The Killer WordPress Checklist

Our “101+ Killer WordPress Checklist” will benefit all WordPress Designers, Developers and users, and save them from suffering through long, tiring hours of web surfing for the right WordPress guide. Here we go!

Quick Overview of what is covered:

Our ‘killer’ checklist is conveniently divided into 7 detailed checklists, each of which covers every aspect of launching, developing and then maintaining a WordPress website successfully.

All you have to do is follow each step carefully and we guarantee you’ll have the WordPress website of your dreams, ready within no time!

#1: Getting Started

#2: WordPress Pre Development Checklist

#3: WordPress Development Checklist

#4: WordPress Launch Checklist

#5: WordPress SEO Checklist

#6: WordPress Security Checklist

#7: WordPress Maintenance Checklist


We all know the importance of starting right.

If you understand the basics, right from the beginning of the process, the rest of the exercise becomes as smooth as silk.

So, make sure you make a perfect start by following these steps systematically to get the best end results.

Select Web Hosting:

Choose a suitable web host depending on your requirements.

 Download Latest WordPress Version:

Download WordPress from the official website

 Use FTP Client:

Download FileZilla the best FTP client.

 Online or Localhost?:

Select an appropriate development environment and then install WordPress. You can choose either of these two options; Local service like XAMPP, or Host site on a test URL.


So, where do you actually start?

That’s the first question that’s probably popped in your head. This checklist is the answer to that very question.

Regardless of whether you are a beginner or a WordPress expert, this particular checklist will benefit anyone who is in the process of developing a new WordPress website.

Choose the Right Directory:

Select a directory and install it under public_html. Do not use ‘root’ or ‘WordPress.’

Change Table Prefix:

Use random letters/numbers_table names instead of the default wp_table names. Checkout Change Table Prefix Plugin.

Use Unique Login/Password:

Refrain from using admin/admin as admin login/ password. Alternatively, you can follow these examples:

Username CMW (e.g.)

Password- (Use Strong Password Generator Plugin).

 You may also use your email as login with WP Email Login Plugin.

Hide your Test Website from Search Engines:

Make sure you hide your website from the search engines by checking the option under Settings > Reading “Discourage search engines from indexing this site”.

Additional Steps:

Once the installation is complete, here are some of the additional things you will need to do.

Create a “Coming Soon” page with the free SeedProd Coming Soon or WP Maintenance Mode Plugins.

Now, you will need to make some changes m the settings under General category. Choose a www or non-www URL for the WordPress as well as Site address.

// To redirect from non www to www add this code to .htaccess in root.

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\.

RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

// To redirect from www to non www add this code to .htaccess in root.

RewriteEngine On

RewriteCond %{HTTP_HOST} ^www\. (.+) [NC]

RewriteRule ^(.*) http://%1/$1 [R=301,NE,L]

Set Default Date & Time:

Don’t forget to update the Time Zone. Date/Time under Settings > General.

Update Blog Title:

Very important to update the blog title and tag line appropriately under Settings > General.

Change Media Settings:

Under Settings > Media, uncheck the “Organize my uploads into month and year-based folders” option if you would like to save all the images under ‘uploads’ folder. Be aware that large sites with 1000’s of images will make this folder very heavy.

Change Blog Category:

Similarly, under Posts > Categories, rename the ‘uncategorized’ to set up a default category for Posts.

Password Protect Demo Site:

Increase the security for your demo website by installing the Password Protected plugin.

Delete Sample Config File:

Finally, don’t forget to remove the sample config file, WP-config-sample.php in your root under public_html.

Additional Steps:

 Enable the debug mode.

Define (‘WP_DEBUG’, true);

Use as many WP default-included third-party JS libraries as possible.

As the admin, you are able to upload/remove media and install new plugins as per your requirements.


Now comes the most important checklist.

There are a million settings and changes you need to make during the development process, in order to build a website that meets all your requirements.

That’s why, we have included even the minutest of steps that are important during development so that you never miss out on anything crucial to your website.

Remove Default Content:

Here, the first thing you need to do is remove the WordPress default content like posts, comments and more.

Create a Sitemap:

Next, create a logical sitemap in Notepad, Word or Excel and add pages like About us, Contact us. etc., according to this sitemap.

Use Dash for URLS:

Make sure you use “-” in your URL’s instead of “_”.

Add Blog Categories:

Under Posts > Categories, add appropriate blog categories.

Add Tags & Media:

Once you’ve added the blog categories, include suitable posts, tags and media files.

