Website Best Practices

Below are essential elements to maintain a functional, optimized and secure website for long-term viability. This content is based on universal web standards.

Media

Approved File Types

.jpg, .jpeg, .png, .gif, .pdf

File Size (less is more)

Images (.jpg, .jpeg, .png, .gif)
  • Optimal: under 100KB
  • Max: 250KB
  • Optimize images (suggested resource: tinypng.com)

Note: It is best practice to remove unused images from the media library.

 

Documents (.pdf)
  • Max: 3MB
  • Above 3MB should be hosted on a cloud storage platform (suggested resource: DropBox or Google Drive)

Note: Word docs are not recommended for web. These files may have compatibility issues with certain devices and are easily editable. It is best practice to use PDF’s when sharing a document on the web.

 

Video/Audio

• DO NOT UPLOAD VIDEO or AUDIO
Use: YouTube, Vimeo, SoundCloud, PodBean

Accessibility/SEO

Do’s
  • Include “alt” text (basic description of image content, learn more)
Don’ts
  • Upload images with text graphics (flyers, posters, etc.)
    • Cannot be accessed by the impaired, not ADA compliant
    • Negative impact on SEO

Copy

Word Count

300-700 words per page is optimal for SEO purposes.

Headings (H1, H2, H3, etc.)

Headers are used to structure content for SEO and accessibility.

  • Only use one H1 per page
  • Use headings as a hierarchy of content
  • Keep headings short and direct
  • Clearly describe content below
  • Avoid abbreviations and technical terms

Links

Internal linking
  • When possible, link to existing content on your site rather than duplicating it
External links
  • Target new window
  • Test links (broken links hurt SEO)

Accessibility/SEO

Do’s
  • Include Meta Description
Don’ts
  • Duplicate content

Security

User Creation

It is best practice to NEVER share an individual’s user credentials with anyone else. If an additional user needs access to your website, they need to be issued their own user credentials.

*Some hosted websites may have stricter restrictions than others. This is precautionary, due to recorded potential threats on the site.

 
User Name
  • Do not use email address as user name
  • User name should be unique (i.e. do not use users first name)
  • Never use the following:
    • admin
    • administrator
    • yourdomain.com
    • yourdomain
Password
 
User Roles

Administrator level access should be used with caution. This level of access can alter custom code, paid upgraded features, and the potential to damage your website if not used correctly. Typically Editor level is sufficient to accomplish most business edits.

Website Updates

Current Hive180 Managed Hosting clients: DO NOT UPDATE WORDPRESS, THEMES, OR PLUGINS.

Hive180 Managed Hosting includes quarterly Updates to WordPress, themes, and plugins. In addition, Hive180 monitors sites for security patches as needed.

Plugins

Plugin selection and misconfiguration can open your website to unrecoverable vulnerabilities.

Site Lockout

Causes
  • Too many failed login attempts
  • User has suspicious activity on site
  • User has been deleted
  • User has been hacked
Solutions
  • Wait – some lockouts are temporary and will allow login after 20-30 minutes
  • Reset password