The checklist is divided into five stages, each made up of 72 individual steps:

1InstallGet Required ToolsIt may be useful to download and install the following free software as they will be useful for the rest of the installation (unless you have alternative software installed already):

2InstallDomain and HostingBuy a domain and hosting account for your WordPress website.

For examples of hosting companies, see the recommended webhosting companies.


Your host should meet the minimal requirements for WordPress.

Once you have created your web hosting account, please note your web hosting provider’s technical support contact details ad you may need them later.

Find out more about domain names and web hosting.

3InstallEmail Account SetupSet up an email address using your new domain for using in the rest of the WordPress installation (unless you have another email address you wish to use of course).

[email protected]

Contact your hosting company if you are unsure how to do this.

4InstallFTP Account SetupSet up an FTP address using your new hosting account for using in the rest of the WordPress installation.

Contact your hosting company if you are unsure how to do this.

Find out more about FTP here.

5InstallGoogle Account CreationSet up a new Google Account for using with Google integration for your WordPress website.

This will be used for Feedburner, Google Analytics, Google Webmaster Tools and also for GMail if you wish.

6InstallGMail Account IntegrationIf you wish to take advantage of GMail’s powerful features, you can set your new email address to use GMail.
7InstallFeedburner Account CreationSet up a Feedburner account using your Google account.

Every WordPress website includes an RSS feed by default.

FeedBurner provides custom RSS feeds, statistics and management tools for your WordPress RSS feed.

Find out more about RSS feeds here.

8InstallMailing List SetupSet up an email list for using with your new WorPress website.

This list will help broadcast your content.

You will need an account with a recommended email marketing provider, for example:


Once you have set up your account, you can set up an email list for your new WordPress website.

Find out more about email marketing.

9InstallWebsite Monitoring Account SetupSet up an account with the free website monitoring service

A website monitoring service is used to ensure that your site is live and responding.

Find out more about website monitoring here.

10InstallPrepare for WordPress InstallYou are now ready to install WordPress. You should check out your options for installing WordPress.

There are several ways to install WordPress:

If you are unsure, you should check which one is appropriate for you by contacting your web hosting company.

11InstallCreate Database and Database UserIf you download and install WordPress yourself, you will need a database and a database user defined to install it correctly. You can create a database and database user in the following ways:


If you have trouble with creating a database and a database user, contact your web hosting provider.

12InstallAdministrator Account SecurityWhen installing, do not use ‘admin’ as the username for the administrator account as this can be a security risk.

Try something like your site name initials + ‘admin’ – ‘My Awesome Blog admin’ becomes ‘mabadmin’. This is less obvious but still easy to remember.

Don’t panic – this can also be changed after installation if you wish.

13InstallInstall WordPressYou should decide whether you want WordPress at the root of your domain:

or in a folder:

Once you have decided and using the information obtained earlier from your web hosting company, you should install WordPress on your hosting account as appropriate.

14InstallLogon as AdministratorAfter the install, you can now logon using the administrator account.

The logon screen can be found by appending ‘wp-login.php’ to the end of the URL to your WordPress installation as below:


This will give you access to the WordPress Administration Screens.

15InstallCheck the WordPress Address and Site AddressYou can check the WordPress Address and Site Address settings by using the Settings–>General Settings menu item.

These may be fine for you as they are, but sometimes you may wish to add the ‘www’ here to each URL. Make your changes and click the ‘Save Changes’ button. You may have to logon again after any changes.

Find out more about the General Settings screen.

16InstallCheck the Site Name and Site Tagline.On the General Settings screen, you can also set your Site Name and Site Tagline.

These may been set during installation. You can leave the tagline blank if you wish. Make your changes and click the ‘Save Changes’ button.

Find out more about the General Settings screen.

17InstallCheck TimezoneOn the General Settings screen, you can also check your Site Timezone.

This will be set during installation. Make your changes and click the ‘Save Changes’ button.

Find out more about the General Settings screen.

18InstallSet Ping ServicesWordPress can automatically notify popular Update Services that you’ve updated your blog by sending a ‘ping’ message each time you create or update a post. This helps increase traffic to your site.

You can set the Update Services to use on the base of the Settings Writing Screen using the Settings–>Writing menu item. Make your changes and click the ‘Save Changes’ button.

You can find out more about Update Services here.

Find out more about the Settings Writing Screen.

