NEW: Sign up to get freelance writing jobs in your inbox. SUBSCRIBE

WordPress for Writers: Tips, Tricks & Essential Plugins

Read Time: 17 min

WordPress for Writers - Tips, Tricks, and Essential Plugins - AllFreelanceWriting.com
Disclosure: This post on WordPress for Writers contains affiliate links. That means if you purchase after clicking on my links, I might receive a commission on the sale. To learn more, read my "No-BS Affiliate Promotion Policy."


In this post on WordPress for writers, we'll explore everything from your basic setup to tips and tricks to help you further customize your site and keep it more secure.

WordPress is a popular tool that can help you build not only blogs, but also your professional freelance writer website. But to get the most out of the platform while minimizing risks, here are some things you should know.

WordPress for Writers - Basic Setup

What are the first things you should do after installing WordPress, before and leading up to your first blog post? Start here:

Get a Web Hosting Account & Domain Name (& Install WordPress)

There are two versions of WordPress -- the self-hosted version we'll discuss throughout this post, and hosted blogs at WordPress.com. You'll need to be using the full, downloadable version of WordPress from WordPress.org to do some things in this post, as the hosted solution doesn't give you full freedom to customize.

NOTE: I highly recommend against using WordPress.com for any blog you hope to monetize or fully control, and I absolutely recommend against it for building your professional client-focused website.

In order to use self-hosted WordPress, you'll need to start by getting a hosting account and registering your site's domain name. Getting your domain name set up on your hosting account is beyond the scope of this article, but your hosting provider can help you with that. Many even offer simplified WordPress installations so you won't have to download and install WordPress manually.

Recommendations:

Currently I host most of my own sites with KnownHost, and I've been very happy with them. I currently use their VPS services, but they also offer shared hosting.

For domain registrations, I use NameSilo. Again, I've been very happy with the company. You don't have to worry about ratcheted-up renewal rates with them like you do with some registrars.

Shared Web Hosting

Install Your WordPress Theme

A WordPress theme is your design -- the template which will determine the look of your site. You can find plenty of free themes in the WordPress theme repository.

Personally I prefer premium themes which I then customize. You tend to get better support that way, at least when you find a worthwhile developer. But if you're working on your first site, keep it simple. Don't go for a theme that's so complex that you have to learn an entirely new back-end system right out of the gate.

After installing a new theme, I like to run a quick page speed test to make sure the theme itself isn't so bloated that it slows down the site significantly. The Pingdom Website Speed Test is a good place to start. GTMetrix is another good option.

Recommendation:

The premium WordPress theme I currently use on most of my websites, including All Freelance Writing, is GeneratePress. The support has been fantastic, and I highly recommend it. That said, there can be a bit of a learning curve at first, but they have a free version that can help you figure out if it's a good fit.

Delete the Default Content

Do you see that generic blog post that came with your WordPress installation? Delete it. The Sample page? Delete that too. Any lingering comments or default content that came with your theme (such as sample customized page layouts)? Unless you're using them as a template to build from, get rid of 'em. You want a clean slate for your own content.

Decide on Your Site Structure

Make a list of all pages you plan to add to your website, including their hierarchy. These are static-style pages, not your blog posts. Some common examples might be an About page and a Contact page. If you don't plan to have your blog on the homepage (such as when running your business site on WordPress), you'll also want a page called Blog.

Set these pages up even if you don't immediately add the content. And if you add a page called "Blog" to house your posts, you don't need to add anything there. Your posts will automatically be pulled in there when you get to the "set your homepage" step.

Choose Your Blog Category Structure

Under the "Posts" link in the left navigation, choose "Categories." This is where you can add the categories you plan to "file" your blog posts under.

Picking a logical category structure up front can make things easier for your readers to find, but it can also prevent messy post moves and massive redirections later if you decide your category structure isn't quite right.

After you've added your own categories, set one of them as the new default. Then delete the "uncategorized" category that came with your fresh WordPress installation.

Set Your Homepage

If you plan to leave your homepage in blog format, don't do anything.

If you want more of a static homepage (like I have on my business site), go to the Settings link in your left menu in the WordPress admin area, and go to the Reading link. Note that you'll want to create a page before doing this so it's available in your settings.

Where you see "Front page displays," mark "A static page." Then, in the drop down menus, choose the page you created for your new homepage (under "Front page"), and the page you created for your blog (under "Posts page").

You can also choose how many blog posts you want to display per page on your blog here.

Set Your WordPress Homepage

Set Your Site Title and Tagline

If you didn't do this during your initial setup, add your site title and your tagline under the General link under Settings in your left navigation. Your site name should be the brand name or your name, not necessarily the full domain name. For example, here the site name is "All Freelance Writing," not "AllFreelanceWriting.com."

