sebastian lochbronner

To keep your WordPress website running smoothly, you should regularly go through the following checklist. Your website is your flagship and helps you to attract customers. So it makes sense that you don't just create it and then forget about it, but keep it updated regularly. Information gets outdated quickly and with every new update you should also check the functionality of the website. Nothing is worse than a visitor turning back on his heel because your page is displayed incorrectly or content is no longer up to date. Especially in times of the data protection regulation it is very important to follow certain rules and to keep a website flawless according to legal regulations. The following list can help you to stay on the ball and not to forget any important checks. The tasks are divided into daily or weekly and monthly or quarterly. You can enter these routine tasks into your project management software or your calendar. This way you will never forget when something should be done and your website will always be up to date.

Daily and weekly check-ups

1. check comment area

If your website has a comment section, you should check it daily to stay in touch with your customers and your community. Is the comment function still working properly? Are there new comments waiting for a response? Is there helpful feedback for your business? Especially when you're blogging, things can accumulate quickly every day. And in order not to be overwhelmed by the amount of comments, it is worthwhile to look for them every day. This also makes the commenter happy, because he gets timely answers from you. If you want to stay up to date, you can also receive email notifications for new comments.

WordPress Spam Kommentare

WordPress spam comments should be deleted promptly and completely.

In addition, you should delete spam comments promptly, especially when comments are directly visible to the public without moderation. Plugins can also help here. It should be noted that some plugins, such as Jetpack, are not entirely unproblematic in terms of data protection.

2. create backups

Depending on how often you update your site, you should make daily/weekly/monthly backups of your entire site. It is especially useful to make these backups before you make any changes. If something goes wrong, you can always revert to the last version and nothing important will be lost. Note that you have to backup the files of your webspace as well as your database. There are now plugins that do both for you. There are also offers from web hosts, freelancers and agencies. With us, for example, customers can choose the interval according to their needs. If you are not sure whether your own web hosting provider regularly creates backups, or how to import them in case of emergency, a WordPress backup plugin is recommended in any case. Here there are already a large number of options. Currently, we like best the so-called UpdraftPlus WordPress Backup Plugin.

UpdraftPlus allows you to create backups in different ways. Either you have the backups stored directly on the web server, or you choose an external storage location. Certainly, your own web server is the easiest and most uncomplicated option. However, you should keep in mind that if someone gets access to the website, they can simply delete it. Then it's "goodbye" simple WordPress recovery. If you choose this option, you should also regularly save the backups locally, so that you really always have them handy. You don't need to have too many versions "up your sleeve" here, after all, the most current website state is usually the most interesting.

UpdraftPlus Backup Restore WordPress

For example, the splash screen of UpdraftPlus Backup Restore for WordPress looks like this

If you also want to make backups as secure as possible, you can choose one of the other options. In the free version, these include Dropbox, Google Drive, Amazon AWS S3, Rackspace and sending via e-mail (note that large amounts of storage are possible) in addition to the FTP variant mentioned above. With the cloud providers, you should give additional thought to data protection and check whether an AV contract is necessary.

3. perform important WP Core, Theme and Plugin updates

To keep your WordPress websites running smoothly and secure, you should check at least once a week if there are new updates (WP Core, Themes, Plugins, Translations). Mostly bugs are fixed or security holes are closed, sometimes completely new information is added. Remember to make a backup before you install the updates. In addition, it makes sense to have access via FTP ready, as this is usually the fastest way to make the site functional again after a failed update.

WordPress Update Übersicht Aktualisierungen

WordPress update overview: listing of possible updates

4. delete post revisions

Post revisions are the intermediate statuses that are saved when you write an article or create or update a page. If you are satisfied with the content and don't need these revisions anymore, you can simply delete them. This makes your database lighter again and WordPress doesn't have unnecessary ballast. Depending on how often you write or change something, you can do this daily or once a week. For example, if you publish only 1 to 2 blog articles per week, it should be enough if you check these revisions once a week and delete them if necessary. The deletion is probably easiest for the normal user via plugin. You can use WP-Sweep, WP-Optimize or also WP Rocket use

If you want to limit the number of revisions in advance, you just need to add the following line of code in wp-configs.php:

define('WP_POST_REVISIONS', 2);

Above code would limit the number to 2 revisions per page/article. The code must be inserted via "ABSPATH":

WordPress Revisions begrenzen

Example of limitation to 2 revisions

Check-ups per month and quarter

1. security check

The security check is one of the most important check-ups that you should perform at least monthly. Maybe authors have been added to the system or others are no longer part of the company. For example, ask yourself if your passwords are still secure or if you need to update them. Do you have a lot of spam or does the spam filter still work properly? Were there any reports of attacks in the system? Also check if plugins still meet current security standards or if they should be replaced by other comparable ones. In addition, your database and your website environment (server / web space) should be checked for suspicious / malicious files or changed system files. There are various ways to proceed in a targeted manner. For most cases, a security plugin such as Sucuri, Wordfence, iThemes Security and similar. However, the issue of data protection should be taken into account here as a matter of urgency. Many plugins store IP addresses and communicate with central servers for protection purposes. Data protection measures and adjustments may be necessary here!

2. clean up database

Cleaning up the database regularly will help keep your WordPress website running clean and fast. Too large databases with unnecessary information can slow down a website a lot and also make it hard for you to update content. The site crashes more easily when it has to load tons of data paths. For example, when cleaning up WP-Optimize or also WP Rocket help (do not forget to make a backup beforehand!).

3. check and repair links

Do you know this too? You are on a website and there is a link to another piece of information you really want to have, but the link doesn't work anymore or leads to nirvana? This is frustrating. If this happens frequently on your website, visitors will quickly judge your website as no longer up to date or professional. If a visitor has such an experience, you may lose him forever. Also, you want to make sure to the best of your knowledge that your links do not redirect to dubious sites and cause damage to the visitor's system. Search engines don't like such links at all (keyword search engine optimization!). If you don't want to do the check manually, you can use web-based SEO audit tools (SEMrush, Ahrefs, SEranking, etc.). But also the Google Search Console offers a good overview here. There are also WordPress plugins for checking broken links, but in our opinion, this only adds unnecessary ballast to your website in the form of another plugin.