19InstallDelete the Sample ContentYou can clean up the sample content provided in the basic WordPress installation.

· Delete the sample comment using the Comments Screen.

· Delete the first post using the Posts Screen.

· Delete the blogroll using the Links Screen.

20InstallSet PermalinksBy default WordPress uses URLs which have question marks and numbers in them which look ugly. However WordPress offers you the ability to create a custom URL structure for your permalinks (short for “permanent link”).

Go to the Settings Permalinks Screen using the Settings–>Permalink menu item. Make your changes and click the ‘Save Changes’ button.

Tip: A simple and useful permalink structure is


This will provide good SEO benefits and performs well.

Find out more about the Settings Permalinks Screen.

21InstallCheck Uploads PathYou can upload images, video, recordings, and files when using WordPress. These files are known as ‘Media’.

You can check the location and structure of the upload directory on the the Uploading Files section in the Settings Media Screen. This is reached by using the Settings–>Media menu item.

Tip: You can probably leave most of the settings here alone, but unchecking the setting at ‘Organise my uploads into month- and year-based folders ’ will make your files easier to find. Make your changes and click the ‘Save Changes’ button.

Find out more about the Settings Media Screen.

22InstallCheck Robots.txtThe robots.txt protocol is a convention to prevent web crawlers (software used by search engines to categorise and archive web sites) from accessing all or part of a website which is otherwise publicly viewable. This is done by producing a text file on your website that the web crawlers can read.

Install a plugin for WordPress to help with this called PC Robots.txt.

Find out more about the robots.txt protocol.

23InstallCreate LogoYou should consider creating a website logo at this stage as you can use it later in the installation process.

Good places to start:

24InstallSet FaviconA favicon is an image file associated with your particular website. Your web browser can display it in bookmarks and links to your website. You can easily create a favicon with your logo by using the Dynamic Drive favicon tool.

Once you have created a favicon, you can then add it to your website using the All in One Favicon plugin.

Find out more about favicons.

25InstallBurn RSS FeedIf you created a Feedburner account earlier in the installation process, you can now setup your WordPress RSS feed to use Feed burner.

You can do this by installing a plugin or doing the process manually.

26InstallCheck Visual Editor SettingsThe Visual Editor in WordPress is what you type your text into to publish it on your website. Many advanced users do not like using the Visual Editor as it can add extra HTML when typing.

You can turn off the Visual Editor by going to the Users–>Your Profile menu item and checking the ‘Disable the visual editor when writing’ item.

You can also disable it globally for all users by installing a plugin.

Alternatively, you can also install a plugin that stops the automatic formatting by WordPress.

27SecureChange Administrator Account NameIf you have used ‘admin’ as the username for the administrator account this can be a security risk.

You can now change this to something different using the ‘Admin renamer extended’ plugin.

Try something like your site name initials + ‘admin’ – ‘My Awesome Blog admin’ becomes ‘mabadmin’. This is less obvious but still easy to remember. You may have to logon again after making this change.

28SecureCheck Administrator Account Password and NicknameCheck that the administrator account password is secure.

You can visit the Strong Password Generator website for guidelines and a tool to produce strong passwords.

You can change the administrator account password using the Users–>Your Profile menu item. You can also change the administrators account nickname from ‘admin’ here also (the nickname is the visible name of the user on a WordPress website).

29SecureUpdate Unique KeysUnique Keys makes your site harder to hack and access harder to crack by adding random elements to the password. These secret keys are stored in the wp-config.php file.

You can update these unique keys by installing the Update Unique Keys plugin. This plugin will automatically set and/or update the Authenication Unique Keys in the wp-config.php file.

30SecureDelete WordPress Installation FilesThe following files can be deleted using your FTP client:

  • install.php file in the wp-admin folder of your WordPress website
  • readme.html in the root folder of your WordPress website


These files can provide are a security risk and do not need to be there for your WordPress website to function correctly.

31SecureMove wp-config.phpYou can move the wp-config.php file to the directory above your WordPress install. This means for a site installed in the root of your webspace, you can store wp-config.php outside the web-root folder and it will not be available to the web.

Note that wp-config.php can be stored ONE directory level above the WordPress (where wp-includes resides) installation folder. Use your FTP client to move wp-config.php.

32SecureRemove WordPress VersionWordPress will automatically insert the current WordPress version into the head section. of every web page. This can be useful information for hackers .

