15 WordPress User Errors That Make You Look Silly [Infographic]

15 WordPress User Errors That Make You Look Silly [Infographic]

Reader Comments (118)

  1. Thanks for this! I have been using WordPress for a while but have only recently begun to understand the full capabilities of it. This is a great list of things that you may not notice but could really affect people’s views and experience of your site.

    • Georffrey, even just a quick search of each of those issues on Google will return a wealth of information on how to fix them yourself, as you don’t have to be a developer to take care of most of them. You just need to know where to go. In fact you’ll probably find most of those fixes all in one place in an article by a trustworthy WordPress blogger.

      Of course if you aren’t sure, and worried you’ll break something, then hire an expert… πŸ™‚

      @Jerod, great infographic; loved the humour and clean design mate!

    • Agreed! Not all of us are experienced in WordPress. Too much knowledge is assumed. Mine isn’t even live yet only because I don’t know how to bring it live. The directions I was following assumed knowledge I just didn’t have.

      Once I’ve learned everything I need, I’m going to put out an ebook with complete directions on building a WordPress site — step by step, from start to finish, assuming no knowledge at all. I have a strong feeling it will do very well.

  2. Nothing looks as silly as a typo in an infographic telling users about all the ways they might be silly. Oops.

  3. Yes, I like the Infographics… but I DON’T like the way WordPress works, in any case. Sorry! There are other Website software systems that NEVER have these problems; they are also easier to manage, ultra-flexible, and just make common sense! WHY are there still no WordPress Themes that offer ultra flexibility (like changing typefaces and colours at will, drop & dragging for pics/graphics to ANYWHERE on a page, adding boxes, info-graphics, etc anywhere you want, and having all the SEO and security systems built-into the program, etc..?). I appreciate there is an ever-growing market of WordPress fixes, ‘improvements’, Themes, plug-ins etc., but they SHOULDN’T be necessary. One day, I presume WordPress will realize that there is a massive market who will NOT use WordPress because of all the things I mentioned above… but by then, it’ll probably be too late – because the new Blogging/Website creation systems now being developed will overtake Worpdress as the most popular, advanced and user friendly system available. Personally, I can’t wait…

  4. Grateful to find this information.
    What a surprise, and how silly I am looking. My old blog on the same subject (but self-hosted wp) at least got 20-100 visitors a day.
    This one has 0-29 (a one day spike). I feel invisible – which is worse than silly. I have good keywords, links, what could be wrong?
    The answer: I had a whole bunch of posts on private and thanks to you, they are now to be scheduled forever into the future.
    Thank you, thank you!

    • Ah, there you go! (And Christina, if it makes you feel any better, the one in the infographic about setting posts to Private? Yeah, that was from personal experience. I felt so…SILLY!)

      • Agreed. That is one of the greatest aspects of WordPress: how easy it is to simply Google an issue and fix it. When I first started with WordPress, knowing absolutely nothing about it or HTML, I would simply do a Google search for whatever question I’d have asked a developer if one had been sitting next to me. More often than not I found an easy answer or even a tutorial that showed me what I needed to know.

  5. Good information, though I don’t agree that these things make the web log owner look “silly.” As a web log reader, I don’t necessarily look down my nose at a web logger just because random errors show up in their web logs from time to time. I just chalk them up to errors and move on.

    • Quinn, that’s just silly. If someone is, for example, using an old version of WordPress, you should look down your nose at them!

      Just playing. Obviously we were being a bit tongue-in-cheek with all the silly talk, in order to bang home the point of how easy it is to avoid these issues, but I certainly wouldn’t ever seriously advocate looking down your nose at anyone. These errors happen. And even though they are easy to fix, they can also be easy to overlook. That’s why we wanted to do this infographic, because chances are we’ve all made these errors at one point or another (possibly even right now!), and the goal is to help everyone avoid them…and have a little fun while doing so.