4. check forms

If you use forms on your website, it is recommended to test them once a month or at least once a quarter. Does the content still arrive? Do the buttons work? Is the content still up to date or are there new features that need to be added? That way, you won't miss any customer requests or feedback.

5. control design and other visual components

The design and all visual components of your website should be reviewed regularly. It is important that visitors can use your website without problems and that the navigation is comprehensible. If visitors can't find their way around your website or if only small error icons are displayed instead of images, you will lose potential new customers. Your website does not look very professional and this reflects badly on your brand and your company. Sounds drastic, but the first impression counts. But maybe you realize that you don't really like the design anymore and you want to change something.

6. uninstall and check plugins

Once a quarter you should check if you still need certain plugins or if you can delete them. Sometimes you try out different plugins, only to somehow have a preference for a particular one. Too many plugins are also often negatively evaluated by search engines and can unnecessarily inflate the code of the website. In the worst case, this can also have a negative impact on the loading time of your website. Especially for visitors with slow connections it is then particularly difficult to see your content. Search engines like Google are aware of this fact, which is why page load time is an important ranking factor.

7. update company data and data protection

As already mentioned at the beginning, there have been particularly strict guidelines regarding data protection and imprint requirements since May. Therefore, you should regularly check whether everything is still up to date. Have you moved? Has your company name changed? Do you use new software for data processing? Incorrect or incomplete information can be very expensive if it is reported. But you can also renew information like references or publish new information about the company itself. Maybe you won a well-known award and want to share that. Or you have new testimonials that could be helpful to convince visitors of your service. In the area of privacy policy, a subscription service can be useful, as it keeps the privacy policy always up to date. For WordPress, for example, there are suitable legal texts at the IT law firm from Munich.

8. check Analytics and Search Console

The insights from analytics and search queries are very helpful for your content and offer. You can use the data to optimize your service or provide the content that can help your visitors the most. You learn a lot about your target audience and can also see where there might be errors on your website. For example, you can see where people leave your site the most and then optimize this area so that visitors stay longer on your site and get to know your service better.

In summary:

And now?

As you can see, it's important to routinely take care of your WordPress website so that everything runs smoothly and visitors and customers get a good impression of you and your business. This also makes it easier to attract customers and grow your business.

In our agency we work with WordPress, as this system is one of the most reliable and modern CMS systems on the market. It is easy and intuitive to use and meets the latest standards of technology. In addition, WordPress is constantly being developed and improved. Maintenance and care of your website are clear and easy to do. WordPress is also free and can be extended by numerous plugins and adapted exactly to your needs. You can optimize a website based on WordPress also wonderful for search engines. So you spend less time with SEO and more with helpful content for your target audience,

We're happy to help you design and maintain your WordPress website so you can focus on the content. There are several packages to choose from and you can select exactly what you need. For example, we do backups, security checks, analyze your statistics and take care of the maintenance of your database. We can do that and much more for you, so you have more time for your customers. Here you can find our WordPress maintenance and service plans - if you have any questions, feel free to contact us. We are an agency with passion for good design, a lot of know-how and you also get great coffee with us. We would love to hear from you to learn how we can best support you and your business.

(last updated October 29, 2020)

The ePrivacy Regulation is currently on everyone's lips. In this context, one hears and reads more and more about the obligation to opt-in to cookies (the previous opt-out procedure is no longer permitted). This means that cookies may only be set with explicit consent. Excluded from this are all technically necessary cookies. This includes, for example, the cookie that stores the cookie settings, or cookies for store functionalities (shopping cart, notepad, etc.).

Cookie Opt-In Solution for WordPress

There are now numerous solutions to implement a cookie opt-in for WordPress websites. Especially many premium plugins offer a fast solution with many settings. We are currently testing the Plugin Borlabs Cookie 2.1*. According to plugin author, the biggest advantages of the plugin are:

The integration of the cookie plugin can also be done via our agency, for example.

Does my website set cookies at all?

This can be easily tested with tools such as or It is important to note whether cookies are essential or optional.

Detailed Borlabs Cookie Test & Review

Soon this article will be updated with more information on the Plugin Borlabs Cookie* enriched, such as notes on implementation and setting.

Photo by Mae Mu on Unsplash
*Partner Affiliate Link

Half of 2019 is over. Accordingly, SEO trends 2019 can be illuminated a little more closely and a first conclusion can be drawn: Some megatrends that developed from 2015 continue. We look at the trends in search engine optimization 2019 in detail:

1. structured data at Google

Google is getting better at handling structured data. As a result, the algorithms are capturing the content on web pages with increasing precision, including data without markup. Examples of this development are Featured Snippets and Google Answer Boxes, which present content graphically. This trend is intensifying. In the meantime, only that content is presented as a Featured Snippet which users have taken up best. It needs a clear text structure with unique content and paragraphs that should answer specific questions about the topic of the URL. Google recognizes questions in searches and delivers snippets if the page answers that question. In online stores, structured data is now standard: it provides rating stars in the snippets.

2. mobile first

The approach is known to be older, but the trend towards mobile search will be supported even more strongly by Google and other search engines in 2019. This makes sense, because users worldwide now search more frequently on mobile than via desktop PC or notebook. In addition to Responsive Design, which has long since become the standard, programmers should pay attention to three factors when creating websites:

Texts, videos and graphics on the web are becoming increasingly simplified, which is not necessarily a bad thing. We are all users and do not want to read nested sentences or watch endless, lyrical videos on our smartphones. Even a diagram should be immediately comprehensible on the small display. A concise content doesn't have to be wrong just because it sums up the truth with a few (textual, graphical, visual) facts. The pure web design is also challenged: The contrast must be high enough to let everything be seen well on smaller displays. The loading time of a page for the mobile device must necessarily be less than three seconds, otherwise the user will jump off.