Your tagline should be a slogan that you want to represent your new site or brand. On my small business blog, for example, the site name is BizAmmo, and the tagline is "Your Small Business Arsenal."

This won't always display on the front-end of your site (that depends on your theme). But you should always add it. They can be pulled into use by some plugins.

WordPress Title and Tagline

Change Your Date and Time Settings

On the General Settings page, go to the Timezone section. Choose your timezone. But instead of choosing UTC plus or minus whatever, choose a city in your timezone. As long as you choose a city that abides by the same Daylight Savings rules as where you live, your WordPress clock should update automatically.

You can also change how the date and time display on the front-end of your site (such as under your post titles) from this screen.

WordPress Timezone

Your permalinks are your sitewide URL structure. For example, when someone visits a blog post, would the page address look more like:

yoursite.com/year/month/day/category/post-name/

or:

yoursite.com/post-name/

You can set your permalink structure by clicking the Permalinks link under the Settings menu on the left side of your admin area.

I personally just use the "Post name" option for any new sites. It's easier to promote posts with shorter URLs, such as on a podcast when you have to say it aloud. And by leaving out dates and categories, it's easier to update and re-publish content when things get outdated (like I did for this post in 2021).

Unless you run a news site, I strongly recommend leaving dates out of your permalinks, and I always suggest leaving the category out. I've dealt with site moves, mergers, and overhauls enough times to know you don't want the headache of cleaning up the mess from choosing the wrong permalink structure. Sticking with just the post name means nothing has to be redirected if you update a post or move it to a new category later.

WordPress Permalinks

Set Your Discussion Settings

Still under the Settings menu, now click the Discussion link. This is where you can adjust settings for how your blog comments will be handled.

The biggest thing to be concerned about is how you might protect yourself from spam. For example, you can:

  • Make commenters fill out their name and email address. (Recommended)
  • Make visitors register on your site and log in to comment. (Not recommended)
  • Force a new commenter's first comment to go to moderation, but approve their later comments automatically once you've approved the first. (Recommended -- It's far less of an intrusion for legitimate commenters than having them show up on your site and see it littered with so much spam that they can't follow the conversation to leave a comment.)
  • Force all comments to go into moderation for your approval. (Not recommended)

You can also decide if you want to receive an email for every comment that goes live or that goes to moderation. This can be a good thing early on. But once comments pick up, you might want to turn it off and just check your blog regularly.

If you end up with trolls or people spamming your site, this is also where you can come to blacklist them by IP address, name, email address, website, or even keywords they're using to spam you.

WordPress Discussion Settings

Prevent People from Registering on Your WordPress Site

Unless you're running a membership site, you don't want a publicly-accessible registration form. If you do, you run the risk of spam registrations and hacking attempts.

You can prevent others from registering for your site by going to "General" under the main settings menu in the left navigation. Make sure the "Anyone can Join" box is unchecked.

If you need to add users to your site later, such as to get support from your theme creator or a plugin developer who needs access, you can still add them yourself under the "Users" menu on the backend.

Write Your Starter Content and Website Copy

Before you start promoting your new site, you'll need to get some basic copy and blog content up there. That includes, at a minimum, your About page and Contact page. You'l also need a Privacy Policy page. And if you'll have a static homepage, you'll need to draft that copy as well.

As for your blog, my basic policy is to have five posts already live on the site by launch day. But I've been known to launch with fewer (such as three) as long as I have other posts written and scheduled to go up shortly after the launch is announced. When you drive people to your new site, you want them to find something of interest and not just a sales page or empty blog.

WordPress for Writers - Plugins

WordPress plugins let you add features and capabilities beyond what the WordPress core can do.

Below are several key plugins that all WordPress site owners should consider installing as soon as they set up their sites. These deal mostly with basic site management, security, and search engine optimization (SEO).

Anti-spam

No one wants to deal with spam on their WordPress site. Plugins can help with that.

Anti-spam plugins use captcha, honeypots, and other means to prevent bots from automatically filling out and submitting your forms while protecting you from bad actors in general.

Recommendations

While it's often recommended, I suggest not using Akismet. In my experience, this plugin had a habit of blocking comments from valid commenters. And it wasn't putting them in a spam folder for moderation, but rather they'd never show up at all. I only found out when multiple readers reported to me that their comments weren't showing up, only to find they never made it to the admin area. They simply vanished.

Sadly, my long-time favorite anti-spam WordPress plugin was purchased by another company recently, and it's gone downhill, so I can no longer recommend it.