Install the WP-Secure Remove WordPress Version plugin to remove this information.

33SecureStop SQL Injection AttacksSQL injection is a hacking technique that exploits security vulnerabilities occurring in the database layer of a web site.

Install the WordPress Firewall 2 plugin to identify and stop the most obvious SQL injection hacking attempts against WordPress.

Find out more about SQL Injection.

34SecureChange WordPress Database PrefixYou can check the security of your WordPress installation by downloading and installing the Better WP Security plugin.

This plugin will fix many issues already identified in your installation, so you may not need all the fixes. However, you should at least consider using this plugin to rename the default WordPress database prefix away from ‘wp’.

35SecureUpdate Htaccess SettingsA htaccess file is used by a web server to set permission and security. Your WordPress installation contains one of these files and can be used to increase security on your website.

Install the BulletProof Security plugin for a fast way to check the security of your htaccess file.

Find out more about htaccess files.

36SecureAdd File Monitoring ScanIf a hacker does gain access to your WordPress website, they can make changes to your website that may not be detectable even when you login.

  • Install the WP-Malwatch plugin and it will run a nightly scan for hacked files in your WordPress files.
  • Install the WordPress File Monitor plugin and it will email you when files are added/deleted/changed.

Many of the reports may be false positives, but the information is useful. If you do get hacked, you will be alerted quickly.

37SecureStop Comment SpamComment spam is endemic on the internet. Install a plugin to filter the spam comments from the real comments.

  • Akismet is the standard plugin for protecting WordPress comments from spam. You will need a API to use the plugin and it is only free for non-commercial use.
  • Antispam Bee is a free WordPress antispam plugin that comes highly recommended.


Find out more about the problem of spam in blogs.

38SecureCheck Comment SettingsThe Settings Discussion Screen allows you to set the options concerning comments (also called discussion). You can find this on the Settings–>Discussion menu item.It is here the administrator decides if comments are allowed and what constitutes Comment Spam.

  • You can also install the Subscribe to Comments plugin which allows commenters to subscribe to e-mail notifications for subsequent comments.
  • The Thank Me Later plugin will send an email to anybody who comments.

Find out more about the Settings Discussion Screen.

39SecurePrevent Brute Force Password DiscoveryA brute force attack involves systematically checking all possible passwords until the correct one is found.

You can prevent brute force attacks against your WordPress website by installing the Login Lockdown plugin.

Find out more about brute force attacks.

40SecureCreate Backup PlanThere are many different ways to backup your WordPress installation and files. WordPress websites need two separate backup types:

  • On demand backups of your database before upgrades.
  • Automated, scheduled offsite backups.


The options should be considered:

  • The WP-DB-Backup plugin which will allow you to create instant on demand backups of your database.
  • The BackWPup plugin which can be set to schedule an offsite backup to your FTP account.
  • The commercial plugin BackupBuddy allows you to schedule offsite backups.
  • offer a commercial fully automated website backup service.


Find out more about WordPress backups.

41ConfigurePlan Site TaxonomyA site taxonomy is a grouping mechanism for content. There are two default ways to group content in WordPress:

  • Categories which group posts together. Categories can be placed in hierarchies. Think of categories as your site’s table of contents. Your categories should help identify what your site is about.
  • Tags are keywords related to your posts. Tags have no hierarchy. Tags are your site’s index words. Your tags allow micro-categorisation of your site’s content.


You can manage your tags and categories from within WordPress Administration. Most sites will work fine with these taxonomy types.

However you are not limited to just two types of taxonomy in WordPress. You create custom post types and custom taxonomies to organise your content as you wish e.g., create a job taxonomy for a jobs website or a movie taxonomy for a movie review website.

Find out more about taxonomies and custom post types.

42ConfigureImprove 404 Errors404 errors happen when a page is requested that does not exist.

WordPress can handle these errors fine but you can make your 404 pages much better by installing the Smart 404 plugin.

This will plugin will perform a search of the site using keywords from the requested page and attempt to redirect the user to relevant content.

43ConfigureConfigure Related ContentOnce your visitors have finished reading one piece of content, it always a good idea to show them related content.

You can do this automatically by installing the Contextual Related Posts plugin. This will display a list of contextually related posts for the current post.