3. voice search

Those who have the option speak their search into the device, which Google Home, Alexa and Siri are increasingly supporting. Voice search is changing search behavior. Young people in particular (but not only) are affected: 41 % of all users aged 13 to 18 use voice search almost exclusively. The proportion is likely to rise to over 50 % for all search queries of all age groups by 2020 at the latest, according to the Comscore analysis institute. The questions are asked differently than with a keyboard entry. We speak specifically into the smartphone, "Where is the nearest restaurant?" At the same time, we rely on our location being determined automatically. With the keyboard, we would enter "Restaurant Berlin Hohenschönhausen." Google has now adapted its algorithms and recognizes W questions via voice search. This means for SEO: These W-questions should also be asked and answered in SEO texts.

4. content: trends 2019

Since this year, texts that are only written for search engines are definitely useless. Long word monstrosities with keyword heaps that are supposed to boost the Google ranking have obviously become useless. Instead, content optimization must be aimed at the so-called keepable experience. This means: the reader should take something away from the content conveyed in order to remember it and thus the page in the future. Brand expert Robert Seeger extends this approach with his 3H concept. The 3Hs are heart, brain and attitude. Keepable Experience, according to Seeger, consists of content (texts, videos, images, graphics) that appeal to the emotions and intellect of users, while at the same time expressing an attitude. The statement may or may not be welcomed by the user, but it must first be present. Only then will the target audience find the content that is relevant to them.

Content struggles for quality

Content struggles for quality in order to achieve the necessary attention. This makes sense, because in the last 20 years, inflationary content has been created on most topics, which is often as similar as one egg to another. In the text area, it is mostly created by spinning, i.e. the mere rewriting of existing texts so that the Google algorithms identify the new text as unique content. In this case, it is supposedly only important that no more than four to seven words of the source text are repeated (depending on the setting of the CopyScape tool). However, Google's algorithms have been more advanced for years. It is known that since the Penguin update in 2012 at the latest, they already measure the dwell time on a page that results from a user getting stuck in a text. However, it is not enough to simply post a very long text, which in turn is the result of spinning. Long texts also contradict the postulate formulated at the beginning that (in terms of mobile optimization) concise, catchy formulations are important. Rather, content must be relevant, excitingly written, creative, lateral thinking and of high quality. This applies to texts as well as to any other content. It is gratifying for content authors that Google is finally rewarding artistic freedom. It would be desirable that the marketers - probably 80-90 % affiliates who commission the content - also recognize this and give the creatives the necessary freedom.

5. artificial intelligence in the search engines

In 2015, Google introduced Rank Brain and thus also officially relied on AI. Rank Brain is one of the algorithms that determine the position of a post in the SERPs, it uses AI and machine learning to answer questions that were not even asked. It translates search queries into a mathematical pattern that the search engine can process. Rank Brain is linked to the 2013 Hummingbird update, which emphasized semantic search more. Rank Brain is able to semantically link unknown words to known linguistic entities. The system learns on its own in this way. As a user, we experience that a question similar to our search query is (also) answered - possibly because we were mistaken about the query, but possibly also because the similar question could also be relevant. It was known before 2015 that AI was playing an increasing role in Google's algorithms. In October 2015, a Google spokesperson confirmed in a post on that the Rank Brain algorithm was using AI to rank search results. By mid-2019, it is estimated that ~15 % of search inputs are absolutely original, meaning they have never been entered that way before. Rank Brain nevertheless identifies what the user likely meant. It is part of those algorithms that are based on AI. These are playing an increasing role in SEO and are expected to lead to search engines thinking more and more like a human: what could my counterpart have meant? What associations are associated with this topic? What should I therefore offer as an answer? This in turn fits in with point 4, namely the abandonment of keyword spamming, which has become completely superfluous. Regular bloggers have noticed this for quite some time. They therefore mostly do without keywords altogether. If they fit the topic, they automatically appear in the text anyway. The fact that Google no longer values them as much as it used to is also related to the increasing weight of visual-based platforms like Instagram. Placing keywords in video and photos or their captions has long been considered difficult and not very helpful in the process. But the important visual messages are nevertheless gaining the rank they deserve, namely viral: they are shared voluntarily. This is also a ranking factor, so Google's AI is much more likely to reward content relevance than mechanical keyword piling. This SEO trend in 2019 is gratifying, but also challenging.

6. what role do backlinks still play?

Their importance has diminished, but they are far from irrelevant. However, purchased backlinks are a nasty trap (and by the way, so are purchased likes and comments on YouTube, Instagram, Facebook & Co.), the search engines and social networks have long identified them. Backlinks have to be natural. That doesn't mean that targeted off-page SEO can't help things along a bit. It is perfectly legitimate to set a backlink to your own page from your own blog post or PR contribution. However, it must be really relevant, and link spamming must be strictly avoided. Referral links that deliver high-quality traffic remain useful. Ideally, they should come from a page that itself ranks relatively well. This increases the importance of press portals and, accordingly, the importance of PR for companies - which brings us back to high-quality content. How backlinks should be technically constituted is described in the E-A-T guidelines in their section 3.2 (Search Quality Evaluator guidelines).

7. progressive web apps

PWAs (Progressive Web Apps) are websites with special features of native apps. Thus, they improve the user experience in mobile search and basically combine app and responsive web design. SEO has paid little attention to them so far, but that is changing in 2019. In the spirit of increasing mobile search (see 2.), it is worth considering running new websites as PWAs. These also work offline, they can also send push messages, can be used across the entire screen (the display) and can still be installed as an icon on the HomeScreen like any native app. For SEO, it is extremely interesting that search engines do index PWAs if they meet their guidelines. Another advantage of a PWA is: it convinces with its usability, because it does not have to be downloaded and also does not require any updates. This SEO trend 2019 is still young, we should keep an eye on it.

Your partner for digital marketing

For our customers we are a reliable contact for web design, web development, online marketing & branding. Get in touch with us without any obligation: Contact us

Image credits: Business vector created by freepik -

You are probably used to do WordPress installations, like plugins and updates, via the normal backend. But since a few years there is now another way to control backend tasks via the command line. With the program WP-CLI you can do many backend tasks. This way of working offers a few advantages and can therefore be a real alternative to the usual way.

What is WP-CLI?