Use ALT Tags:

Don’t forget to add alt tags to all the website Images. You may also use the Search Friendly Images Plugin.

Add Newsletter Subscription:

Include the Email Opt-ln Form for newsletter subscription. You may use Newsletter Plugin. We use Mail Chimp List Subscribe Form Plugin.

Make a Plugin List:

Make a list of all the plugins you wish to install. Here are a few recommended Plugins:

SeedProd Coming Soon:

WordPress SEO by Yoast:

 Google Analytics Plugin:


Broken Link Checker:



Contact Form 7:

BBQ: Block Bad Queries:



WP Super Cache:

iThemes Security:

Error Log Monitor:

Add Social Icons:

Add social media icons/links for Facebook, Twitter, Google+, Pinterest, LinkedIn etc. You may use AddThis or Share Bar Plugins.

Add Social Feeds:

Also include feed posts for:

Facebook Page Plugin

Twitter Plugin

Create Social Profiles:

Facebook Fan Page




Style Sticky Post:

Style the sticky posts well and make sure they function well. More info at

Check for Content Overflow:

Make sure there are no posts with pictures that break the content layout or are too big for the content column. In that case, make Overflow: Hidden in your CSS.

Highlight Author’s Comments:

Ensure that the author comment is highlighted differently. Checkout How to Highlight Author’s Comments by WPBeginner.

Use Gravatars:

Check that the User Avatars or Gravatars are displayed properly.

Add Comment Closed Message:

The comments display form is replaced with a “Comments Off” message or something similar.

Create 404 Page:

Another important thing is to ensure that the 404 page is created and customized. Check to create a Custom 404 page in WordPress.

Test Search Page:

Please check if the search page is accessible to users.

Use & Test Pagination:

Test the pagination using WP-PageNavi plugin.

Add Favicon:

Add custom Favicon to your site.

Use Breadcrumb

Don’t forget to use Breadcrumbs for easy navigation. Is a part of WordPress SEO by Yoast Plugin.

Link Logo:

Link the company logo to the Homepage.

Remove Lorem Ipsum

Lastly, make sure you remove all the Lorem Ipsum text on your website.


Congratulations! You re finally done with the tricky development process!

Now, you must be ready to launch it successfully, without any glitches.

Mind you, there are lots of steps to follow before you actually launch your website. So, we have put in every little thing you need to have in place, before you go live.

Just follow them all and have a hassle-free launch!

Make Backups:

Once you launch your website it is important to make regular back-ups. You can use these plugins for creating backups Backup WordPress (free) | BackupBuddy (Paid).

Check Content Structure:

Check the structure and content for everything including pages, categories, URL’S, submission forms, etc.

Update Admin Email:

Also, under Settings > General, check social links, contact info and admin email.

Implement Security:

Make sure you have all the security in place, like password strength. files and folder permissions, etc. using the iThemes Security Plugin.

Ensure CBC:

Check if your website is cross browser compatible by extensive testing. Free Trial with Cross Browser Testing.

Enable Site to be crawled:

Uncheck the option under Settings > Reading of “Discourage search engines from indexing this site” and make website visible to search engines.

Disable Coming Soon Page:

Disable the Coming Soon page.

Test for Responsiveness:

Ensure that your website is mobile friendly. Run Google’s Mobile Friendly Test to determine the same.

Check Loading Speed:

You must also improve the page loading speed with the help of Google’s Page Speed Insights.

Compress Images:

If you are using free stock images, then make sure to reduce all the image sizes by almost 50% by compressing the PNG and JPG files using WP Smush it or Short Pixel plugin.

Use Latest WP Version:

Make sure you are using the latest version of WordPress. If not, ensure that you upgrade when you go live.

Upgrade Plugins:

It is also important to upgrade all the plugins on your website before going live.

Open URL in New Tab:

Check if all your external links are working by opening them in new tabs. Use code similar to this for links:

<a href =”#” target=”_blank”></a>

Check Broken Links:

It is imperative that you check for broken links on your website before going live using Broken Link Checker Plugin.

White Label (Optional):

If you are developing the WordPress website for a client, implement branded WordPress login page using White Label CMS Plugin.

Disable Coming Soon Page:

Launch the plugin SeedProd and disable the Coming Soon page.

Go Live:

Once all these things are in place, you are finally ready to go live.


You may have the most alluring and well-developed WordPress website, but If you don’t have proper SEO in place, then it will all be for nothing.

Follow each step carefully and you’ll have a fully search engine optimized website ready in a jiffy!

