The Ultimate WordPress PRO Setup
WordPress is super flexible and powerful and is by far the most used CMS system on the internet. The latest statistics reveal that WP accounts for about 32% of the entire Web and 59% of CMS-built websites.
After 15+ years of developing websites and online shops, I have seen WordPress come a far way. When looking at client sites that have been developed by other agencies, I am regularly shocked by what I find.
Not a single backup, no updates in years, and no security installed at all. That is the default for most WP sites I come across. No wonder hackers have a feast with WordPress.
That is why I want to take the opportunity to show you the ultimate WordPress PRO setup that I install on every single WP project before I even start with the first page or piece of content.
The following is a hand-curated list of FREE plugins you need to install when you want to have a secure and high-performing website. I will not go into any details about each plugin's configuration, as this would blow the post out of proportion. Most of these plugins have a pretty self-explanatory setup or install-wizard anyway.
If you are a WP pro, this should be your everyday standard, but it will take you about 2-3 days to install and configure them when you are new to WordPress. Yes, it is a chore but totally worth it, as you will learn the ropes and find your way around much better after completing this basic setup. Your reward will be a website with a solid foundation that works properly, is secure and up to speed, and easily indexed by Google.
When looking for new plugins, it´s always a good start to search the WordPress plugin repository first. More than 50.000 free plugins, and even most of the premium plugins list a free lite version that often covers the essential functionality well enough. You can always upgrade to premium later.
Sorted by categories to make it easier to navigate
Security & Backups
Wordfence https://de.wordpress.org/plugins/wordfence/
More than 1 website? https://www.wordfence.com/central
iThemes Security https://de.wordpress.org/plugins/better-wp-security/
Maintenance https://de.wordpress.org/plugins/maintenance/
Updraft Plus https://de.wordpress.org/plugins/updraftplus/
More than 1 website? https://wordpress.org/plugins/updraftcentral/
Two-Factor Authentification (2FA) https://wordpress.org/plugins/wordfence-login-security/
Site Migration https://wordpress.org/plugins/all-in-one-wp-migration/ When you need to migrate your site to a new web hosting account.
Yes, you see right - there are two overlapping security plugins on that list, and I always use them in parallel. Overkill, you say? Well, when you have lost a whole client-server with a score of live websites, it will be too late to start thinking about web security! I have been ripped out of some sunny vacations, getting bombed by alerts of brute force attacks, and was able to stop it in a heartbeat by instantly hiding my login page from the public and locking this thing uptight for 24 hours.
I dare say the Wordfence firewall is superb. Sure all those email alerts can be super annoying, but when the shit hits the fan, you will be glad to have them in place. With iThemes Security, you can rename your database and hide your login page, making it much less likely to be an easy target.
Always keep all your plugins updated, have a backup in place, and if you want to make your login extra-strong install the two-factor authentication plugin from Wordfence, and you should be golden.
Page Speed
AIO Caching & Minify Plugin https://wordpress.org/plugins/wp-optimize/
Nothing is as frustrating as a slow page load speed. You should speed-check yours with Pingdom Tools and learn what you can improve. Mostly it´s the fault of your large and uncompressed images, but your web hosting can be a sucker too. Make sure to get a dedicated WordPress hosting that uses an unbreakable cloud-based setup and CDN, or connect the free version of Cloudflare yourself.
SEO
Rank Math SEO https://de.wordpress.org/plugins/seo-by-rank-math/
Redirections by Rank Math https://rankmath.com/wordpress/plugin/redirections/
Schema Markup Rich Snippets by Rank Math https://rankmath.com/wordpress/plugin/schema-markup-rich-snippets/
ViSPR.net Do-Follow Exchange Network for Partner Pages
Yes, there I said it: Shameless self-promotion! As you might know, I am the founder of ViSPR.net. I have to admit I hate SEO as much as the average person. Still, when using Rank Math to get your technical on-page SEO in order and combining it with the unbeatable power of instant do-follow backlinks from other websites connected to the ViSPR partner page network, Google will LOVE YOU!
Page Analytics & Tracking Pixels
https://wordpress.org/plugins/insert-headers-and-footers/
https://wordpress.org/plugins/google-site-kit/ Site Kit by Google
Get your Facebook and Google pixels set up and your website connected to the Google Search Console. Make sure to use the step by step instructions to remove all the SEO roadblocks right from the start.
Visual Page Builder
Classic Editor https://de.wordpress.org/plugins/classic-editor/
Elementor https://wordpress.org/plugins/elementor/
ElementsKit https://wordpress.org/plugins/elementskit-lite/
In case you don´t want to use the mediocre Gutenberg default editor, make sure to block completely with the Classic Editor plugin. Believe me; you want the good stuff, so use Elementor instead. ElementsKit is just one of a bunch of additional add-ons to power up the Elementor features.
Form Builder
WP Forms https://wordpress.org/plugins/wpforms-lite/
Every website needs at least a contact form, if not a good and customizable user registration. Not to speak about email option forms, user surveys, or even payment forms. Connecting these little beasts to the email marketing automation tool of your choice was always a game of luck, but making it easy to create and look good on the frontend was a nightmare. Install WP Forms and solve this issue once and for all!
Email Marketing
MailChimp https://mailchimp.com/ The #1 email tool. Free up to 2.000 subscribers.
ConvertKit https://convertkit.com/ Free up to 1.000 subscribers, but easier and arguably more powerful than MailChimp.
Email marketing automation is purely optional but one of the most effective ways to generate sales when done right. These two are the most powerful tools I found in 15+ years. And I am not speaking about dedicated and super expensive marketing suites like Hubspot here!
GDPR / CCPA / LGPD
GDPR Cookie Consent https://wordpress.org/plugins/cookie-law-info/ All-in-One tool with the best features.
Yes, you MUST get your legal mess in order! A simple cookie banner does not cut it anymore. Go Pro or go home!
Multilanguage
Polylang https://wordpress.org/plugins/polylang/
Polylang Connector for Elementor https://wordpress.org/plugins/connect-polylang-elementor/
Maybe you want to operate your site in more than just one language. Polylang is the easiest solution for that. Yes, there is the obvious WPML, but it´s super expensive and complicated.
Themes
Themeforest.net Choose from hundreds of cheap (about 50 USD) WordPress Themes. (The theme is the visual look of your website.) Tip: Go for some of the Bestsellers that have been sold over 100.000 times! Their design is super flexible, and you have the option to customize them to the extreme, so you don´t look like everyone else! Most have hundreds of hours of development and bug fixing under their belt. Avoid custom-made templates from your average agency designer AT ALL COST! This is ALWAYS A VERY BAD IDEA!
AXE THE TRASH is your ultimate guide to bootstrapping startups, multichannel eCommerce & growth marketing
Stay in the loop for the most nitty-gritty stories about clients from hell and brutally honest tool reviews from the startup hype culture.
Thorsten Hunsicker is a serial entrepreneur, multichannel eCommerce and online marketing expert for more than 15+ years, home office junkie, and proud dad of two super kids.
AXE THE TRASH is the companion blog for my startup ViSPR.net - a do-follow backlink exchange network for partner pages that solves SEO for people that don´t like SEO. So make sure to check it out ;)
Read my next post. In the meantime, tell your friends!