  6. Good tips. But I’m wondering (about #15), is it so terrible if people know which version of WordPress you’re running? As long as you make sure to update WordPress whenever a new version comes out you should be good, right?

    As an example, I can see from the source code on copyblogger.com that you’re running WordPress 3.4.2 πŸ˜‰

    • I think the real issue here Hannes is if you are NOT updating WordPress. Hackers may know of a specific vulnerability in and old version and look for sites running that version. If you don’t make it easy for them to find out, then you may get overlooked. If you are updating as soon as updates come out, then letting people know, as Copyblogger does, really isn’t a big deal. But not everyone does, and advertising that you’re on an old version is not good.

      • Right. So it’s a combination of not updating WordPress and letting hackers know you haven’t updated in a while.

        I’m also wondering if it’s possible to completely remove all traces of version information. Even though Copyblogger has removed the “generator” meta tag (which would say “WordPress 3.4.2”) you can still find “?ver=3.4.2” a few times in the HTML source code. But perhaps the “generator” meta tag is what hackers are using to find vulnerable blogs (using bots)?

        • @Hannes, there are security plugins that will remove the β€œ?ver=3.4.2β€³ in the URL paths in your code. I am not sure if there are any free ones, but I am using a paid plugin (not expensive) called “WP Shielded” by KME Byrne and Atinder on some of my sites. It takes care of a number of security vulnerablities in one foul swoop. But there are many plugins that do a variety of these things, so just find a good one.

  7. Thanks Jerod for a brilliant infographic and thanks for the code to copy and paste this infographic into my website as a blog post. I’ve only posted info I’ve written myself so far, so this will make a nice change. An important piece of info re deleting the deactivated plugins – much appreciated.

  8. I’d like to add that keeping themes you’re not using installed is a sure-fire way to get hacked as well.

    Simply leaving these things on your server is a recipe for disaster.

    I mean, something as simple as a text file could be the open door a hacker needs.

    Unfortunately, I’ve had my sites hacked enough times to find this out first-hand.

    I don’t know about the rest of your readers, but when I start a new site I install a bunch of themes and try them on for size to find one I like.

    And, at least at first, I’d just leave all the ones there that I didn’t use. That’s all it takes to say, “Hey hackers! I’ve left this door wide open!”

    Just something to keep an eye out for…

    • Great point Chris. Good rule of thumb is that any theme or plugin that is not a) in use and b) necessary really should be targeted for deletion. You’ll be safer because of it.

  9. Great graphic.

    It should almost be turned into a “WordPress Config 101” course lol

    Side note: its not at all what I expected. The term “user” in the title leads me to believe the list is of things beyond your control. (i.e people using your site) not misconfiguration.

  10. I also had no idea about the deactivated plugins. Thank you!

    Another error that drives me nuts is approving comments that are obviously spam. But this error isn’t only limited to WordPress.

  11. Nice infographic however the part about deactivated plugins does not seem to make sense. If there is a backdoor/liability in a plugin it will be there for the hacker to use whether it is active or deactivated. Deactivated plugins update the same as active ones so just been deactivated does nt mean a liability would not get patched.

    There is a point to be made that deleting inactive plugins can help with your load times and as you say you should be careful where you get your plugins from

    • The point here is that if a plugin is deactivated, it most likely means it is not necessary…or that it is only used periodically as opposed to on a daily basis. If either is the case, why keep it on your site? Delete it until its needed.

  12. Eek — got almost all the way through this and then discovered my WP readme.html is visible. Fixing that right now! (For anyone wondering how to do so, just log into your FTP client — I use Filezilla — and delete the file readme.html. It should be in your root folder. If WordPress isn’t installed in your root folder, just navigate to where it’s installed — for example, /blog/ — and delete readme.html there.)

  13. Thank for the tips. I didn’t knew the deactivated plug-ins where actually a potentional security risk.
    Deleted all deactivated plug-in, but there is 1 which I can’t delete. Will try to install it again and try to delete it afterwards.
    The phpinfo.php file was not accesible, but the readme.html kwas. I deleted it at once πŸ™‚
    Thanks again for the tips!


