Setting Up Your Website

image of bicycle with WordPress logo for wheels

Setting up your website or bog is often the most difficult step for bloggers.

Depending on how “techie” you are, this can be very uncomfortable ground. I consider myself reasonably technologically savvy but still struggle at times with these things. 

It would be great to hire someone to do this (on Upwork or Fiverr for example), but that did not make financial sense for me when just starting out. 

The good news is that you can do this yourself. It’s easier than ever before. 

But if things go wrong, you will pull your hair out. Hopefully that will never happen to you – and following the advice below based on my lessons learned will help – but just a heads-up. 

Without further ado, here are the steps for getting your website ready. 

Top Tip - If you prefer to read these materials in bite-size pieces, start here and select "Next" at the end of each post.

Choosing a Web Host 

Don’t sweat about this too much because you can always change web hosts later (though switching can be a hassle). As long as you select a web host that expressly supports WordPress, you’ll be fine.

Over the years, I have used the web hosting providers 1and1, bluehost and SiteGround. (I currently use SiteGround).

Even in the early days with 1and1, I only ever had one problem with them.  It was a big, painful problem, mind you, but that’s still not too bad over the 6-year period I was with them.

1and1’s online portal and help pages could certainly be better but in terms of the important things like downtime and technical glitches they were good except the case mentioned.

My wife’s blog,, is hosted by bluehost. She has not been blogging for as long as me, but so far so good for her experience with bluehost. She is yet to encounter a problem with them. 

Bluehost is more expensive than 1and1 and SiteGround is more expensive than bluehost, but I’d say the quality of each service matches their price levels.

If you want to run an ecommerce store to sell products (whether products you make, stock or dropship), it's hard to beat Shopify for hosting your site.

  • SiteGround – best quality and amazing customer service from $3.95 per month
  • bluehost – good quality and fine customer service from $2.95 per month
  • 1and1 – decent quality and bare bones customer service from $0.99 per month
  • Shopify – best for ecommerce from $29.00 per month 
  • Do You Need a Security Certificate (SSL) for Your Site? 

    Your preferred web hosting provider may offer “SSL”, usually as an add-on to your web hosting package for an additional price.

    SSL simply means having a secure site. In practice this means a URL starting with https://.... (note the ‘s’). SSL is the technology that encrypts the traffic between your visitor’s web browser and the server where your web site is hosted. 

    I would recommend you go for it.

    It's a must for ecommerce sites but is anyway good to adopt as it is increasingly becoming the norm. Plus, having SSL will give you a tiny bump up in Google’s eyes for its search engine rankings.

    Obtaining an SSL certificate through your web hosting provider is ideal as this should minimize any implementation issues. You can also arrange SSL through a third party but it may not always be easy to implement with your existing web host, but they should be able to help guide you.

    In either case, always remember to back up in full before making the switch to SSL as things can go off the rails during the switch. All the more reason to embrace SSL from the get-go if possible. 

    Eventually in Google Search Console, you should see secure URLs being crawled and indexed by Google, which nominally helps your SERP rankings.

    Adopting SSL Later 

    If your site started out as unsecure (as mine did) and you later upgrade to an SSL certificate (as I did), remember in WordPress to change your website’s URL under Settings > General to (adding an ‘s’ to the end of the ‘http’ portion).

    Wordpress Settings General

    When switching, be prepared that some of your WordPress plugins might not work.  This is less of a problem that it used to be as SSL is becoming the norm, but this did happen to my social sharing buttons.  

    Even if your plugins continue to work, they make "break" the secure link and result in the lock icon disappearing from your visitors’ web browser, sometimes turning red in warning. This defeats the benefit of your visitors seeing the lock icon and feeling safe visiting your site. 

    Related, if you need to retain one or more posts or pages as unsecure, you can use 301 redirects in your WordPress settings to revert specific posts or pages to an unsecure status. You may discover that certain elements or scripts on a particular post or page do not work with SSL.  

    For example, my post is still a non-secure page (it starts with http only with no added ‘s’) because the script it relies on does not work with SSL.

    Use WordPress. Full Stop. 

    WordPress isn’t perfect, but it is free and well supported, both for plugins (tools) and themes (the look and format of your site). Keep your life simple and use WordPress. 