Manage 301 Redirects:

Manage your 301 redirections with the help of user Redirection Plugin.

Enable Site to be Crawled:

Turn on the site visibility under the Settings > Reading, if you haven’t done it already.

Uncheck “Discourage search engines from indexing this site”.

Use HI Tag:

Ensure that you have only one H1 tag on each of your pages.

 Use H2 Tag:

Also, make sure you have the H2 tag only within the content for headers.

Add Alt to Images:

Don’t forget to add alt tags to all the website images.

Test XML Sitemap:

Check if the Yoast’s WordPress SEO Plugin’s in-built sitemap is working or else install Google XML Sitemap Plugin.

Check Robots.txt:

Next, it’s important to have the Robots.txt file in place and it is Optimized. More Info @

Compress Images:

Reduce the size of the images on your website using Plugin.

www or non www:

Redirect the ‘www’ to ‘non-www’ and vice versa, use either but stick to one.

Signup for Webmaster Tools:

If you have found any issues with the website so far, sign up for Google’s Webmaster Tool and fix those issues. Ensure that you have submitted both the ‘www’ as well as the ‘non-www’ versions.

Test Breadcrumb:

Ensure that links on Breadcrumb are working.

Limit Meta Title (V.V.Imp):

Another thing to ensure is that the Meta Title remains only 55 characters long, including the spaces. WordPress SEO has this feature built in for you.

Limit Meta Desc (V.V. Imp);

Similarly, the Meta Description should only contain 155 characters, including spaces.

Use LSI Key words:

LSI Keywords are very important for SEO. Make sure you include enough in your content. Find LSI using Google Keyword Planner, or Google Search (hint: look for keywords at the bottom of the page after completing the search query).

Check Duplicate Content:

It is very Important that all your content is original and that you have no duplicate content on your website. Use CopyScape.

Interlink Content:

Interlinking is also a significant aspect of SEO. So make sure you have contextual links within your website.

Link to External Links:

It is also important to have external links to other resourceful websites, within your content like we have done on this page.

Optimize Site:

Again, it is of utmost importance that you optimize your website using GTMetrix for HTML and Pingdom for Word Press, as it will help you save some valuable time to clear errors.

Improve Page Loading Speed:

With the help of Google’s PageSpeed Insights you will be able to achieve your goal of improving your site’s loading speed.

Ensure Responsiveness:

Ensure that your website is responsive and mobile ready by running Google’s Mobile Friendly Test.

Create Short URL:

Opt for a shorter URL for the pages.

Submit for Local Listing

If your website is about a local business, make sure you submit it to Google Business.

Review Analytics:

Don’t forget to add & review Google Analytics.

Check Onpage Content:

Check all the aspects related to OnPage SEO before going live. A Must Read On-Page SEO Guide by Brian Dean from

 Proofread Content:

Make sure you proofread the entire website to check for spelling and grammar errors, before going live.

Use CDN:

It is advisable to use CDN networks like MaxCDN to ensure better speed and usability.

Exclude IP from Analytics:

Exclude home and office IP addresses in Google Analytics. More information on Excluding internal Traffic can be found on Google Analytic Help Section.

Add Social Sharing Icons:

Don’t forget to include Social Media icons on all pages of the WordPress website. You may use AddThis or Share Bar Plugins.

So, here we are done with the WordPress SEO Checklist. If you haven’t managed to implement yet or need help with the above then do let us know.


Now let me tell you, security is a very important aspect of website development.

Hence, before you present your WordPress website to the world, it is imperative that you have tight web security in place.

Through this checklist, you will get to learn which plugins and additional settings are required to safeguard your precious website from malicious threats.

Prevent Directory Access:

Prevent access to ail directories, place this code inside your .htaccess file.

# Prevent folder browsing

Options All -Indexes

Monitor Site Performance:

Get regular reports of your website’s performance with the help of the P3 Plugin Performance Profiler Plugin

Delete Install & Upgrade Files:

Be sure to delete /wp-admn/install.php and /wp-admin/upgrade.php after every WordPress installation or upgrade.

Limit Suspicious Login Attempts:

Limit the number of login attempts possible both through normal login as well as using auth cookies by using Login LockDown Plugins.

Use iThemes Security:

We strongly recommend that you use the most I comprehensive security plugin, iThemes Security plugin, because it’s free and takes care of almost all the security issues on the website.

Protect your wp-con fig file:

As wp-config.php file contains all the confidential details of your site, so it’s pretty important that you protect it at all costs. An easy way to protect this file is to simply place the following code in your .htaccess file on your server.