Currently, I'd recommend two options:

  • CleanTalk -- This is a premium plugin that can do a good job of managing your blog comment spam as well as protecting other forms on your site from spam submissions.
  • WPBruiser -- This is the plugin I currently use on most sites. It does a fine job, but my main reason for choosing it was that it offered a premium add-on that could protect my forms created through another third party plugin (the one that manages the job board and directories here).

Speed Up Your Website

Even if your brand new site loads quickly now, that could change as your site grows. And with website speed being a Google ranking factor, you don't want a sluggish WordPress site.

Caching plugins are a popular option for speeding up WordPress sites (on top of making sure your themes and plugins are light and well-coded and staying on top of updates and database maintenance).

Here's my personal favorite:

WP Fastest Cache

WP Fastest Cache is a plugin that will load cached versions of your pages to speed up load times. Basically, it takes a snapshot of your page and shows that to the next visitor instead of loading everything from your database all over again with every visit.

It also allows you to minify your CSS files (basically making the file sizes of your stylesheets smaller so they load faster), and set browser caching rules (how a visitor's browser refreshes its own cached version of your files) and gzip compression. There are just enough settings to give you flexibility, but it's far less complicated than some of the bigger caching plugins available.

All Freelance Writing is somewhat complex on the back-end due to the different plugins that have to play nice with each other. I found larger caching plugins to be more of a hassle than anything else, whereas this plugin got the job done and helped to dramatically increase page speed without interfering with pages that shouldn't be cached (though there is always more work to do).

That's not to say you shouldn't consider other options. You'll need to test caching plugins to find the one that works best with your setup.

Contact Forms

If you don't want to directly publish your email address on your website or blog, another option is to add a contact form (though I highly recommend doing both). If this appeals to you, I recommend the Formidable Forms plugin.

There's a free version of this plugin available that can handle basic contact forms. But I'm a long-time user of Formidable Forms Pro and highly recommend it if you have anything more complex to build. For example, the Pro version of the plugin is used to manage the job board, writer directory, and writers' market listings on this site, in addition to all of my smaller forms.

The Pro version can also be used to set up front-end post submissions if you need to accept guest posts easily. It can be used to set up fairly complex surveys, calculators, custom login and registration forms, email subscription forms, review star rating systems, and so much more. It can even be used to set up a client booking calendar for your professional website.

Formidable Forms Pro is hands-down one of the best investments I've made in premium WordPress products.

Security

WordPress is a popular platform for web publishing, and spammers and hackers know that. That's why they often target WordPress installations. They can identify sites run on the platform because of common file names and locations.

One page frequently targeted is your wp-login.php page -- where you log into your site.

These pages can be hit with brute force attacks on a fairly regular basis. This is when someone (usually an automated bot) continually tries to log into your site until it cracks a password. Even if they don't get in, this can cause a heavy load on your server, especially if you use shared hosting.

One of the best things you can do is make sure you choose a unique login name (never "admin") and a secure, randomized password. You can also help to prevent this by moving your login page away from its typical address, although that is beyond the scope of this post.

Another security issue you might come across are injection attacks where someone tries to upload or inject malicious code onto your site, often to deface it or to inject spam links.

While I use quite a few custom security tweaks (and I'll share one with your shortly), my primary security plugin is Wordfence (which I believe was recommended to me by Sharon Hurley Hall and Cathy Miller years ago). There's a free version, and I highly recommend it. They also have a premium option. I wouldn't launch any public site on WordPress without at least the free version.

Sharing / Social Networking

I'm always amazed when I come across a blog with no social media buttons to help readers easily share the content. It's as if the bloggers don't want you to share their material. But you do. Right?

If so, one of the first plugins you should install is a sharing plugin. I've used several which have all worked well on different sites, and honestly I'm not 100% sold on any of them right now after a previous favorite went downhill. But here's the sharing plugin I currently use here at All Freelance Writing:

The key here is making sure your plugin offers the sharing links and positioning options you want without being too bloated to the point it slows down your site. Experiment with a few to find one you like.

Search Engine Optimization

If you want to make it easier for search engines to find and rank your content, it's a smart idea to install an SEO plugin on your WordPress website or blog.

Perhaps the most popular option is WordPress SEO by Yoast. I no longer love this plugin, but I haven't found a decent alternative yet despite testing many. So this is what I'd recommend for now.

Your SEO plugin can be particularly important to install early on. Otherwise you might have to go back through all your old pages and posts to add the meta info you want later. With it installed up front, you can add this information as you create each page and post.