    Rather than fill pages with basic WordPress information, I simply point you to the best resources.

    For the best general WordPress guides, it’s hard to beat all the great, free information on the support pages of the official WordPress support site

    If you are in a hurry and happy to pay a little, also check out WP Train Me for full access to 500+ premium training courses.

    Things I Wish I’d Known about WordPress from the Start 

    WordPress has a few oddities that I should warn you about. Below are some things I wish I knew about using WordPress in my early days. They might help you too.

    Posts vs Pages 

    It is important to differentiate between Posts and Pages

    Wordpress posts vs pages

     When you create new written content in WordPress, you can create it as a Post or a Page (see screenshot). The difference between the two is not immediately intuitive, so let’s look at them in some detail.

    Most of what you write will be Posts. Pages are intended for content that doesn't really change such as Contact Us or About pages, or landing pages you created for specific ad campaigns. 

    Generally speaking, Pages do not have comments enabled, are not set up for adding Categories and Tags and are not date specific. 

    Plugins are also set up to deal mostly with Posts and Post-related functionality (for example, to take full advantage of Categories and Tags).

    When in doubt, create a Post

    I didn't appreciate this difference in the early days and found myself with a site full of Pages. This wasn't the end of the world, but my site took a big hit for some months when I converted most of my Pages to Posts so that I could benefit from Categories and Tags as well as some cool features offered by many WordPress plugins.

    Categories & Tags 

    Here's the bottom line for Categories and Tags:

    • each of your Posts should have one and only one Category
    • each of your Posts should have one or more Tags

    Generally, Categories should match items in the main menu of your website. Tags are more like index entries listed at the end of a book.

    In other words, a Post belongs to one broad Category but could be described by a number of Tags.

    And just because you can apply multiple Tags to a Post doesn't mean you should. There is nothing wrong with a Post having only a single Tag

    It is easy to add, delete, change and updated Categories and Tags, so don't worry about them too much provided you follow the two bullet points above. 

    Your “Home Page” (WordPress Front Page) 

    Like me, you will one day find yourself cursing WordPress while trying to find the “home page” settings.  WordPress’ menus are not always intuitive and that’s especially true for this feature.  

    I use a static page as my home page because I want to control exactly how it looks. 

    A static home page (or front page in WordPress-speak) means designating an individual published Post (or Page) as your site’s default home page. In WordPress, go to Settings > Reading > then designate from the drop down the "Front page" you want.

    How to set your home page

    When you want to edit your “home page”, simply edit the Post or Page you had designated here as the front page.

    The other option for Front page displays, Your latest posts, is a bit old-fashioned and will simply be a list of your latest blog posts in the order, number and way you choose among the available options.


    Once you start writing and publishing posts, you may delete others over tme.

    When you delete or “move” (rename) a post, you don’t want visitors landing on the old URL and getting an ugly error page.

    Google will hate these dead links too (called 404 errors).

    Whenever you delete a post, you should redirect its old URL address to that of a new post. Ideally, this should be a post similar to the old one. If no such post exists, you can always redirect visitors to your home page.

    To redirect old or broken URLs, use a ‘301 redirect’ plugin for WordPress (see screenshot).

    If Google Search Console is informing you about 404 errors (also known as dead links), use such a plugin in WordPress to point old, obsolete, missing or deleted posts to new ones.

    The redirect feature in the free WordPress plugin Yoast SEO is even easier to use. 

    Choosing the Right WordPress Theme for your Site 

    Warning! You may go crazy trying to choose a theme for your website. No joke.

    There are so many themes clambering for your attention (and affiliate sites touting them) that the process of choosing one can be utterly paralyzing.

    When you start to do your own research, you’ll quickly see what I mean. I won’t go into the pros and cons of all the various themes as there are zillions of them. 

    For me, I eventually decided on ThriveThemes and soon graduated to a full-fledged monthly membership to make sure I would always have access to all of their excellent themes, visual editor and plugins. Thrive is particularly well-suited for an affiliate site (like mine) as it is super-focused on conversions

    If you run a photo blog or video blog, your requirements may be different, although to my mind a conversion is a conversion. For example, my wife’s travel blog is also fully Thrive-based.