Command line, WP-CLI, that all sounds somehow like programming language and complicated. About the normal backend it is much easier, you might think now. But there are advantages. WP-CLI is a command line interface for WordPress. You can for example update your WordPress installation or install plugins. There is a whole collection of command lines available in WP-CLI.

The project was originally started by Andreas Creten and Cristi Burcă, meanwhile it is an official WordPress project. With the help of sponsors the further development is financially supported.

What are the advantages of WP-CLI?

There is a small learning curve associated with WP-CLI, but once you get the hang of it, many tasks are quicker than using the familiar backend interface. It is then enough one command, instead of various clicks through the navigation and levels of the backend. Even if you have multiple WordPress websites installed on your server, you can execute commands that apply to all installations at the same time. An enormous time saving as you can see.

With cronjobs you can even automate the command lines. This is useful for backups, for example, or if you simply want to do all the updates that are available. But you should always pay attention to a certain order. First backups then updates. With plugin updates there can be problems and to protect the rest of the site, it makes sense to make backups before. You probably got this hint in the graphical backend before you wanted to update something.

Example what you can do with WP-CLI

As already mentioned, you can manage installations and updates with CLI. But there is much more you can do. The following commands can be very helpful, because you need them quite often, for example if you want to fill a blog with new content on a daily or weekly basis or if you want to manage a team in WordPress.

Manage users

With the command "wp_user" you can create users, assign roles and enter information. Pretty handy when your team is constantly on the move and changing.

Manage comments

Another handy command is "wp_comment". Here you can delete, create, update and moderate comments. No more 10 clicks, one command.

Configure permalinks

Permalinks are very important for SEO. If they are well structured, it helps to rank on Google and other search engines. With the command "wp_rewrite" you can set the structure of the permalinks. You can also list the links or update them completely.

More helpful information

A list of commands and installation information can be found directly at WordPress in the Blog. At Com.Lounge and Krautpress there is also some information about command lines and how to automate them. Of course it is also worth mentioning the official site WP-CLI. There you can join the project, read the blog and follow the updates. There is also a general overview of WP-CLI.

You need WordPress help?

Contact us without obligation and we will see what we can do for you. We are an agency with many years of experience in the field of WordPress, Web design and Marketing and can advise and support you in many ways. We look forward to Your message!

Image source: Business vector created by freepik -

For a few months now, the Gutenberg editor has been available for selection in your WordPress backend and the new version of WordPress is waiting in the wings. WordPress 5.0 is scheduled for 11/27/2018 according to the official website. With it, the new version of the Gutenberg editor will also be introduced. WordPress will thus be overhauled and redesigned from the ground up. It's the biggest update in a while and there are a few things to keep in mind.

What is the Gutenberg Editor?

First of all, a little information about the Gutenberg editor. WordPress provides with the Gutenberg editor a pagebuilder that allows to implement the design of the website directly in WordPress. The principle Pagebuilder is not new and WordPress lagged there for a long time in the development. Until now, there were only other providers that sold Pagebuilder, such as Elementor or the Visual Composer from WPBakery. For a few months now you can try and test the Gutenberg editor.

The principle is simple. You assemble your page with blocks that deliver different functions via drag and drop. Completely individual pages and contributions are thus realizable without having to have great programming knowledge. The structure is completely flexible and can be intuitively operated and created. No greater HTML or CSS knowledge is required, but the content is simply compiled with blocks, just as you want.

The Gutenberg editor will be an integral part of WordPress in the future and has the goal to simplify the work in WordPress. The usual editor will be replaced with it. The blocks of the Gutenberg editor are divided by categories. There are general blocks like heading, paragraph, image and some more. In addition, there are blocks that are used for formatting, such as custom HTML, tables or code. Then there are layout blocks like columns, buttons and spacers. Finally, there are widgets and embeds like Shortcode and Recent Comments, to name just two. The list is even longer by some blocks and functions, so it's worth to have a closer look.

How does the Gutenberg editor work?

The usual text window disappears as already mentioned and the content is compiled with blocks. Starting from headings, text to multimedia elements, everything can be placed by block. This saves time, as you don't have to constantly format code by hand if you don't want to.

The Gutenberg editor also has a few other handy features. It has a code editor that you can select if you want to change a few things in the code, and the ability to copy the entire content. So you can easily paste everything elsewhere - no matter if it's a complete page or a blog entry. This is very handy if you want to create different but similar landing pages on your website, for example. You can then customize the copies, depending on your desired requirement, instead of having to set everything up again. This feature has to be added with older WordPress versions mostly with an additional plugin.

SEO has also been improved, as the Gutenberg editor now provides more information than its predecessor. With just one click you can find out how many words, paragraphs, headings and blocks the page contains and if necessary optimize everything a bit to be found and displayed well in search engines.

Another interesting feature is the "Keep on top" function, which you can check for each post. This causes a post to be fixed at the top. You can set the check mark under the Document tab. This function is especially useful if you want to draw the visitor's attention to certain content. This way you have even better possibilities to guide the visitor through your website and to keep him longer on your website.

What changes?

In connection with WordPress 5.0 the Gutenberg editor will be set as default. Until now you can still choose, but in version 5.0 it will be a fixed part of WordPress. Who wants to use the old editor afterwards, must install a plugin. WordPress will continue and expand the development of the block-based variant from version 5.0. The operation will be easier and more intuitive in many areas in the future. So the whole work in WordPress will change fundamentally.

What to do now

There are three important things you should do now as a site owner before updating to 5.0 so that you have as few problems with your site as possible. The Gutenberg editor will not be fully mature yet and some page builders, plugins and WordPress themes will have to deal with compatibility issues. So you need to be prepared that the changeover may not go smoothly on your website either, if you don't take care of checking your website now.

1. test your site now with Gutenberg

You can install the beta version of Gutenberg on your website and test extensively if everything works. Or you can use the plugin Gutenberg Rampwhich makes it easier to test your website. We recommend that you do this as soon as possible, since the release of WordPress 5.0 is coming soon.

2. make sure that your theme and plugins are compatible with the new version

As already mentioned, there may be problems when installing the new version of WordPress. Some developers of pagebuilders, themes and plugins have already reacted and provide new versions. Check if there are already updates for your components or if any are planned.

