Installing WordPress
Latest update: February 4, 2019 | Reading time: 3 to 4 minutesAlthough many hosting providers offer automatic installation of WordPress we recommend installing it by yourself for best control and to avoid the extra plugins that are sometimes added on the platform (in some cases without an option to remove them).
Download the latest WordPress package from wordrpess.org and upload the files to the home folder (in most cases that would be the “public_html” or “htdocs” folder) on your hosting account. Next, create a database, edit the wp-config-sample.php file on the root of the installation and save it as wp-config.php after having entered the correct data. Then log in to your site and start configuring it.
If you are not familiar with WordPress we recommend visiting the WordPress Codex to read more about the installation process. Another great resource can be found on the FirstSiteGuide WordPress page.
Local vs Online Installation
Depending on your needs you may install WordPress on a local or remote server. Apart from certain security issues depending on the privileges given to the user, there is no difference for WordPress. Our themes work flawlessly on a local web server as well.
You can benefit from a local installation as you can have overall control of server settings. As an example, you can let PHP errors being displayed and troubleshoot errors. On the other hand, the online installation is more accessible to your customers while you develop the website. In both cases make sure you remember or even keep notes on the steps you follow to have a direct path for troubleshooting in case things don’t go as expected. And never forget to keep regular backups.
Optimize Login Credentials
Nobody needs a hacked website so select a strong combination of username and password. Avoid using the default admin account, and better yet create a new administrator account and remove the admin account altogether. WordPress doesn’t allow for weak passwords (unless you point this out).
Keep a hard copy of your credentials in case of computer failure or use advanced password keeping applications like KeePass to ensure you are never locked out (and even in that case, WordPress implements a password recovery method as long as you have entered a valid email on the basic information screen).
Securing Site ( basic )
Why not secure the login? Even if you are going to deploy for long before publishing your website, you may share a link with others. Thankfully, there are several security plugins available to safeguard your website.
We recommend Lockdown WP as the minimum precautionary measure, a free plugin available from the WordPress.org plugin repository. You can also limit the times a user attempts to log in with another free plugin like Limit Login Attempts. In any case, the best security method is keeping regular backups and updating WordPress core and plugins as soon as they get a new update.