What are your Top10 CheckList After Setting Up a WordPress Website


1.First Thing I do is change Permalinks to Post
2.Install Sucuri Plugin for Security
3.Yoast for SEO
4.All in One WP Migration: DR…Shit happens.
5.Remove Footer to Avoid SpamBots & Bruteforce
6.Change User Login Path.I cant tell you my path
7.Install W3Total Cache for Performance

[1]Quick Tip: Use Interaction Free Interface for better writing

  1. I install security plugins & yoast Seo.


My checklist will be -

  1. Change WordPress Permalink
  2. Disable User Registration
  3. Delete Unused Themes & Plugins
  4. Setting Preferred Domain URL
  5. Updating Profile/ Set default Gravatar
  6. Update Reading/Discussion settings as required
  7. Configuring WordPress Ping List
  8. Install Mandatory Plugins
  9. Delete default admin account & Create a new one
  10. Set Title, Tagline, Post Auto-Save Interval


Default WordPress comes with Disabled User Registration



Maybe now they have disabled this. When I started blogging (in 2013), I overlooked this and noticed when I had hundreds of subscribers.

Reading Settings -

To show static/latest post page.
Number of posts to show etc (Personally, I prefer to match with sidebar length)

Discussion Setting:
Configuring the comments settings/email notifications etc


14 Checklist to harden your WordPress from Intruders:

  1. Usernames: DO Not use admin, Administrator, Webmaster, WebAdmin etc

  2. Passwords: Use Long alphanumerichs&Special characters and you KeePass to manage it.

  3. Database prefix should not be left as wp_; Use Change Prefix plugin to change to a unique pattern that cannot be guessed.

  4. Delete all themes and plugins that you are not using.

  5. Admin login: Add the WP Admin Graphic Password plugin to add another layer of brute force protection.

  6. Database backup: Perform manual database backup via PHPmyAdmin.

  7. Install the Updraft Plus plugin and configure it to backup the database, plugins, themes, and files to your Dropbox

  8. Set Wordpress to limit login attempts.

  9. Set Wordpress to automatically update itself.

  10. Update themes and plugins as soon as you can.

  11. Sucuri plugin: Install and configure options for instant email alerts.

  12. .htaccess files: configure .htaccess file for the root folder of your site.

  13. .htaccess files: configure .htaccess file for the wp-admin folder.

  14. .htpasswd file: configure .htpasswd file for wp-admin folder.


This is an interesting thread, thanks for starting this @Nithin_Sai. :smiley: This is what I’ll do:

  1. Delete the “Hello World” post. :’)

  2. Setup Permalinks properly.

  3. Configure SSL.

  4. Install the necessary plugins & themes.

  5. Do the security stuff for the blog like changing login URL, reCAPTCHA, etc.

These are the 5 things I’ll be doing for sure. :wink:


Top10 CheckList after Setting Up a WordPress Website:

  1. Add a Contact Form
  2. Change Site Title, Tagline, and Timezone
  3. Setup WordPress SEO
  4. Install Google Analytics
  5. Install Caching
  6. Setup Backups
  7. Setup WordPress Security
  8. Setup Spam Protection
  9. Delete Unused WordPress Themes
  10. Setup WordPress Comments.