WORDPRESS New
WORDPRESS New
What Is CMS?
CMS is software that helps users create, manage, and modify content on a
website without the need for specialized technical knowledge.
In simpler language, a content management system is a tool that helps you build a
website without needing to write all the code from scratch (or even know how to
code at all).
Installing WordPress
How to install WordPress
Basic Instructions
Here’s the quick version of the instructions for those who are already comfortable
with performing such installations. More detailed instructions follow.
Detailed Instructions
If you are using a hosting provider, you may already have a WordPress database set
up for you, or there may be an automated setup solution to do so. Check your
hosting provider’s support pages or your control panel for clues about whether or
not you’ll need to create one manually.
If you determine that you’ll need to create one manually, follow the instructions for
Using phpMyAdmin below to create your WordPress username and database. For
other tools such as Plesk, cPanel and Using the MySQL Client, refer the
article Creating Database for WordPress.
If you have only one database and it is already in use, you can install WordPress in
it – just make sure to have a distinctive prefix for your tables to avoid over-writing
any existing database tables.
Using phpMyAdmin
If your web server has phpMyAdmin installed, you may follow these instructions to
create your WordPress username and database. If you work on your own
computer, on most Linux distributions you can install PhpMyAdmin automatically.
Note: These instructions are written for phpMyAdmin 4.4; the phpMyAdmin user
interface can vary slightly between versions.
2. Click the phpMyAdmin icon in the upper left to return to the main
page, then click the Users tab. If a user relating to WordPress does not
already exist in the list of users, create one:
1. Click Add user.
2. Choose a username for WordPress (‘wordpress‘ is good) and
enter it in the User name field. (Be sure Use text field: is
selected from the dropdown.)
3. Choose a secure password (ideally containing a combination
of upper- and lower-case letters, numbers, and symbols),
and enter it in the Password field. (Be sure Use text field: is
selected from the dropdown.) Re-enter the password in
the Re-typefield.
4. Write down the username and password you chose.
5. Leave all options under Global privileges at their defaults.
6. Click Go.
7. # Return to the Users screen and click the Edit privileges icon
on the user you’ve just created for WordPress.
8. # In the Database-specific privileges section, select the
database you’ve just created for WordPress under the Add
privileges to the following database dropdown, and click Go.
9. # The page will refresh with privileges for that database.
Click Check All to select all privileges, and click Go.
10. # On the resulting page, make note of the host name listed
after Server: at the top of the page. (This will usually
be localhost.)
Step 3: Set up wp-config.php
You can either create and edit the wp-config.php file yourself, or you can skip this
step and let WordPress try to do this itself when you run the installation script (step
5). (you’ll still need to tell WordPress your database information).
(For more extensive details, and step by step instructions for creating the
configuration file and your secret key for password security, please see Editing wp-
config.php.)
Return to where you extracted the WordPress package in Step 1, rename the
file wp-config-sample.php to wp-config.php, and open it in a text editor.
// ** MySQL settings - You can get this info from your web host
** //
DB_NAME
The name of the database you created for WordPress in Step 2.
DB_USER
The username you created for WordPress in Step 2.
DB_PASSWORD
The password you chose for the WordPress username in Step 2.
DB_HOST
The hostname you determined in Step 2 (usually localhost, but not
always; see some possible DB_HOST values). If a port, socket, or pipe is
necessary, append a colon (:) and then the relevant information to the
hostname.
DB_CHARSET
The database character set, normally should not be changed (see Editing
wp-config.php).
DB_COLLATE
The database collation should normally be left blank (see Editing wp-
config.php).
Now you will need to decide where on your domain you’d like your WordPress-
powered site to appear:
Note: The location of your root web directory in the filesystem on your web
server will vary across hosting providers and operating systems. Check with
your hosting provider or system administrator if you do not know where this is.
• If you need to upload your files to your web server, use an FTP client to
upload all the contents of the wordpress directory (but not the
directory itself) into the root directory of your website.
• If your files are already on your web server, and you are
using shell access to install WordPress, move all of the contents of
the wordpress directory (but not the directory itself) into the root
directory of your website.