    Make Sure the Theme is Responsive 

    Whatever theme you choose, it must be “responsive” or in other words mobile-friendly. But these days it’s pretty hard to find a theme, even a free one, that is not mobile-friendly.

    The point of responsiveness is that while your site might look great on your Windows desktop computer, how does it look on an iPhone versus an Android tablet? Or with a different web browser or different operating system? Remember, not everyone uses what you use. Always review your website and new posts with a number of different devices and web browsers.

    You should do these checks from time to time. I'm always amazed how I later find issues, sometimes major ones, upon casually browsing my site over a morning cup of coffee or during my train commute (or, let’s be honest, during bathroom breaks).

    Should You Enable Comments on Posts or Not? 

    Almost all themes will support visitors being able to leave Comments on your blog posts.

    Whether to enable comments, is not as much of a no-brainer as you might think. Intuitively, you would think, The more interaction the better so, yes, of course, I will enable comments on my posts!

    However, many comments are spammy, negative, nasty or downright hostile in nature. On my competitors’ sites, I have seen plenty of critical comments such as: "You don't know what you were talking about". On balance, I decided not to enable comments when I first started out even though that was completely contrary to the conventional wisdom.

    Plus, quite apart from that consideration, posting replies to comments is time-consuming and the rate of return is quite low for the investment of your time. Better to invest the same time and energy drafting new posts or tweaking underperforming posts.

    Further, if you enable comments you will need a plugin like Akismet or other tool to help stop spammy or bot (automated) comments from polluting your blog.

    Of course, you could simply censor comments that don’t help you, but vetting comments also takes yet more of your precious time. 

    Some bloggers don't mind negative comments because, after all, it's still engagement and may help bring more visitors and increase your search engine rankings. 

    “Good or bad, as long as they're talking about you”, as the saying goes.

    Eventually, I did worry I was missing out and eventually enabled comments on my posts. It hasn't been as time intensive as I was worried about, thanks in part to the Akismet plugin automatically casting aside the spammy ones. 

    The bigger problem is legitimate comments that contain questions I never get around to answering or which I answer only after a lot of time has passed. I think this looks bad, but I don't always have time to answer everything, let alone answer everything quickly.

    Choosing the Right WordPress Plugins 

    Plugins are important (especially as time goes on) but it is easy to go overboard.  Less is more, especially in your early days. Here, I recommend only the most essential plugins you need for your WordPress site.

    As you are just starting out, concentrate on free WordPress plugins (for each category below, I try to include a good free choice). Otherwise it's easy to spend a considerable amount of money before you have earned a single cent in profits from your website. 


    If you have a good web host, you can rely on their backup features. For example, my SiteGround web hosting plan includes daily backups and an easy-to-use backup restore tool. 

    If you want to use a backup plugin, whether as your primary or secondary backup option, I can recommend UpdraftPlus

    In either case, you should also perform the occasional manual WordPress backup, especially before making big changes or updates to your site. 


    Sucuri security

    It’s hard to go wrong with the free WordPress security plugin, Sucuri

    I especially like that it sends me an email every time anyone logs into my WordPress site or tries to log in. It also sends messages whenever anything on my website is added or modified. 

    This free plugin has protected me from plenty of hackers. 

    It all started when one day I noticed almost in real time some hackers trying to get into my website. I needed a solution fast!

    A lot of paid plugins were touting their solution but I didn't want to pay anything if I didn't have to. Securi’s free plugin solved the problem. 

    It limits the number of unsuccessful login attempts from any given IP address which helps prevent brute force dictionary attacks (see screenshot).  

    My site still gets attacked on a regular (at least weekly) basis, but no breaches so far. I wonder how many people’s sites are being attacked and they don't even know about it!

    Sucuri also offers reasonably-priced premium security protection if you are interested (I’ve stuck with the free plugin so far).

    Wordpress user admin

    With security in mind, please do not use WordPress’ default administrator account username “admin”. That makes things just that much easier for hackers. 

    Instead, create a new administrator account and delete (or reduce the access privileges) of the admin account.  You can do this in WordPress’ Users menu item.

    Social Media Sharing Buttons 

    There are zillions of social sharing buttons available for WordPress. Some of the best free ones are offered by Sumo.

    Plus, it is likely that your WordPress theme may already come with some decent social media sharing buttons.