44ConfigureInstall Maintenance PluginYou will now be in adding pages to your website and you may not want the general public seeing your unfinished website.

Install the WP Maintenance Plugin so that your visitors will only see a maintenance page while you finish the setup.

45ConfigureAdd Contact PageAdding a contact form plugin such as Contact Form 7 makes adding a contact form very simple.

Install the plugin and create a contact page.

46ConfigureAdd Utility PagesMost websites will have pages for the following:

These pages can be created with dummy content if needed using the Just Add Lipsum plugin and excluded from menus using the Exclude Pages plugin.

Google may require sites using Adsense to have some of these pages.

47ConfigureAdd HTML SitemapSome website visitors like to be browse a map of the entire site.

Install the Atlas HTML Sitemap Generator plugin and it will create a sitemap page for you automatically by using a shortcode (a special code that produces an effect when typed into a WordPress post or page).

48ConfigureInstall a WordPress ThemeInstalling a WordPress theme is easy, choosing one is difficult!

The following list should be kept in mind:

  • Free theme or premium theme?
  • What number of columns do you need?
  • Has the theme widget and menu support?
  • Do you need Adsense support?
  • Is a demo available?
  • Do you need a magazine layout?
  • Is the theme supported and updated regularly?


49ConfigureConfiguring the WordPress ThemeOnce installed you must configure your WordPress theme.

The following list if options is not exhaustive:


50ConfigureTest WordPress Theme with Sample ContentIf you wish to test your theme , you can import the test data supplied at and run through some of the suggested tests.

Once you have finished with the test data you can use the Bulk Delete plugin to delete it all.

51ConfigureAdd Mobile SupportIf you wish to add mobile support for your WordPress website you have many choices of mobile theme. The following two plugins come recommended:

  • WordPress Mobile Pack will give your website a simple mobile theme that will work on most phones.
  • WPTouch will make your website look well on iPhones and Android smartphones but older phones may not work.
  • You can also install the iPhone Webclip Manager plugin which will give your website it’s own iPhone icon.
  • You can test how your site will look by using the mobiReady testing tool.
52ConnectConfigure Google XML SitemapsAn XML sitemap is a list of pages of a web site accessible to a search engine. You can install the Google XML Sitemaps plugin will do this for you automatically. This will help your website get indexed more quickly and allow you to see how Google sees your site.

Once you have installed and configured your plugin, login to Google Webmaster Tools using your Google account created earlier and submit your sitemap after verifying your site with Google.

Find out more about sitemaps.

53ConnectConfigure Google AnalyticsWeb analytics is the measurement and analysis of website visitor data so that you can optimise your website. The best free tool for this is Google Analytics which you can sign up for using your Google account.

Once you have created the necessary code for your website, you can install the Google Analyticator plugin and add your code.

Find out more about web analytics.

54ConnectInstall WassUp Realtime AnalyticsIf you want to see what your visitors are up to in realtime, you can install the WassUp Realtime Analytics plugin.

This will give your a simple view of visitor interactions with your website as they browse through. Very useful and fascinating to watch.

Please note that this plugin cannot be used with certain caching plugins used to increase performance.

55ConnectConfigure Twitter IntegrationUsing your email address created earlier, you can create a Twitter account. You should then customise your Twitter profile picture and customise your Twitter page to match your website. Once your Twitter account is setup, the following plugins will integrate Twitter into WordPress:

  • The WP to Twitter plugin will post to your Twitter account when you update your WordPress website using your chosen URL shortening service such as
  • The Twitter Widget Pro plugin will add your Twitter feed to a widget that can be displayed on your site.
  • If you want very deep integration between your site and Twitter, then the Simple Twitter Connect set of plugins is for you. This will allow login and commenting using Twitter credentials and auto-linking to Twitter accounts.


56ConnectConfigure Facebook IntegrationUsing your email address created earlier, you can now create a Facebook account. Once your account is created, you should customise your profile and add a Facebook page to advertise your website. The following plugins can then be used to integrate Facebook into your WordPress website:


57ConnectConfigure LinkedIn IntegrationLinkedIn is a business-oriented social networking site. If you are in business, it can be useful to link your WordPress Website to your LinkedIn profile. This can be done using the following plugins:

  • The LinkedIn SC plugin will parse your LinkedIn profile and allow you to display it on any page or post using shortcodes.
  • The LinkedIn Share Button will add a LinkedIn share button to posts and pages, allowing your visitors to share your content with their LinkedIn network.