  14. Interesting that you mention posts that span the entire page…there are “experts” out there in the affiliate marketing space that specifically recommend displaying the full post on the home page. Reason? Not everyone is going to burn the 1/3rd of a calorie to bother clicking on “read more” to get to the post, and they found that by displaying the full post on the home page it ends up increasing the reading rate and the click thru rate (for the affiliate links). So I think in certain contexts, the full post on home page can work — even though I agree it does look bad. Thoughts?

    • I’d like to see their test results. πŸ™‚

      If a user is so uninterested that they won’t click a “more” link to read a full article, they’ll rarely be interested enough to go on to buy a related product. I won’t say it never happens, I’d say test it for yourself and see what works.

      If it looks not-great but it works best, then I’m all for doing what works. But that kind of very simple “drive traffic to one blog post with an affiliate offer” model is hard to keep running in 2012, IME. Genuinely savvy affiliate marketers build loyal audiences and then make relevant offers, and a user-friendly, readable site tends to work better to build an audience.

    • I have to agree. While using excerpts and the “Read More” facility are recommended – adding them to a list of things that make one look “silly” is quite narrow minded.

      It assumes that there is only one way of laying out content on a blog and that unless everyone adheres to this style, they will be foolish but last time I checked WordPress is about community, open-source, open-mindedness and creativity – not just another bandwagon (pun intended).

      It depends on what someone is trying to achieve with their blog which is what should determine how they should use this function. It also depends on the design of the blog and nature of the content.

      In lots of cases it is not wise to do it but the proclamation of labeling all who don’t use this function as “silly” is in itself quite silly.

  15. I’m going to sound a bit “me-too-ish” here, but I had no clue about the security risk posed by deactivated plugins! I’d been reading along feeling quite smug about my lack of “chair-to-floor interface” errors, and then y’all got me with that one.

    Thanks for great information. Again.

  16. I’m new to the idea of hackers exploiting backdoors caused by inactive plugins. How exactly do they do this? As Ric said, wouldn’t it be better to just grab plugins from reputable sources instead?

    Also, are these backdoors functioning the same way blog comment spammers find your particular blog?


  17. Thank you for this information. Could you put the solution to correcting the mistakes in the 15 errors of WP blogs? I so would like to know how to make some of the errors go away. Thank you again. Regards, E Michelle Lee

  18. I always hear from people that the first time they saw the blank page (after making a php error) that it freaked them out. It really does look like they lost their entire site.

  19. Hay Jerod ,

    Thanks for sharing such a great infographic , you have provided great tips.Till Now with my website i am not felling Silly.. Keep sharing such beautiful things…

  20. The white screen of death is a horrible thing to have to deal with, I find it happens to me when i try and edit a file with code that I found on a site like WP Beginner!

  21. Funny you should mention the White Screen of Death, as the only site where I sometimes see it is when I call up the Google home page in the Safari browser.
    OK, this isn’t WordPress. However, it shows that even the likes of Google and Apple can look equally silly.

  22. WOW, this has really opened my eyes, I was planning an easy transition from my current blogspot http://mawmawsaidso.blogspot.com to wordpress and becausemawmawsaidso.com, now I am seriously scared because Murphy lives in my fingers most days. Thanks to this error article though I have already started my no no checklist and will run it immediately after install and again in several days

    Thanks ever so much,

  23. Here’s another one I see very often:
    – Not changing your permalink structure. No one’s going to remember p=15 as your “About Us” page. Plus it’s terrible for search engine optimization. Set your permalinks to %postname% or %cateogory%/%postname% – then sit back and soak in all that delicious search engine optimized goodness on every post.

    • Sherice, this is a great one. Been guilty of it also with my first blog πŸ™‚ It’s hard not to make any mistakes when you start blogging for the first time!