In a Subdirectory
• If you placed the WordPress files in the root directory, you should
visit: http://example.com/wp-admin/install.php
• If you placed the WordPress files in a subdirectory called blog, for
example, you should visit: http://example.com/blog/wp-
admin/install.php
If WordPress can’t find the wp-config.php file, it will tell you and offer to try to
create and edit the file itself. (You can also do this directly by loading wp-
admin/setup-config.php in your web browser.) WordPress will ask you the
database details and write them to a new wp-config.php file. If this works, you can
go ahead with the installation; otherwise, go back and create, edit, and upload
the wp-config.php file yourself (step 3).
Finishing installation
The following screenshots show how the installation progresses. Notice that in
entering the details screen, you enter your site title, your desired user name, your
choice of a password (twice), and your e-mail address. Also displayed is a check-box
asking if you would like your blog to appear in search engines like Google and
DuckDuckGo. Leave the box unchecked if you would like your blog to be visible to
everyone, including search engines, and check the box if you want to block search
engines, but allow normal visitors. Note all this information can be changed later in
your Administration Screen.
• If you get an error about the database when you run the install script:
• Go back to Step 2 and Step 3, and make sure you entered all
the correct database information into wp-config.php.
• Make sure you granted your WordPress user permission to
access your WordPress database in Step 3.
• Make sure the database server is running.
However, it can be quite daunting to look at the WordPress Dashboard – also referred
to as the WordPress control panel or the WordPress backend. It’s not the most visually
pleasing content management system. And there’s quite a lot of buttons and tabs here,
what can you do with them? So, we’ve written this article to help you navigate the
WordPress admin area. Keep reading beause you’ll find useful information!
You may already know how to access your WordPress Dashboard, but let’s quickly go
over it again.
There are multiple ways to log into your WordPress account. But the most common two
ways are through your web hosting dashboard or by logging into your WordPress site
directly.
The default URL to login to WordPress is the same URL you would use to visit your site
but with “/wp-admin” added to the end of it.
You now have access to your WordPress admin dashboard where you can manage your
WordPress site.
Your WordPress Dashboard will look something like this with a clean installation:
If you’re a new user, the “Welcome to WordPress” toolset will appear in the
dashboard’s top position with helpful links to get you started. If you’ve already seen this
panel and you’ve installed different plugins, you may see notifications from the plugins
you’re using instead.
For your navigation menus, keep in mind that your menus might look different
compared to the screenshots in this article. Depending on the user role, plugins, and the
hosting service that you use, there might be more or fewer items on your menus. Next
to that, the Bluehost section in the left navigation menu is only available to customers
who bought Bluehost’s subscription.
Let’s first explore the navigation menus in your WordPress control panel.
Besides the left-hand navigation bar, you’ll see a black bar with white text running
across the top of the screen. This bar contains plenty of helpful shortcuts to help you
save time navigating. For example:
• The plus icon lets you quickly add a post, page, media and users to your
backend.
• The message icon takes you to the comment area where you can approve,
edit, delete and answer comments.
Unfortunately, there are no options available in the admin panel to add custom links to
the bar. However, plugins and themes can create custom navigation on the top admin
bar that will be useful when working in the panel.
For instance, in the above image, you can see a tab called “Caching” which might not
exist in your upper navigation bar. It is a shortcut to access some functions of the
Endurance Page cache plugin which is activated automatically by Bluehost if you use our
service. Next to that, the tab with the letter Y is available when you install the Yoast
SEO plugin.
You’ll want to pay particular attention to “Visit Site” which you’ll access by hovering
over your site’s name within this bar. Clicking the text will open your site in the same tab
(right-click it to open in a new tab if you’d like to keep your dashboard open). As you
access your live site, you’ll see that the black bar remains, giving you access to the same
shortcuts and an easy path back to your WordPress Dashboard.
This is where you’ll spend the bulk of your time within WordPress. All of the controls and
settings you use in WordPress can be found in this main menu.
The menu shown in this screenshot is for someone who has an administrator user role
within WordPress. If you don’t see all of the menu items, then you probably have a
different user role.
Next to that, in the above screenshot, you can see options such as OptinMonster or
Creative Mail which are not a part of the standard menu. They are listed because these 2
plugins were installed. You can think of plugins as “apps” for your WordPress site. The
more plugins you install on your site, the more icons you’ll see in the menu.
Let’s dive further into the left navigation menu. We will be covering options in the
standard menu:
1: Dashboard. The Dashboard is basically the control center for your WordPress site.