    Search Engine Optimization (SEO) 

    SEO is an acronym you will hear a lot. It stands for search engine optimization. As a blogger, you will soon become very familiar with SEO. It’s the best way to attract visitors to your website for free

    An SEO plugin will help you make the most of your SEO efforts.

    This is another no-brainer. Use the free WordPress plugin Yoast SEO, full stop. 

    This deservedly popular plugin uses an easy traffic light system (green, yellow, red) to inform you about which posts are in good shape for SEO. 

    It also has an easy to use URL redirect tool for when you rename or delete posts and want to direct visitors to a successor post. 

    The free version is just fine. However, once you start hitting about $1,000 per month I’d say you can take the plunge for Yoast SEO Premium. The premium version lets you optimize multiple focus keywords for a single post, imposes stricter recommendations for cornerstone post content and much more.

    Yoast SEO

    Yoast SEO is an essential WordPress plugin for all bloggers

    Broken Link Checker 

    The free Broken Link Checker WordPress plugin is a great and fast way to find and fix broken links on your site.

    The plugin is constantly scanning your content for broken links. As soon as it finds a broken link, it sends you an email. Click on the link in the email to go right to the problem, fix it (or confirm it’s OK) and you’re done.

    This helps ensure your site’s UX (user experience) stays good. This in turn helps your Google ranking as visitor bounces are reduced. 

    Just be careful to set the plugin’s scanning frequency not too high as this could slow down your website. The default settings are just fine.

    Broken Link Checker email notification

     Broken Link Checker will send you an email whenever it finds broken links on your website

    Broken Link Checker

    Broken Link Checker also displays broken links in WordPress too

    Link Shortener 

    Pretty Link is a free link shortening and cloaking WordPress plugin. 

    It lets you easily change long, ugly affiliate links leading to partner landing pages (or any long links for that matter) to sleek ones with your own domain name included. 

    In other words, instead of a link such as, you could use a nice, clean link such as 

    pretty link

    The Pretty Link plugin lets you create short, clean links in one second

    The Pro version has some additional handy features such as time-limited links which you can be set to expire (for example, after a special offer period closes). The Pro version also features detailed reports which affiliate sites, like me, may appreciate including for double-checking how many clicks you are sending to partner site landing pages. 

    To me, this is a must plugin for a start-up affiliate site. Many experts will recommend you use manual redirects for affiliate links (for faster page load speeds for one reason) but Pretty Link is just so darn easy and nearly as fast.

    I may hire a developer to implement manual redirects at some point, but I still don't yet feel the need. If you think this is a BIG mistake, let me know why in the comments below.

    Visual Editor 

    Thrive Architect (formerly Thrive Content Builder) is a what-you-see-is-what-you-get editor to replace WordPress’ awful built-in editor. You will wonder how you ever managed without it.  It’s not free, but worth every penny. 

    Of course, you can stick with WordPress’ built-in editor for the early months or even years of your website, as I did. 

    But eventually I “graduated” to Thrive Architect and use it for all of my new posts and content. There are other visual editors on the market too, including cheaper ones.

    Site Search 

    WordPress’s built-in search is notoriously crappy. But it’s fine when starting out. 

    I had many problems with the built-in search but wasn't too bothered as the data in Google Analytics kept showing that visitors would land on my site, maybe visit a second page and then be gone (hopefully via a call to action). ☺ 

    In other words, visitors were not sticking around to browse, let alone use the internal site search to find, additional content on my website. As an affiliate-oriented site, that was fine by me. The quicker I sent visitors to a partner’s site, the better.

    But I eventually wanted a better site search. The need also arose in part because more of my posts were being authored in Thrive Architect and were not being indexed at all by WordPress’ built-in site search. In other words, these posts were not being displayed in the results of my internal site search. 

    Unfortunately, by this time, Google had already decided to shut down Google Custom Site Search which looked like a good option.

    I eventually decided on, a reasonably-priced premium service. It indexes your website’s posts just like Google and also lets you weight some posts more heavily, such as your money-making cornerstone posts. If you decide to buy it, enter coupon code nerel6ys at checkout for an additional 5% off.

    Spam Comment Blocker 

    The Akismet Anti-Spam plugin for WordPress will save you from having to spend time manually rejecting comments from bots and the like. 

