I know that many clients cannot afford to hire an expensive team of web developers. But please be aware that choosing to hire to cheapest developer will sooner or later lead to serious security and/or copyright issues.

1. Not using a child theme

Problem:

A theme is a set of files that provides front-end styling (like fonts, colours, layout etc). The majority of available WordPress themes need to be updated along with WordPress core. Amateur WordPress designers make changes directly in the theme (it’s called parent theme). This means they write custom code directly in current theme’s files.

Why it’s dangerous:

Most themes need to be updated regularly in order to work well with the latest version of WordPress. This means that your theme files get overwritten by new files upon each update.

So if your website looks buggy or “different” after an update, this could be due to not using a child theme.

The correct way:

Experienced WordPress web designers create a child theme that contains copies of parent theme’s essential files. All custom code goes into the child theme. So when theme updates are installed, they don’t affect the code.

There are also “naked”, or starter, or blank themes that can be edited directly. But these are not used by amateurs because they are made to style websites from scratch.

2. Disabling updates

Problem:

This is a very common “workaround” for the above problem. Some webmasters turn off regular WordPress updates. This affects core files (those belonging to core WordPress system), theme files (those affecting your website layout and design) and plugin files (those adding extra functionality to your site). No updates = no problems with a theme or plugin that has been directly edited. But…

Why it’s dangerous:

Regular updates are essential for your website’s health and security. It’s necessary to update core files, all your plugins and your parent theme as soon as new updates are available. Poor performance and visual bugs are just the most innocent consequences of ignoring updates.

Disabling updates can lead to your website getting hacked or infected.

Also, the longer your website has existed without updates, the more difficult it will be to update it without full re-install of WordPress.

The correct way:

All custom code should be kept apart from parent files. WordPress updates should be always turned on. A good practice is to hire a webmaster for regular maintenance works and have your entire website updated once a month.

3. Copyright issues

Problem:

I can’t count how many times I’ve seen cases of font usage without a licence.

You cannot use any font in the world just because it’s available to download for free from some shady website.

Last year, I had a client who was going through a costly rebranding process. They didn’t realize before we spoke that their new logo was using a commercially-licensed font – that their designer had downloaded somewhere for free. In the end they didn’t have other choice than to pay for the licence.

Why it’s dangerous:

It can be very expensive to use a commercially licensed font without permission.

Companies that sell commercially-licensed content like graphics or fonts use bots to scan the web for their content being used illegally.

You may get asked to completely remove all content using infringing elements from your website or even get sued by copyright owner.

The correct way:

There are hundreds of affordable fonts available both for web and print. An average web font licence costs about 30-90 USD and it’s really not worth trying to get away with illegal use of paid fonts. Also, there are beautiful open source fonts that are absolutely free to use both personally and commercially. The largest collection of free fonts is Google Fonts that currently features 949 font families.

4. Using unsafe plugins

Problem:

Plugins are components that add extra functionality to a WordPress website. They are commonly used for enquiry forms, translation management on the website, caching, image galleries etc.

With WordPress being an open-source system, anyone can write a plugin for it. So it’s important to choose the most trusted, reliable and safe WordPress plugins.

Why it’s dangerous:

For security reasons, all WordPress plugins should be updated regularly. Plugins that have been abandoned and not in line with latest versions of WordPress can be dangerous for your site’s performance and security.

There are thousands of available WordPress plugins (about 50.000 in fact) and a lot of them are very unstable, raw or full of annoying advertisements.

The correct way:

Always opt for stable plugins that are not likely to get abandoned by their authors.

Experienced WordPress developers know which plugins are the most reliable.

This knowledge requires years of experience and practice. There are also tons of additional information to find out about each plugin, such as rating and reviews, common issues and conflicts with other plugins, performance issues etc.

5. Using too many plugins

Problem:

Another sign that your web developer/designer is an amateur is that they use too many plugins. A plugin to insert Google Analytics code, a plugin to optimize images, a plugin to check broken links… Sometimes a simple web page uses 15-20 plugins!

Why it’s dangerous:

Too many plugins slow down your website, which is bad both for your visitors and your SEO.

Also, regular updates require more time and effort if there’re many plugins installed. More conflicts between different plugins are likely to happen (conflicts may arise immediately or after a certain update). The database gets bigger because there’s more data being stored by plugins.

The correct way:

Many things can (and should) be done without plugins. For example, you don’t really need a separate plugin to insert a tracking code, it should be pasted into website code directly. Image optimization can be done on the server or via an external service like Tiny PNG/Tiny JPG. There are also plugins that can solve multiple problems, like Yoast SEO suite.