<files wp-config.php>

order allow,deny

deny from all


Disable Theme and plugin Editor:

If you warn to stop the editor links from appearing in the admin area you can add the following to your wp-config.php file so people cannot edit the theme directly in the admin area.

Define ( ‘DISALLOW_FILE_EDIT’, true);

Hide your WordPress Version:

It is important that you hide your current Word I Press Version from the hackers. Add the following code to your


function remove_version() {

return “;


add_filter(‘the_generator’, ‘remove_version’);

Hide Login Error messages:

Error login messages may expose and give hackers an idea if they’ve gotten username correct/ incorrect, vice versa. It is wise to hide it from unauthorized login. To hide login error messages simply put the following code functions.php

function wrong_login() {

return ‘Wrong username or password.’;


add_filter(‘login_errors’, ’wrong_login’);

Go Live:

Once all these things are in place, you may either go live at this stage and follow the SEO Checklist after or vice-versa.


There! You’ve finally taken care of everything for your WordPress website.

Now, you need to know how you can maintain it efficiently.

This maintenance checklist will give you stepwise Information on how you can run your website smoothly and conduct regular checks to make sure it functions impeccably.

Clean Spam Comments:

Delete SPAM Comments.

Test Forms:

Test the functioning of your Contact form by sending an inquiry through it.

Check Broken Links:

Look for broken links on your website with the CheckMylink Extension for Chrome & Broken Link Checker for WordPress.

Reply to Comments:

Make sure you check your comments section and answer questions & interact regularly with your readers.

Update Plugins:

Keep a tab on plugin updates and upgrade them regularly.

Make Regular Backups:

Don’t forget to make backups of the latest databases and files using BackUpWordPress (free) | BackupBuddy (Paid)

Check Google Analytics:

Check Google Analytics regularly.

Review Webmaster Tools:

Similarly, check Google Webmaster Tools periodically.

Check Resources Used:

Keep an eye on your resources used on your website.

Monitor Statistics:

Use WP Statistics plugin to monitor your WordPress website’s statistics.

Ongoing Security Checks:

Find a good Plugin that will check for the items below:


 File Permissions

Database Security

WordPress Admin protection


If you have all these things in place, and still wish I to add some additional characteristics to the website then follow these following steps, when using WP config.php.

Disable the Debug mode:

Define(‘WP_DEBUG’, false);

Disable WordPress Updates: (Should be used by Experts Only)

//Completely Disable Automatic Updates


//Disable all updates to the Core

Define( ‘WP_AUTO_UPDATE_CORE’, true );

Control Post Revisions:

// Limit the number of saved revisions. Limit to 10.

define(‘WP_POST_REVISIONS’, 3);

//Disable the post revision feature completely.

define(‘WP_POST_REVISIONS’, false);

 Clear Trash:

//Empty every 7 days

define(‘EMPTY_TRASH_DAYS’, 7);

//Disable Trash Completely

define(‘EMPTY_TRASH_DAYS’, 0);

 Increase Memory Limit:

// Set Memory Limit to 64MB

define(‘WP_MEMORY_LIMIT’, ’64M’);

//Set Memory Limit to 96MB

define(‘WP_MEMORY_LIMIT’, ’96M’);

//Set Memory Limit to 128MB

define(‘WP_MEMORY_LIMIT’, ’128M’);

 Define Auto Save Interval:

define(‘AUTOSAVE_INTERVAL’, 300 );

Hope you liked our WordPress Maintenance Checklist. If you’re looking for such services for yourself or your clients, please contact our team for further help.


All the information in this checklist is error free and reliable to the best of our knowledge. This list has been reproduced in part from this post by Nirav Dave of Capsicum Mediaworks, LLP. Neither JDGD nor Capsicum Mediaworks, LLP shall be held accountable for any loss or damage suffered as a result of following these instructions.

We are not liable for any malfunctioning in the referenced software or services stated in this work. Unless clearly mentioned, we receive no commissions or payments from the respective suppliers or owners of the software and services mentioned in this checklist.

We only publish information about the workings of certain third-party services, but we do not endorse or support third-party services or products and are not responsible for the functions or authenticity of these services.

Want to share this on your site? Just copy the code below!

<p><strong>Killer WordPress Checklist [Infographic] by the team at Capsicum Mediaworks, LLP</strong></p>

<p><img src=’’ alt=’wordpress checklist infographic’ width=’540px’ border=’0′ /></p>