You can manage every part of your WordPress site from here. Next to that, you’ll find an
overview of updates for your WordPress core, as well as for themes and plugins.
2: Posts. This is where you can create a new Blog post. Next to that, you can manage
your Categories and Post Tags.
3: Media. All your images, documents or media files are stored here. You can browse
through your Media library, add new media as well as edit and update the files.
4: Pages. All the pages of your website such as the homepage and about us can be
found here. Go to this section if you want to create a new page or make changes to
existing ones.
5: Comments. You’ll manage your blog comments in this section. You can approve,
delete, modify or reply to comments that come into your blog. Of course, you can
always disable comments on your site if you want. This can be done in the “Settings”
area.
6: Appearance. Settings in the appearance area directly affect how your site looks and
navigates. You can change or customize your website themes, add background images
and edit/control your website navigation menu here. And you’ll definitely spend a good
amount of time in this area when you want to change your site’s design or its layout.
7: Plugins. Plugins are like “apps” for your WordPress site. They are pieces of software
that add or extend the functionality of your site. They are quite easy to use, and you
don’t need any coding knowledge to download and use plugins. Go to this section to
manage your installed plugins, or to browse the WordPress plugin directory and install
new ones.
8: Users. This section contains a list of all the users who have a login on your website.
WordPress has various permission levels for the corresponding user’s role. Depending
on the role you’re assigned, you may see different items in your WordPress navigation
menu.
9: Tools. This section can be referred to as the “utilities” area of WordPress. It allows
you to import and export various data such as posts, pages, form responses, or your
personal data. You can also check your site health status or access your plugins/themes
file editor here.
10: Settings. This section contains the “global settings” for your site. There are loads
and loads of options and settings for you to explore. You can edit things such as your
site title, URL structure and other important settings.
11: Collapse Menu. Click on the icon to “collapse” the left bar menu. Instead of seeing
descriptive text, you’ll only see the icons.
12: Bluehost dashboard. This area is only available if you use the Bluehost hosting
service. It contains various shortcuts to other settings. We’ll dive deeper into this area
later in this post.
We’ve introduced the navigation menus in WordPress backend. Now let’s dive into the
actual WordPress Dashboard.
1. Welcome to WordPress box. This box has quick links to take you to various areas in
the backend of your site. Feel free to dismiss this box as it takes up quite a bit of space.
2. Activity. This box shows recent activities such as comments you received, as well as
scheduled and recent blog posts.
3. At a Glance. Here you can find some statistics for your site such as how many posts
and pages you have.
4. WordPress News. You can read news about WordPress and see if there
are upcoming events near you.
5. Quick Draft. This box allows you to quickly type up a draft post which is very handy
for noting down ideas.
As we mentioned earlier, this dashboard is basically the control center for your
WordPress site. By enabling your plugin’s widgets in the dashboard, you’ll easily get an
overview of how your site is performing. For example, you can quickly check how many
contact form entries you get if you use a contact form plugin such as WPForms. To
display or remove widgets in the dashboard, find the “Screen options” in the top right
corner of your dashboard.
Keep in mind that dashboard widgets can be moved around by clicking and dragging
them to a different position. You can also collapse them by clicking the arrow on the top
right of the box. This is very convenient as you can arrange widgets according to your
need and usage.
The Bluehost area
The Bluehost area is only available if you’re using Bluehost’s service. Clicking on the
Bluehost icon will open a Bluehost dashboard within WordPress (not to be confused
with the Bluehost hosting dashboard).
The Bluehost dashboard provides another way for you to navigate, build and make
changes to your WordPress site. This is especially helpful for new website owners. We try
to make it simpler for you to get started with building your website.
You can see right away in the home tab a list of things you should do for your new site.
For instance, if you go to the “Add contact page” section and click on the button, you’ll
be taken to a new screen where you can create your page. Here, Bluehost will also come
in and provide you with a bit of assistance by setting up a simple contact form for you.
There are also quick tips in the help box, which can be very handy if you’re
learning WordPress.
If you scroll down below from the home section, you’ll find the Bluehost account box.
Clicking on any of these icons will take you to the corresponding controls in
the Bluehost hosting dashboard.