3. prepare your current content for blocks

Your current content will not break apart with the update. Instead, your content will be converted into so-called Classic Blocks. You can leave it like this or you can do some preliminary work and prepare your content. You can easily convert the content into blocks using the toolbar on each page. This way everything keeps its usual structure or you can use the full functionality of Gutenberg if you want to.


The Gutenberg editor and the new version of WordPress bring a whole new way of designing pages and posts, but you need to be prepared to make the transition go smoothly. We can help you get your website ready for the new era of WordPress. We are an agency with many years of experience in the field of WordPress, Web design and Marketing and can advise and support you in many ways. We look forward to Your message!

Many use WordPress for their website, because it is versatile and runs stable. However, to keep WordPress compliant with the GDPR, a few adjustments and changes are required. WordPress itself has already reacted before the GDPR became binding, but also as a site operator you have to consider some things. The topic DSGVO has certainly already crossed your path. The last few months you hardly got around it as a website operator, but if you are not yet so familiar with the topic, here is a brief overview. If you have any further questions, please do not hesitate to contact us. But now from the beginning.

Important: This blog post is not legal advice and is not intended to replace such advice. I am neither a lawyer nor a data protection expert. This post is only intended to provide general information and illustrate that there is extensive need for regulation. I cannot assume any liability for the completeness, timeliness and accuracy of the information provided here. Use of this information is expressly at your own risk. Status 09.11.2018

What is the GDPR?

The GDPR is the General Data Protection Regulation for the processing of personal data. Since 25.5.2018, the regulation regulates the handling of data binding for all European member states. A violation can be punished with high fines, so it is important to find out exactly what obligations you have as a website operator from now on and how to properly bring your website up to date. Parts of the regulation were already mandatory before, but the DGSVO has made everything a bit more concrete and binding since the end of May. However, the DGSVO will certainly be further adapted and tightened in the future, as parts are still somewhat unclearly formulated.

Who is affected?

Anyone who collects personal data via the website is affected. Therefore, it does not matter whether you do this commercially, for example in the context of an online store, or privately as a blogger who likes to share recipes and allows comments on his blog. Personal data are, for example, name, address, email address, but also IP addresses, which are automatically stored when someone visits your website. As you can see, the regulation basically affects everyone who has a website online and collects data in one way or another, whether through contact forms or analysis tools like Google Analytics, to name just two things.

What exactly is the GDPR about?

The General Data Protection Regulation was created to give individual consumers more control over their own data. He gets more opportunities to object to the collection of his data and gets more access to information about when and how his data is collected. The operator of a website or online store is held more accountable and must handle the data in a certain way.

First of all, he needs the permission of the person whose data he wants to collect. He must make sure that he only collects data that he really needs and does not simply ask for all kinds of information in a scattergun approach. The data must be stored securely and everything must be neatly documented. For example, is there consent there for the newsletter? Did the customer agree to the collection of his data when he ordered in the store and much more.

In short, the customer must know at all times what happens to his data, where it is stored and he must have the option to have his data deleted. You must be able to provide information about all of this and you must only store the data for as long as is really necessary. The customer must be informed before his data is transferred.

Newsletters, for example, may only be sent after a double opt-in. This means that he must agree twice that he really wants to receive promotional content in the form of a newsletter. First, he must agree that his data is transferred to you and in the second step he must confirm his e-mail address and thus give binding approval that the data is correct and he really wants to receive the newsletter. Spambots then have no chance to simply enter your email address everywhere, because you will receive an email with a confirmation link. Modern newsletter providers do not automatically save your data if you do not confirm the address and you do not receive unwanted newsletters.

Your WordPress website has not been updated yet?

Then you have to be especially careful here and check things quickly to avoid possible fines. As already mentioned, WordPress has released a new version with features specifically for data protection before the GDPR came into force, but also the plugins must not be forgotten. Depending on how your WordPress website is built, you will surely use some plugins. Maybe some are no longer DSGVO compliant and need to be replaced or updated.

Which measures are particularly important?

To help you get an overview, we have compiled a few of the most important measures here. Some things were already valid before 25.5.2018, but were often only partially implemented or not at all. Although the wording of the regulation is still somewhat unclear here and there and some passages can be interpreted in several ways, the following 8 points are particularly important in our opinion.

1. the encryption of the data

Encryption of collected data is one of the cornerstones of secure handling of personal data. If you use contact forms or people can register on your WordPress website, the data entered must be transferred securely. This happens for example via SSL encryption. You can get a certificate from your web hoster for little money. Once the certificate is installed, all data that is collected is encrypted and can be transferred securely.

2. keep everything up to date

You must always make sure that you keep your WordPress website and plugins up to date. Regular updates and checks for compliance with the GDPR are therefore a must. Set an appointment in your calendar or a reminder in your cell phone so that you don't forget. Updates usually close existing security gaps, so it is very important to do them. This way you minimize the risk that your website can be attacked and data can be stolen.

3. create privacy policy and keep it up to date

Every website needs a privacy policy that states exactly what happens to the visitor's or customer's data and how it is collected. It must be easy to find and formulated in an understandable and clear manner. Again, this statement must be subject to regular review. For example, you must state whether certain plugins collect data and why. If you use new or fall old way at some point, the declaration must also be adjusted.

4. plugins and the data transmission

Each of the plugins you use must be checked to see whether it transmits data to external servers. Social media plugins, for example, usually establish an automatic connection to the servers of Facebook and others. In doing so, they collect data about the visitor virtually unnoticed. This is no longer permitted since the DSGVO. Such plugins should be integrated using a so-called Shariff solution. So far, this is considered the safest alternative, as personal data is not automatically transferred without the visitor's consent. A good list, which shows DSGVO-problematic WordPress plugins, you can find on

5. secure contact forms

We have already mentioned data encryption during transmission at the beginning, but for contact forms of any kind it is recommended to adjust a few small things. The visitor must agree to the transmission of his data via checkbox and at least be referred to the privacy policy. It is even better to briefly mention how the sender's data will be used, to be on the safe side. This way, the sender can decide whether he really wants to transfer the data or whether he would rather not.