WordPress for Writers - Tips & Tricks

Not all writers will need these, but the tips and tricks below will help you customize your site to make it more client-friendly, more secure, or tailored to your unique plans for the platform.

I'm including source links for all the code examples. The source pages might teach you how to make further customizations or they might provide more detailed instructions.

NOTE: I cannot guarantee that all of these will work with all themes and other plugins. For example, you might run into a conflict if one or more of these is already built into your theme's functions.

Also note that any changes you make to your theme's functions.php file will be lost when you update your theme. So you'll want to use a child theme for these, or turn to the plugin options if you aren't comfortable with child themes which are beyond our scope in this post. You can learn how to create a child theme in this guide from WordPress.

Why You Might Want to do This: 

If you're a freelance writer, you might want to have a private area of your site accessible only to clients after they've logged in. For example, you might post updates on their projects or store copies of their articles for download if they ever lose the originals.

If you do this, it's nice to be able to brand your site a bit better. Instead of having the WordPress logo appear above the login form (which can be confusing for clients who aren't familiar with WordPress), you can display your own logo instead. This is a good idea if you run a membership site too.

WordPress custom login logo - AllFreelanceWriting.com

 

NOTE: While I've previously used the code below to add custom login logos to my site, I no longer do. The image above is not exactly what your site would look like. Your logo would appear above the standard WordPress login form. I currently use Formidable Forms Pro for this instead.

How to do This:

Open the file called functions.php in your theme folder on your server. You can also access this through the WordPress admin area by going to Appearance >> Editor and finding the functions.php file in the right hand column.

Paste the following code at the bottom of the file, just before the closing line where you should see ?>.

function my_login_logo() { ?>
    <style type="text/css">
        #login h1 a, .login h1 a {
            background-image: url(<?php echo get_stylesheet_directory_uri(); ?>/images/site-login-logo.png);
		height:65px;
		width:320px;
		background-size: 320px 65px;
		background-repeat: no-repeat;
        	padding-bottom: 30px;
        }
    </style>
<?php }
add_action( 'login_enqueue_scripts', 'my_login_logo' );

Upload your logo to your site, and change the image location string from /images/site-login-logo.png to the home of your new logo.

Note: WordPress is set up to show a logo sized 80px by 80px. If your logo isn't able to fit within those dimensions, the tweak is a bit more complicated. You can learn more at the source link listed below, or you might want to try a plugin for this.

Then, if you want your logo to link to your site's homepage, add this to the same functions.php file, below the last bit of code you added:

function my_login_logo_url() {
    return home_url();
}
add_filter( 'login_headerurl', 'my_login_logo_url' );

function my_login_logo_url_title() {
    return 'Your Site Name and Info';
}
add_filter( 'login_headertitle', 'my_login_logo_url_title' );

Edit the "Your Site Name and Info" portion to reflect your website's title.

[SOURCE]

Prefer a Plugin?

Limit Post Revisions

Why You Might Want to do This

You might have noticed that WordPress automatically saves revisions of your posts. These come from auto-saves or when you preview or save a draft.

That's incredibly helpful if you make a mistake and accidentally delete something or if you're ever the victim of a defacement hack and you need to restore previous versions of your posts. You can simply go back to a previous revision. But those revisions add up over time (I've had posts with dozens of them).

As your post count grows over time, all those revisions start to litter your database. Every revision is saved in your database as a separate post. Most aren't even necessary once your post is published.

You can stop these from getting out of control by limiting the number of revisions WordPress saves. This is especially important if you get a warning from your host about your database size (something that happened to me early on when I still used shared hosting).

How to do This:

Log into your hosting account and go to your file manager (or access your server files however you usually do).

Open your wp-config.php file. Add the following line right before the line that says "That's all, stop editing! Happy blogging.":

define('WP_POST_REVISIONS', 5);

You can change "5" to any maximum number of post revisions you want to save.

[SOURCE]

Prefer a Plugin?

Limit Access to the WordPress Login Page

Why You Might Want to do This

In the plugins section of this post, I shared information about a plugin that can help protect you from brute force attacks (where a bot or hacker keeps trying to log into your site until it cracks a password). If you're the only person who needs to log into the site, you might just want to ban everyone else's access to the login form altogether.

As a bonus, this stops brute force attacks from leading to high server loads (such as if you're getting CPU warnings from your host).

It helps if you have a static IP address that won't change frequently. But if your IP does change, you can always add your new IP address by logging into your hosting account and editing the IP address again in your .htaccess file. I'll also link you to an alternative solution I use on most of my WordPress sites below.

How to do This

Log into your hosting account or access your site files however you usually do.