  24. This is a great compilation. But they’re all rookie mistakes! I think you should publish a version of this post targeted towards those of us who think we’re experts but could use some schooling. πŸ˜‰

  25. Nice list of tips. However, I would hardly call a few of them “silly” mistakes. For example, the database connection error can happen at some point and you don’t necessarily have control over it.

    I’d like to think that readers are going to understand that is probably a network issue and will not decide not to come to my blog ever again πŸ™‚

    • Sadek, I’ve seen some. I believe it has to do with how permalinks are set in the Settings section of your WP dashboard.
      You want to have them set as Post name or a similar setting so you reap SEO benefits.

  26. If I haven’t applied #9 to my website (“read more”), do I have to go back and insert the “read more” into each and every post? Or is there a way to apply it to the entire front page…or all my past posts?

    • Elaine, it would depend on your WordPress theme. I have one that does it automatically and another one that I have to break posts manually. I’d check with the theme owner and they should be able to help you.

  27. Cleared up my inactive plug-ins right after I read this πŸ™‚ Didn’t know that was a potential threat for hacking. Very helpful info here on wordpress for a novice in the online world. Thanks.

  28. This is a real brain twist for me, but good to examine the more technical side of WordPress rather than just writing blog posts. I’m sure I’m still doing a dozen things to embarrass myself (can’t even successfully copy and paste the infographic into my own WordPress blog and have it show up, for goodness sakes!), but I’m changing what I can. Speaking of which (don’t laugh at me), what difference does it make to have the default setting on “Blogroll” since there is not an alternative setting to use? Is this a program–y sort of detail that I’d need advanced training to change? Thanks for keeping us learning!

    • Nita, no worries, we all made lots of mistakes when we started blogging πŸ™‚ It is funny that you mention copy/paste of an image because in WordPress it does not work the same way as in Word perhaps. That’s why it does not work πŸ˜‰ But there are plenty of videos on YouTube that teach you how to properly insert an image in a WordPress blog post.

      Regarding blogroll, it comes by default with lots of WP themes. You simply need to take that widget out completely.

  29. Thanks for the reminder on de-activated plugins! I know I shouldn’t have them there but I tend to forget and then things get cluttered. And as Chris Ramsey pointed out above you should also let go of old themes. I just deleted two that were simply older versions of a newer theme. A huge waste of server space.

  30. I’m surprised that leaving your administrator user ID default to “admin” isn’t on or near the top of the list. Now that’s just silly!

  31. I think it’s a good list of errors that reminds us to be vigilant. To avoid falling back into the same and find timely, reliable information sources. For example learn from the experts. Thank you for your valuable input. Greetings.

  32. Hi
    That is great πŸ™‚ we all know reading a simple text will not so much helpful as a illustrative text or image with some text. All visual thing directly hit our brain very sharply that’s why we remember images very fast and not the text. A very simple example is advertising ads, sometimes only images make everything.
    Thanks for sharing this beautiful piece of information with us.

  33. I have all my post pages with defaulted /…/indext.php/postname. Is there any difference running site on microsoft windows and linux base. Should setting is according to postname or custom?

    • I totally disagree with you on this one.

      Having the Meta Widget or any front-end login button is not silly in itself as this is common practice for many sites to allow either clients or site members (depending on what tour sites functionality is) to login easily.

      Doing this is not silly.

      If you have not setup sufficient security, then it becomes silly.

  34. Nice compilation, in addition to this list is “post titles not displaying the way you want because you forgot to set your SEO plugins”, the sidebar showing below your content can be a pain in the a**

  35. I have for sure seen some of these errors and my first thought is that they really don’t know what they are doing. And I’m sure when I first started I made some of the same mistakes.

    • Hey Jake, one thing to do is to keep the plugins installed on your site to a strict minimum. Check the ones that you have installed and did not activate and delete them if you don’t need them.

  36. Just doing a new install and noticed that file phpinfo.php is visible to the world. Is this a file that can be deleted like readme.html, or does the system use and/or update it?
    If you need it, how can you block viewers?

This article's comments are closed.