Find out more about LinkedIn.

58ConnectAdd Social Media IntegrationThere are many social media WordPress plugins available. Here are some that may be useful:

  • The Social Media Page plugin will add a list of links to your social media profiles on a page or post of your choice.
  • The Digg Digg All-in-One Social Buttons plugin will integrate popular social buttons into WordPress easily.
  • The ShareThis plugin allows users to share your content through email and 50+ social networks.
  • Submit your RSS feed to RSS directories to increase backlinks

Find out more about social media.

59ConnectAdd Mailing List IntegrationUsing your mailing list provider account setup earlier, you can now add integrate a subscribe box for your mailing list to your WordPress website. The following plugins may help:

  • A simple way to add one or more AWeber email subscription forms to your sidebar is to use the Aweber integration plugin. Don’t forget you can also send your posts automatically to your list by setting up a blog broadcast.
  • The GetResponse Integration plugin allows you to quickly and easily add a signup form for your site.
  • The MailChimp plugin allows you to quickly and easily add a signup form for your MailChimp list.


Please check with your mailing list provider for more information. Don’t forget that you can add an email form to a text widget if no plugin is available.

60ConnectConfigure Adsense and Other AdvertisingIf you use Google Adsense, you can now integrate your adverts into your website. There are numerous plugins availableto help with Adsense if you wish.

There are other options for advertising on your WordPress website.

  • The Advertising Manager plugin will allow integration with many advertising networks, including Adsense.
  • MyADManager will manage 125×125 pixel adverts on your website with automatic activation and deactivation of adverts using PayPal.
61ConnectConnect to Web Monitoring ServiceUsing your the free account with the free website monitoring service created earlier, you should now add your site to the service so that you uptime can be monitored.
62OptimiseConfigure WordPress SEOThere are many plugins to improve WordPress SEO.

The plugins below should provide coverage for most installations.


Find out more about SEO.

63OptimiseAdd Popup to Advertise Mailing List or ProductsAdding a popup window to your website can increase subscriptions and is a great way to announce new products or services to your visitors.


64OptimiseAdd a New Visitor GreetingNew visitors often appreciate some context and background information about your site.

You can offer them a special welcome and invite them to become permanent subscribers using the What Would Seth Godin Plugin Do (WWSGPD).

Find out more about the background to this plugin.

65OptimiseAdd Your Sales PagesYour sales page is where you present your products or services to your customer. A sales page can be added using any theme with some work, but there are several commercial themes that can help with sales pages directly:

You should also consider your copy writing skills when designing your sales pages.

Find out more about sales pages.

66OptimiseIntegrate Payment or Ecommerce ProviderNow you want to get paid!

WordPress makes it extremely easy to integrate your payment processor or ecommerce functionality into your site. There are many plugins available:

You can also do recurring billing, invoicing and paid membership areas from within WordPress also.

67OptimiseCleanupYou may now have multiple unused themes and plugins in your WordPress website.

You should now deactivate and delete any unused themes and plugins from your website. Unused themes and plugins which are not updated can be a security risk.

68OptimiseIncrease the Performance of WordPressYou can improve the performance of WordPress using a caching plugin. The most highly recommended one is the W3 Total Cache plugin.

This plugin also has transparent content delivery network (CDN) integration which allows your content to be spread across high performance servers to increase performance.

Find out more about web caching and content delivery networks.

69OptimiseTest Your WordPress ConfigurationNow that your website is almost complete, you should test the WordPress configuration to see if there are any issues:


70OptimiseTest Your Website Using Different BrowsersIt is a good idea to know how your website is displayed to your visitors.

If your sign up for the free service at which will allow you to test your website in various browsers on different operating systems.

You should see how it looks in the following combinations:

  • Internet Explorer / Windows
  • Firefox / Windows
  • Firefox / Macintosh
  • Chrome / Windows
  • Safari / Macintosh
  • Firefox / Linux
  • Opera / Windows
71OptimiseRun a Final Security ScanRunning the following plugins may identify security issues that have been missed by any steps so far:

Some of the issues identified will be false positives, but the scan is very useful.

72OptimiseAdd Content and PubliciseOnce you have done your keyword research and created your first content then you should let the world know about your new website by creating a press release.

Well done! Time for a coffee :)