Open your .htaccess file. Add this (I add it to the very top on several of my sites):

<Files wp-login.php>
Order Deny,Allow
Deny from All
Allow from x.x.x.x
</Files>

Replace x.x.x.x with your IP address. You can find your IP address by visiting WhatIsMyIP.com from the Internet connection you usually work from.

[SOURCE]

Another Way to do This

If your IP address does frequently change and the above solution isn't ideal for you, you can also password-protect your login page.

This means you'll see a pop-up in your browser when you try to access your login page, and you'll have to enter a username and password there (set at the server level) to even access your login page at all.

This prevents bots and potential hackers from ever triggering WordPress to process their login attempts, also preventing them from abusing your server resources and driving up CPU usage (especially important if you use shared hosting).

I use this method on every WordPress site I own (dozens) where I'm the only user who needs to log in regularly. If you have other users, this won't be a great solution for you.

Yes, this technically means you'll need two usernames and two passwords. And you'll want them to be both different and secure.

In my case, I allow my browser to save that login information so I only have to click twice instead of remembering those randomly-generated passwords. So it doesn't add much time or effort to my workload. If you only have a single site, the added time is negligible for the added protection you'll get in return.

Want to give this method a try? This post from Crunchify can show you how.

Adding Word Counts to Your Post List

Why You Might Want to do This

By showing word counts in your list of posts in the WordPress admin area, it could help you keep track of how much writing you're doing each day. Instead of opening each post to get the word count, you could quickly scan that list to see how you're progressing towards your word count goals.

This could also be helpful in updating your site and trying to improve your search engine rankings. Being able to sort posts by their word counts lets you quickly find shallow content that needs to be removed, updated, or merged with another post.

WordPress Word Count Column

How to do This

For this one, I'm just going to point you to a plugin. While it's possible to do this in your functions.php file (and this post can show you how), the plugin below doesn't even require you to change any settings. Just install it, activate it, and you're good to go.

These are just a few examples of tweaks you can use, with or without plugins, to customize your WordPress website. Want even more ideas? Here are some other ways I've tweaked All Freelance Writing itself, along with some plugins that can help you do similar:

In coming weeks I'll cover some of these plugins in more depth showing how you can use them to build a more advanced professional website or blog or better monetize or promote your site.

Do you have specific WordPress-related questions you'd like me to answer in the comments or in future blog posts? Leave a comment below and I'll do what I can to help.


Note: WordPress for Writers was originally published as a three-part series beginning on March 6, 2014. The posts were merged and updated in January 2021 with new plugin recommendations and other content updates. 

Latest posts by Jennifer Mattern (see all)

6 thoughts on “WordPress for Writers: Tips, Tricks & Essential Plugins”

  1. Hi Jennifer,

    Nice article as usual.
    I small addition for categories:
    – delete the default ‘Uncategorized’ category
    AND
    – create a meaningful category and in Settings > Writing
    set it to be the “Default Post Category”

    Regards
    Attila

    Reply
  2. Thanks for the shout-out, Jenn. This is so fabulous and I can’t wait for the rest of the series. I wish I had it when I started. 🙂 It certainly would have saved me some hassles.

    For example, I was sorry I originally set up my sites’ permalink structure to include the date. They now all just have the post name. And as we discussed, I was happy I held initial comments for moderation after a recent spam attack with hundreds of spam comments.

    You may cover this late (and at the risk of showing my ignorance-HA-wouldn’t be the 1st time) 🙂 but one thing I’ve never understood is what is the WordPress Subscriber list in Users? And should I care that there are email addresses there? They can’t access admin functions and I use Aweber for subscribers to my posts.

    I have Googled it before but never found an explanation I understood. Thanks again, Jenn.

    Reply
    • Did everything get redirected okay when you made your permalink change?

      Spam attacks are a great reason to moderate first comments. I can’t even imagine how bad it would have looked if you suddenly had 300 spam comments live on your site. Are you using the Anti-spam plugin from Webvitaly yet? If so, at least that would stop anything automated (which I would have to imagine hundreds of comments at the same time are).

      A “subscriber” is simply the default user level when someone registers for your site. So if your WP settings are set to let anyone register, then anyone who knows the default WP registration URL can register. If you don’t want registrations, you should turn that off on the General Settings page by unchecking the box next to “Membership.” What you’re seeing is simply a list of your site’s registered users, and the email addresses they’ve used to register. I wouldn’t go importing that into a newsletter or anything. It’s more about account management — seeing that they only have one account, identifying spam users, contacting them privately if there is a problem with their account, etc. It’s nothing you should have to worry about unless they look like spam users, in which case you can delete them.

      Reply

Leave a Comment