6. IP addresses in comments and analyses

By default, WordPress stores in its database the IP addresses of people who leave comments on your website. However, with various plugins you can set that the commenter must give his consent before he can post a comment, or his IP address is not recorded at all by a small snippet of code. Depending on the plugin, you can also set that IP addresses are automatically deleted from the database at regular intervals. The same applies to Google Analytics, for example. In order to use Google Analytics in compliance with the GDPR, you must set the plugin to anonymize IP addresses, because IP addresses are also considered personal data and are protected under the GDPR.

7. set cookies

Cookies are a thing of their own and you really need to limit their use so as not to violate the regulation. It is advisable to only set cookies that are necessary for the operation of the website or for which you can credibly justify a legitimate interest - such as for storing the shopping cart content or for member areas. It is also recommended that you display a cookie banner that informs about the use of cookies and gives visitors the opportunity to object to the setting of cookies (strictly speaking, according to the current legal situation, even before any cookie is set). Your privacy policy must also explain exactly what the cookies are for and what they are used for on your website.

8. AV contracts and documentation

If the collected data is processed by another provider, you must conclude an AV contract with them. This applies, for example, to providers, your newsletter provider or large corporations such as Google, if you use Google Analytics, for example. But this regulation also applies to service providers who alone have the possibility of accessing personal data, such as your web designer. You are also obliged to document how and for what purpose you collect and store data. Upon request, you must have this information at hand and be able to comprehensibly show what is stored and for what purpose the data is processed. You can use a directory of processing activities to present this information in a collected and sorted manner. In addition to legal advice from a specialist lawyer, there are also various free templates online with which you could theoretically create such a directory. The AV contracts must also be stored securely and be able to be presented upon request.

Lots to do! And now?

This is not an exhaustive list, but is merely intended to highlight possible stumbling blocks in terms of the GDPR. In individual cases, each website must of course be checked individually. We are happy to help you update your website so that it complies with the DSGVO requirements. We take over the implementation of all measures, which are specified, for example, by your specialist lawyer or data protection officer. Thus, you can ensure that your WordPress website is up to date and you minimize the risk of expensive warnings or even high fines. You are welcome to book an appointment at our agency and we will discuss the details with you over a delicious coffee without any obligation. We are an agency with many years of experience in the field of WordPress, Web design and Marketing and can advise and support you in many ways. We look forward to Your message!

Image source: Designed by Freepik

The landscape of content management systems (CMS) has been constantly changing since the beginning of the Internet age. But for some time now, this change seems to be increasingly ebbing away. If you ask for a suitable CMS solution, the answer in most cases is: WordPress. One could almost get the impression that the entire Internet consists only of WordPress websites. And indeed, WordPress has a considerable market share of over 60% among content management systems (source: / as of April 2018). Far behind following Joomla, Drupal, Magento and consorts. Whether WordPress is by far the best CMS on the market? Quite possibly, in any case, the CMS of the Californian company Automattic probably does not do everything wrong. I, too, usually use WordPress exclusively for my customers' websites. I have summarized some of the most important reasons for this in this article.

1. free and open source
2. powerful and very flexible
3. can be adjusted well
4. simple operation
5. search engine optimization (SEO)
6. safety
7. optimization for mobile devices
8. various multimedia contents possible
9. integration with other services
10. user and rights management
11. multilingualism
12. data protection and DSGVO
13. WordPress gets better every day

1. free and open source

WordPress is completely free and open source software. This means that anyone can use, modify and reproduce this CMS without any limitations. The current and previous versions can be downloaded from the official website. What many people don't know at first is that in addition to the actual free CMS (, there is also a paid managed WordPress hosting from the manufacturer Automattic ( These two different offers should therefore not be confused or mistakenly considered as one and the same.

Note: Just because WordPress itself is free, website owners still incur various costs - mostly independent of the CMS used. This already starts with the hosting of the website, which usually entails monthly or annual fees. In addition, there are numerous free plugins and themes, as well as paid "premium" versions, which offer additional functionalities. Last but not least, there are paid website services like web design, web development or support & maintenance. These are all costs that would also be incurred with another CMS and therefore do not represent a disadvantage when using WordPress.

2. powerful and very flexible

WordPress originally became known as a blogging platform and still leads the pack in this area. Although there are many alternatives, such as Tumblr or Medium, WordPress's blogging engine is now so sophisticated that most of the competitors have their teeth cut out of it. At the same time, the operation of the blog is kept very simple for the user. Even without any programming knowledge, a multitude of functions can be used. The WYSIWYG editor, which will probably become even more powerful with the upcoming Gutenberg update, makes it particularly easy. Other functions include the insertion of various media formats or the planned publication of articles in the future; thus, content can be published when it is most suitable for one's own target group.

2.1 More than just a blog

Although WordPress is still often used as a pure blog, it became clear quite quickly in the early years of the CMS that it can also be used for other types of websites. The team behind WordPress has quickly recognized this trend and ensured not least through numerous updates that the blogging platform continues to develop. In addition to blog posts, WordPress can also be used to create "static" pages in the traditional sense, such as those needed for a small company website. In addition, there is the possibility to create your own post types. So you can create and manage not only blog posts and pages but also portfolio entries, testimonials, galleries and much more (a separate article about custom post types will follow soon).

2.2. any kind of website is possible

The number of possible WordPress extensions is increasing every day. The choice is now so immense that you can use the CMS for every conceivable type of website. You don't have to worry about the functionality, because there are already plugins and themes for almost every purpose. Only real complex web projects will usually require more effort for custom programming. Examples of conceivable websites are:

The list can be extended at will. Thanks to the large community, CMS and extensions always adapt to the current needs of WordPress users.

3. WordPress is easy to customize

As I already mentioned in the previous section, there are numerous ways to customize WordPress to your own needs. The easiest and fastest way to do this is with themes and plugins. Themes take over the visual part and determine how the website looks for the visitor. Plugins are written for a specific purpose and extend the own website by a certain function. For example, there are plugins for search engine optimization, caching, spam defense, security, etc. The number of available themes and plugins now seems almost endless. Most representatives are also completely free of charge. Only more elaborate representatives usually incur one-time costs in the one- to two-digit range.

