three or four seconds without clicking any links, then Google considers them a “bounced” visitor.
The average bounce rate is actually kind of high, around 41%-51%. If yours is higher than that, then you might have a problem.
It gives Google the impression that your site is low-quality, which affects your search rankings.
It means that people aren’t engaging with your content, which means your website isn’t an effective marketing tool.
So what can you do about it?
Well, there are a number of things you might try:
- Provide high-quality content to keep people engaged
- Make your site easier to navigate
- Speed up your loading times
- Eliminate pop-ups
There are five main types of web traffic:
- Direct traffic – People who type your domain into their web browser.
- Referral traffic – People who click a link on another website to get to your site.
- Social traffic – People who click a link on social media to get to your site.
- Organic traffic – People who find your site through a search engine.
- Email traffic – People who reach your site from email marketing campaigns.
Each type of traffic is important. Ideally, you should have a mix of all of them, but organic traffic is one that deserves extra-special attention.
Search-generated clicks are targeted, which means that your visitor was looking for information about a certain topic when they clicked your link. It means that your page is likely ranking, or showing up toward the top of the search results for certain queries.
Organic traffic also reflects authority and expertise. People trust the sites at the top of the search results far more than the ones 10 or 20 pages down. If you can get every page (or even a few of them) to rank for certain keywords and queries, you’ll gain a reputation for being an authority in your industry.
How to Check Organic Traffic in Google Analytics
1. In Google Analytics, click the Reporting page at the top of your main dashboard.
2. On the left side of the interface, click Acquisition -> Overview.
3. You’ll see a pie chart that breaks down your traffic by channel (Organic Search, Direct, Paid Search, etc.)
Google Analytics is a very comprehensive tool. You can adjust the date (in the top right corner of the interface to see the metrics for specific time periods.
If your organic traffic is too low for your liking, it’s time to think about search engine optimization. Learn how a content marketing strategy can increase your organic traffic.
10. Delete or De-Index Unnecessary Pages
It might seem like having more pages is better for your website. I mean, that creates more doors for people to enter through, right?
Well, kind of …
In theory, you’d think that having more pages gives you a higher SEO value. But actually, search engines look down on sites with a lot of low-quality, no-traffic pages. They call this “index bloat.”
Plus, excessive pages slow down your site, which makes your site a pain to use and can also hurt your search ranking. Deleting them can increase your organic traffic, even if that means there are fewer entry points on your site.
You probably have more pages on your site than you think. A few often-overlooked page types include:
- Duplicate pages
- Search results pages
- WordPress tag pages
- Useless landing pages (with few words and fewer visitors)
Even if there aren’t any links on your site to these pages, they still exist. They’re slowing down your site and — if Google or another engine is indexing them — they could be hurting your traffic.
Yearly Website Management Tasks
11. Renew SSL Certificates
Have you ever noticed that some websites have the letters HTTPS in front of their domain name while others simply have HTTP?
And what about that little lock that pops up in the address bar for some sites? Have you ever seen sites that don’t have it?
Well, that little lock, and the S at the end of HTTP, are the markers of a site with an SSL certificate. An SSL, or “Secure Sockets Layer,” certificate tells visitors that their data is safe on your site. It shows them that their credit card numbers, login credentials, and payment info are unlikely to be stolen by hackers.
If you don’t have one, the address bar tells visitors that your site isn’t secure, which makes it a little less trustworthy.
But that’s not the only reason you need one:
Since 2014, Google has used SSL as a ranking signal, which means it can affect your SEO.
If you run an online store, you probably already have one, as most payment processors require you to be SSL certified before they let you accept payments. But if you don’t, you should get one.
And as part of your website management plan, you should make a point to renew it every year. Even better, set it up for auto-renewal, so that you never go a day without a 100% secure site.
Every website should have these three components.
They offer legal protection for:
- Your business
- Your website content
Every year, you should take some time to update all three of them.
Your site should feature a copyright on the footer of every page, like this:
Having this on your site protects your site from digital thieves who try to steal your content. (It happens all the time and can result in your site being taken down, so be careful!)
Once you copyright your website, be sure to update it every year, as close to New Year’s Day as possible.
An up to date copyright shows visitors that you’re:
- Committed to quality
I mean, imagine browsing to the bottom of someone’s website, only to find that they haven’t updated their copyright since 2011? Would that feel like a relevant or trustworthy company to you?
Your policy should outline:
- The type of data you collect
- Why you’re collecting data
- What you’re going to do with it
- Which third parties you share it with (if any)
- How you keep their data safe
Of course, laws change over time. In 2020, for example, California passed the California Consumer Protection Act, or CCPA. Among other things, this act grants California residents the right to sue companies that collect or steal their information without authorization.
We use iubenda, an attorney-grade solution to update our policy each year, but there are a handful of similar services out there. RocketLawyer, Termly.io, and TermsFeed can all generate a compliant and up-to-date policy for your site.
Terms & Conditions
It tells your visitors what they are agreeing to by using your site.
- They aren’t allowed to post inappropriate or abusive content
- They shouldn’t view your site in an area where it’s prohibited
- You aren’t responsible for false or inaccurate information posted by users
- You maintain the right to block or terminate accounts that violate the T&C
Your page might also outline billing terms, subscription agreements, and warranty disclaimers. Basically, it should cover anything that could come back to bite you in court.
13. Audit Your Contact Info
Alright … almost to the end (I’ll make it quick, I promise).
And pay attention, because this one is very important:
Before wrapping up your yearly site audit, check all mentions of your:
- Company name
- Phone number
- Email Address
- Social media handles
… and make sure that they’re up to date.
So if you changed the name of your company, moved to a new office, or got a new phone number, update them on your site.
Ideally, you’ll do this as soon as the change happens, but it doesn’t hurt to scour through your site once a year to look for mentions that slipped by.
If you have a small site with only a few pages, this step is easy. Just click through each page and do a Control+F search for your old name, address, phone number, and email.
If you have a big site with a lot of pages, though, you’re better off using Google to search within your site for outdated mentions.
All you have to do is head to Google and type:
Followed by a space and “your old information”, like this:
site:[your site] “[old company name]”
site:[your site] “[old phone number]”
For example, let’s say we changed our number from 444-4444 to 555-5555 earlier this year.
In the search bar, I’d type:
If there were any lingering mentions of that site on our page, they’d show up in the search results and we could fix them.
Repeat this process as many times as necessary to find mentions of any outdated info.
Web design is only half the battle. If you want your site to boost your reputation and drive sales, you have to manage it properly.
Your site is like a car, and a steady maintenance routine will keep it running like new.