    This plugin is not free per se but its Personal Plan lets you pay whatever you want. 

    Akismet spam comment blocker

    The Akismet plugin blocks spammy comments from being posted to your website

    Akismet report

    Just look at the number of spam comments Akismet has blocked

    Set Up Google Analytics and Google Search Console Right Away 

    I strongly recommend you implement Google Analytics (GA) and Google Search Console (GSC) on your website. It is quick and easy to do so, especially if you already have a Google account such as for Gmail. 

    After you sign up to GA, you then paste a tiny bit of code across your website. Most WordPress themes will have an easy ‘Paste Code for Google Analytics Here’ type option (see screenshot).

    GA tracking code

    Adding the tracking code for GA is easy in most WordPress themes.

    Even if your WordPress theme doesn't have this feature, many good free WordPress plugins exist that let you do the same thing.

    Once implemented, Google Analytics and Google Search Console will both keep very detailed statistics of the visits to your website. 

    Just one example is Google Analytics’ Traffic Flow report. This shows you where visitors arrive at your website, how many leave right away (called the "bounce rate"), the other pages they visit, how long they stay on your site, which page they leave from and sometimes even how they leave (for example, by clicking on a call to action). 

    If your promotional efforts are generating lots of visitors, but they quickly leave in droves then you have valuable information that your website, posts and calls to action need more work.

    Google Search Console does not get the attention that Google Analytics does, but GSC has some rich data that is not available from Google Analytics. 

    For example, GSC’s reports can tell you which exact keyword searches people perform in Google that bring them to your website. Essential! I highly recommend you use it, especially as it is easy to set up.

    You can even link your GA and GSC accounts so that some of the valuable keyword data from GSC is displayed in GA.  

    Why Google Analytics is So Critical 

    GA is also essential if you run any Google AdWords campaigns or plan to (see the Pay-per-click (PPC) & AdWords section). GA can be further linked to your AdWords account and is a handy way to see if your promotional efforts in AdWords are paying off and attracting visitors to your website. 

    For example, I implemented a modest Google AdWords campaign and, using GA, could see the number of visitors arriving at my landing pages and how many further interacted with my calls to action (CTA). 

    If the numbers are disappointing, you have some insights into the landing pages and CTAs you may need to change. If visitors initiate a CTA or stay on your website (moving on to a second page), your landing pages are probably fine. 

    But if almost everyone quickly leaves after visiting (called “visitor bounces”), you know that those pages need more work. 

    When you Have a Technical Problem, Try Not to Panic 

    One Saturday morning I woke up to find that visitors to my homepage were being prompted to download a pretty suspicious looking file!  Yikes!!

    I immediately thought I'd been hacked and started to panic.  I very nearly started emailing all kinds of expensive consultants to help me with my (perceived) hacking problem.

    Then I calmed down a bit, immediately backed up my site (no harm) and started looking for the cause of the problem.

    I checked the Recent Logins as reported by my WordPress Sucuri Security plugin, but didn't see anything suspicious or out of place. I used the plugin to scan my site for malware and it came up clean.

    I checked Google Search Console's Malware section and it didn't report any issues with my website. Years ago I had experienced a brief malware problem and Google Search Console (then called Webmaster Tools) detected it quickly back then.

    Still in Google Search Console, I executed a Fetch of the problematic URL (my homepage).  Low and behold, the log disclosed the problem (see screenshot)!  

    screenshot of Google Search Console's Fetch

    Google Search Console's Fetch

    This quickly revealed the source of the issue and thankfully I was able to take care of it myself.

    I had no idea what changed to cause the issue as I hadn't done anything to my website for a couple of days. But at least I found the cause.

    I visited my homepage with a number of different devices and even asked my wife (she was travelling) to check, and the problem seemed solved.  Phew, but what a nasty episode.  

    The point of this little anecdote is, if you find yourself in similar mysterious circumstances, take a deep breath and calmly look into it before reaching out to your webhost, a developer, consultants or any third parties in a panic.

    Panicking may only result in lost time and money.

    Subscribe to our Newsletter!

    We know you're time-starved and promise not to bug you too often. 🙂 Of course, we respect your privacy and won't share your email address. 

    Spread the word

    Last modified: September 5, 2018