1: Themes. You can browse and purchase premium themes from the Bluehost theme
directory. Prices range from around $20 to $70 per theme.
2: Plugins. You can browse and purchase premium plugins from the Bluehost plugin
directory. Most of the plugins here will cost you money, but there are a few free ones as
well.
3: Services. Navigate here if you need professional services to help you build your site.
4: Staging. You can quickly create a staging site in this tab. A staging site is a copy of
your site where you can safely test changes before publishing them to your main site. It
gives you a way to try new things, test updates, and then deploy them when you’re
ready.
5: Settings. Some general website settings can be found here. You can set automatic
updates as well as manage comments and caching settings.
6: Help. As the name suggests, visit this section if you need help from us. You can chat
in real-time with us. Next to that, you can request services such as website consulting or
marketing and design assistance from Bluehost. And if you scroll down below, you can
browse through our resource center for helpful how-to articles and guides.
Select Dashboard from the upper left-hand corner to open the WordPress Admin
Dashboard. Toward the top of the page, you will see a message that your site displays
a "Coming Soon" page with a link to launch your site. Click that link to publish your
website.
Before hitting the Publish button, let us review the following checklist:
• On the home page, the purpose of your site must be clear to a visitor and direct
them to their next step, be it calling you, viewing products, reading more, etc.
• Test the contact and subscriptions forms if your website has them. Ensure that
the correct email addresses are receiving the notifications from those forms.
• Confirm that the contact information throughout the whole site is correct. A typo
error can prevent someone from contacting you.
• View your website on a mobile and tablet device. Many themes are responsive
and will automatically adjust the content to fit different devices. Having a
responsive theme does help with Search Engine Optimization (SEO).
• After installing and activating additional plugins, check your entire website to
make sure the new plugins are working properly.
• Clean up your installed plugins. If you know that you no longer need a plugin,
please deactivate and delete the plugin.
• Make sure that your website uses a Secure Socket Layer (SSL). You can either
activate HostGator's Free SSL or purchase the SSL Certificates from our front-
of-site. For more information on how to purchase SSL, please see the
article, Customer Portal - SSL Certificates. Once your SSL is turned on for your
domain, you need to set up your site to use the SSL. Install the Really Simple
SSL plugin to quickly and easily force the site over an SSL.
• If you have links on your website, make sure they work properly. If you direct
someone off your website, have the link open in a new tab.
WordPress automatically saves your work by default when you edit your page pr post.
However, before publishing your work, it is best to preview your website so you'll see
what the page or post would look like once launched or if it needs any further editing.
1. Click the Save draft button located at the top right of your workplace area. This
will save your work as a draft that you can edit later.
2. Click the Preview button to view your work. You can choose the preview mode -
desktop, tablet, and mobile. You can also preview your site in a new tab.
Before you publish your website, let us talk about one of the biggest issues users run
into with their website - making a backup of their content and database.
There are few things worse than losing all of your hard work when building a website
due to an unforeseen event. Whether your cat ran across your keyboard and deleted all
of your blog posts or your power going out when you haven’t saved any changes for
hours, you name it, we have seen it happen.
HostGator recommends many ways of creating a backup of your content and database.
CodeGuard
Though we strongly recommend CodeGuard to create automatic backups, you can try
another way of backing up your work. If you installed WordPress using the Softaculous
feature of your cPanel, you could create and even restore a backup via Softaculous. For
more information about creating a backup of your WordPress site with Softaculous,
please visit this helpful article How To Create a Backup of Installation With Softaculous.
Make sure to download the backup files and remove them from your hosting account.
Having files stored locally will come in handy.
Manual Backups
You can also manually generate a backup of your website content via the cPanel. It is
important that you back up your files and your databases for your WordPress site, as
both are required to make your site work.
Please note that this will back up your whole account and may occupy some space in
your cPanel. Please refer to our article, How to Generate/Download a Full Backup, for
more information. If you know how to navigate to your File Manager or use FTP, you
can also download a copy of your backup directly to your computer. With this method,
you also need to make sure that you download a copy of your database, which you can
find in the MySQL Databases section.
WordPress offers many plugins you can use to back up your website. Please note that
HostGator is unable to provide support with third-party plugins. If you have questions or
require assistance with these backup plugins, please refer to WordPress documentation
or forums that are available online.
