Template: WordPress Checklist
With this checklist, you can frequently check your WordPress installation if it is still working as expected. It also includes maintenance tasks like updating core and plugins and security-related checks.
As always: We're happy about suggestions. Contact us!
Please log in to copy this checklist into your account.
Don't have an account yet? Checkpanel offers easy to use checklists for items that you want to check frequently. Know when each item was last tested. Report failures with details. Set reminders. Collaborate.
Make sure that all plugins are up to date.
Updating plugins is even more important than updating the core, since security issues with plugins are much more frequent. (you should still update the core, though)
Themes can be updated as well. Make sure your's is current.
Updating themes can be more tricky, though. Before you download a new version, read carefully what is about to change. You don't want to be hit with a layout change unprepared.
Make sure that a backup solution is installed and that the backups are usable.
Read the WordPress Codex page about Backups for more information on how to set up backups.
Important: Don't just set the backups up, make sure that you can actually restore your installation from them.
Make sure that the structure of your permalinks has not been changed accidentally.
Go through all registered accounts. Check that all users are known and expected to have an account. Unknown accounts can be a sign for a compromised system.
You can find the list of users in the WordPress backend under 'Users' => 'All users':
Check that your site does not generate malware warnings. This can happen if your site has been compromised. Rarely there can also be false alarms, which nevertheless have to be dealt with. There are several ways to check this:
- If your site is registered in Google Webmaster Tools, you can find malware warnings there.
- If not, you can search for your site and click on a result leading to your site. If Google suspects malware, it will show a warning.
- If you have antivirus software installed, just surf around on your site and watch for alarms.
Try to search for your site and see if it turns up.
This is a simple way to test if something went horribly wrong with your robots.txt or similar. See also our template for a SEO checklist for more detailed checks of this kind.
If you have a contact form, test if it is still working as expected.
- Test if required fields are enforced and show helpful error messages if left blank.
- Test if a correctly filled and sent form shows a helpful confirmation message.
- Verify that the message actually arrives.
Verify that your RSS feed is still reachable at the usual address and valid.
It is of utmost importance that the URL of the feed does not change. If it changes, all your subscribers will cease to receive updates. Setting up an automated check might be a good idea.
You can use the W3C Feed Validation Service to validate the feed.
Also verify that new posts do indeed show up in the feed.