3.1 Dashboard

Besides themes and plugins, WordPress itself already offers various options for customizing your own website. The own dashboard is the user-friendly command center of every WordPress website, through which one has access to the most important functions and settings. Thereby the user does not have to write any code, but can fall back on the visually appealing interface

3.2 Professional adjustments

Sometimes it happens that there is no theme or plugin for the desired purpose - or you just want greater individuality, for example, in the design of the website. In this case, the CMS gives web designers and web developers easy access to make custom adjustments. The beauty of this is that you don't have to insert these changes directly into WordPress Core, the core of the system; this would be prone to errors and make it difficult to update the CMS. Instead, you use the modular "building block" system and add your own code using your own theme or plugin.

4. simple operation

WordPress is not only easy to customize, but also easy to use. This point is especially important to me for customer websites, because I want to give every website owner the opportunity to change content themselves if necessary - without having to have any programming skills. After a targeted training and some familiarization time, it is possible for every site operator to maintain the most important content himself.

The ease of use is therefore probably one of the main reasons for the success story of WordPress. Already at the very beginning, one has paid attention to the user-friendliness of this CMS. After all, WordPress was originally developed for bloggers who are not very technically savvy and therefore want a simple user interface. The famous "5 minute installation" alone sets WordPress apart from the competition.

Updating the CMS and components is also kept user-friendly: this is done (theoretically) with just one click in the dashboard. But beware: faulty updates or incompatible extensions can lead to the website not working properly later on, or sometimes not working at all. Therefore, always make a backup beforehand and, if necessary, have critical updates done by a professional (for customers we have, for example, own WordPress Support & Maintenance Plans created).

If you really don't know how to use it, you will quickly find what you are looking for on the Internet. Because: Learning materials (articles, videos, images, podcasts) as well as solutions to known questions & problems for WordPress abound. A good place to start is, for example, the official WordPress Support Portal.

5. search engine optimization (SEO)

An important topic for almost all websites: the ranking at the relevant search engines like Google, Bing and Co. WordPress is already very search engine friendly by default. The fact that search engines rank WordPress-based websites very well in their own rankings is based on various statements - partly also from Google employees like Matt Cutts. Those who want to do even more for the search engine ranking can additionally install one of the numerous SEO plugins, which complement other SEO tools. One of the best and most well-known representatives is definitely Yoast SEO, which I install and configure on every WordPress website.

Yoast SEO WordPress Plugin

Yoast SEO - the most popular plugin for WordPress search engine optimization. In the screenshot you can see the setting for this very blog post.

Some points, which WordPress fulfills in the field of SEO, are for example the following:

To conclude on this point, it should be said that there is of course more to a good search engine ranking than using WordPress. Nevertheless, it is a great advantage to use a CMS that already fulfills many important SEO basics.

6. safety

Website security is becoming increasingly important as attacks on online presences continue to grow. It is therefore advisable for website operators to take basic security precautions. After all, a hacked website can cause a great deal of damage, both to the company and to visitors to the site.

Since WordPress is the most popular CMS, it is particularly often the victim of attacks. Of course, the CMS author and the large community have this on their radar, which is why not only basic protection mechanisms have been implemented, but updates are also available at regular intervals. An automatic update mechanism since WordPress version 3.7 also performs smaller security updates, that is, those that have only a small risk of conflict with existing themes and updates, themselves.

In addition, there are various security plugins that can be installed optionally. These include the well-known plugins "Wordfence", "iThemes Security", "All in One WP Security" and many more. If these are configured correctly, there is already a very good protection against known attack possibilities.

Ultimately, however, it is also true that security vulnerabilities are often caused by the user (admin) of the site. Two popular examples are bad passwords and outdated versions of WordPress core, plugins and/or themes. As a website owner, you should therefore take special care and address website security. It is also advisable to create regular backups of one's website, so that in case of an emergency, a cleaned up and functioning version of the website can be quickly put back online.

7. optimization for mobile devices

Optimizing the website for mobile devices is now one of the absolute basics website basics. WordPress comes with all the important tools to make a website responsive - that is, so that it adapts to any screen size. Also the WordPress themes and the WordPress dashboard are optimized for this purpose. A clear advantage for visitors, contributors and search engines (the latter prefer websites optimized for mobile devices).

8. various multimedia contents possible

With WordPress, all common multimedia content can be used. Whether images, videos, audio or documents, the integration is virtually nothing in the way. A variety of file extensions are supported, which should be sufficient for almost all purposes. These include jpg, png, gif, pdf, doc, pptx, mp3, mp4, mov, avi, etc. If a particular file format is not supported, such as the increasingly popular SVG, there is usually a simple workaround for this (for example, this website also uses SVG vector images).

The multimedia content is managed in the media library. This is often sufficient for smaller websites. If you want more functions, you can realize this with plugins. Then the creation of subfolders and galleries is also possible.

Embedding multimedia content is easy with the WYSIWYG (What You See Is What You Get) editor, so even beginners should have no problems.

9. integration with other services

WordPress provides an ideal basis for linking with other services and platforms. For the most popular representatives, there are usually one or even several plugins that make connecting very easy. Most of these services fall into the areas of social media, online marketing, email marketing, analytics, live chat, payment service providers, backup & security, and content delivery network. In addition, services such as "zapier" or "ifttt" can be used to link many other services by allowing users to create event-based automations entirely according to their own preferences. A simple example: "Send a message to a specific Slack channel as soon as a new user has registered.

10. user and rights management

For a CMS, the user and rights management belongs to the small 1mal1. WordPress has done its homework here and offers all the functions you need in this area. Thus, several people can work on the website without having to give each user the full administration rights. The preset user roles look like this:

11. multilingualism

If the own website is interesting for a multilingual audience, then the content should also be provided in the respective languages, for example in German and in English. While there is no basic function in WordPress that enables multilingualism, there are some very powerful plugins that do exactly this job. Popular are for example "WPML", "Multilingual Press" and "Polylang". With these plugins you can create a so-called "Multisite", which then provides the content for different languages. Especially practical: in addition to the actual basic function of making the website multilingual, these plugins provide many helpful tools to work more efficiently with external translators.