This blog is a good read too: How To Backup A WordPress Site Without A Plugin.
1. Click on the Publish button at the top right corner of your WordPress workspace
area. A small window of additional settings will appear.
2. Double-check the settings before publishing.
If you select Public, the website will immediately be live unless you've set
the site to be published at a later date.
Or you can pick the date you want the site to be live online before hitting
the Publish button again.
o Suggestion - You can add tags to help your visitors navigate your website
and find content. You can enter keywords to describe your page or post.
3. Once done with the settings, go ahead and click the Publish button at the top.
After you publish, you need to optimize and focus on your SEO to make yourself visible
and easily found online.
Regardless of your website's traffic, you must optimize your WordPress site to run as
efficiently as possible. There are a few plugins that HostGator recommends that every
WordPress user install. These plugins actively improve the efficiency and health of
WordPress sites. Please check out the article, Plugins Advice, for more details about
recommended and resource-extensive plugins.
Another housekeeping rule is to maintain and update the WordPress website to ensure
that the core WordPress themes and plugins are current. New releases for these items
tend to address bugs, vulnerabilities and provide improvements.
Go to the plugin page and download the plugin. It will create a Zip file/archive to send to
your computer. Log into your WordPress admin site and go to the Plugins section. Click
on Upload and select the zip file
In 2018, over 90,000 hacking attacks per minute struck WordPress sites and
WordPress hosting around the world. No platform is ever completely safe from
malware, hacking, and other kinds of cyber attacks. It is the responsibility of the
hosting provider and site owners themselves to take precautions.
Is WordPress secure?
WordPress is a free and open-source software. It's the product of developers and
designers around the globe working to update and keep it stable. WordPress has
a dedicated team of developers who monitor the platform for security
vulnerabilities. They are responsible for developing patches as soon as an issue
becomes known.
When you visit a website with a secure connection, you'll see a grey padlock
icon at the beginning of the URL. You can get this padlock on your site by
installing an SSL certificate on your web server.
HTTPS stands for Secure Sockets Layer, and it's the authentication protocol that
encrypts the information between client (browser) and server. A majority of
websites nowadays use HTTPS, which you can see with the 'https://' at the
beginning of a website URL. Most of the time, your browser hides the padlock
that indicates a secure connection from the address bar.
Why you need to use HTTPS?
Every website can benefit from using HTTPS, even if you just run a blog.
Customers want to know their information will stay private if they check out on
your website. A lack of HTTPS could also hurt your SEO efforts. We have an in-
depth article that walks you through how to add HTTPS to your domain.
DIY security best practices for your WordPress website
Owners of WordPress sites can also take many steps to tighten security and
thwart cyberattacks. Securing your website connection is just one of the steps
you have to take for your website security. Along with efforts by WordPress itself
and responsible web hosting providers, it's also important to keep up-to-date
with the latest technology.
Smaller sites and those running older versions of WordPress that haven't been
updated are more vulnerable to attack. Installing all of the frequent updates
released by WordPress is a key step in keeping a website secure. Owners of these
sites might not expect that their sites might be targets, but they may be even
more vulnerable than larger sites.
Keep your devices secure
Security experts recommend making sure that all computers and mobile devices
used for accessing and managing a WordPress site are regularly monitored and
updated with effective firewalls and malware scans. WordPress security won't
help if the devices used to manage the site are compromised.
Secure passwords and permission
There are a lot of plugins for security and site monitoring available from
WordPress. These security plugins can be broadly categorized into two groups:
full security suites and single-issue security plugins. Full security suites cover
multiple security needs within a single plugin.
WordFence
Sucuri Monitor
They represent a great choice for beginning WordPress owners who want a
solution to cover multiple needs.
Backup your WordPress site
WordPress sites and those that aren't regularly maintained are prime targets for
spam comments. Such spam can easily infect a site with malware, so it's
important to set tight spam filters and keep them updated. It's essential to
monitor comments carefully and block questionable comments from your site's
Admin WordPress dashboard.
Final thoughts on WordPress website security
WordPress sites can appear vulnerable to hacking and other kinds of cyber
attacks. But no worries, your WordPress site can be secured if you pay attention
to it. Start by securing your website connection by installing an SSL certificate.
Then, implementing the best security practices, regular updates and correct
plugins can keep WordPress sites secure.