12. data protection and DSGVO

For current reasons, the efforts of Automattic and the WordPress community to keep the CMS data protection compliant should be mentioned here as an advantage for the use of WordPress. This includes, in particular, the General Data Protection Regulation (GDPR), which came into force in May 2018. Automattic has created a GDPR compliance team dedicated exclusively to this topic. This includes in particular the creation of a core policy, a plugin policy, various data protection tools and related documentation.

13. WordPress gets better every day

"Some Things Get Better With Age" - WordPress is definitely one of them. Automattic employs some of the best developers in the industry to constantly develop the CMS. This includes not only security updates, but also the addition of completely new features. But the real star behind the success of WordPress is still the community. As an open source project, everyone can contribute to WordPress, for example in the form of themes or plugins. Thus, new extensions are added daily, which can usually be used completely free of charge.

In summary, I can say that WordPress is by far the best CMS at the moment from my point of view and is best suited for the multitude of website types. You are not a WordPress user yet? Then I strongly recommend you to start your first WordPress project.

What is your opinion about WordPress? Feel free to leave your opinion and ideas as a comment.

What could be better than working on a local WordPress installation...? Low load times, full control, independence from remote server and internet! But before you can get started, you need a local development environment. Phew, sounds like work at first, but luckily the web community provides many free tools here, some of which have been doing a great job for over a decade. Local development of WordPress websites: Let's go!

Local Apache web server with XAMPP

One of the most common methods is to install a ready-made Apache distribution on Windows or MAC. One of the best-known complete solutions here is definitely the free XAMPP. This open source package is very easy to install and therefore especially (but not exclusively) suitable for beginners. The package comes with the database solution MariaDB, PHP and Perl. Once the installation is done, you only need to copy a WordPress installation into the htdocs directory and create a new database. Call URL - install WordPress - done! It can be that easy. Various tutorials are already online like sand on the sea. On the official site page is awarded in the category Local Server Stack besides XAMPP also MAMP (for MAC only).

Virtual machine

Another common solution is to work in a virtual environment. For this, a virtual machine must be used, i.e. a completely independent system is simulated by means of special software. For this there are various software such as Hyper-V, VMWare Fusion, VMWare Player and many more. For this article we will look at Oracles virtualization software VirtualBox more precisely. Once the software is installed, there are several ways to trigger a WordPress installation. In the following we will look at two particularly easy procedures.

Bitnami Stack

Bitnami provides a large number of preconfigured open source packages, including a WordPress package. You download this and start it in the Virtual Box. This procedure creates a virtual Linux environment including a ready installed and configured WordPress installation. So you have to take care of almost nothing, but you are also bound to the finished package from Bitnami.

Local by Flywheel

A tool whose name already indicates the intention of "local development": local by Flywheel. It was developed specifically for simple local WordPress installation and is based on a virtual environment. Local by Flywheel is the insider tip for all those who not only want it to be uncomplicated, but are also into various extras, such as:

Those who host their WordPress site with this service can also put their local installation online without any additional tools.

Advanced solutions

Besides these easy to implement solutions, there are many other ways to create a local development environment for WordPress. These are rather recommended for more technically experienced users and will only be touched upon here.

Varying Vagrant Vagrants (VVV)

With the help of VirtualBox and Vagrant, a Ruby application for creating and managing virtual machines, can be used to run a development environment optimized for WordPress. There is a special Vagrant configuration called Varying Vagrants Vagrantswhich was created specifically for WordPress development. Interested parties can for example at the VVV Tutorial on start

Container virtualization (via Docker)

Similar to "normal" virtualization, but with some differences, which should not play a role here. Software for container virtualization is for example Docker. For those interested is suitable the documentation in Docker Hub.

Happy Developing!


You are interested in the CMS WordPress? Maybe you are also interested in my article 13 reasons why WordPress is the best CMS for websites.

Frameworks have become an important part of the WordPress landscape. They add numerous features to the CMS and make life easier for WordPress developers and users alike.

In this article we would like to address the following questions:

WordPress frameworks - a quick start

A framework is in a way a special kind of WordPress theme or WordPress plugin, which has influence on the appearance and the functions of the website. There are different ways how such a framework can be integrated, for example as a parent theme (with own child themes), as a standalone theme (without child themes), or as a plugin (supplemented by a suitable theme). The main difference between a (starter) theme and a framework is that the former only uses the core functionality of WordPress, while the latter extends it. So if you are only looking for "visual assistance" in the development of a WordPress website, you are already served with a simple theme. Who, on the other hand, would like to extend the basic functions of WordPress, which can help themselves to the ever-growing framework gift table.

Various fields of application

WordPress framework developers, by and large, serve two distinct areas of use:

Three advantages of WordPress frameworks

Advantage #1: A framework can be a real kickstarter for a new WordPress project because you don't start from scratch, but can fall back on the development work of other programmers. The large community, which provides a constant stream of new themes, plugins and code snippets, especially for the most popular frameworks, makes the work much easier and the entire user community can benefit from it.

Advantage #2: Frameworks make a site very updateable and customizable. No matter if a new theme version is installed or the appearance is changed completely, the basic functions of the framework as well as the settings defined there are always preserved. For updates, most frameworks already provide a button in the backend, which is why the user does not have to deal with a manual update via FTP.

Advantage #3: Security and SEO - by using (strong) frameworks, the entire website benefits from increased security as well as improved search engine friendliness.

The choice - which framework is right for my project?

Unfortunately, a blanket answer to this question cannot be given, because websites and their creators/users are simply too different for that. Each developer or web designer has personal preferences, and each framework also provides different functions. Therefore, there can be no overall winner for every use case. The choice must therefore be made individually in each case. At least an overview of the currently popular WordPress frameworks (as of 2017) can be given here:

At this point a big Thank you to all contributors who make the use of great frameworks possible!


You might also be interested in my topic-relevant article "13 reasons why WordPress is the best CMS for websites".

Send email
Say hi!

Sebastian Lochbronner
86830 Schwabmünchen


Lochbronner Design Studio goes codeblick - read article here