Website Best Practices

Below are essential elements to maintain a functional, optimized and secure website for long-term viability. This content is based on universal web standards.


Approved File Types

.jpg, .jpeg, .png, .gif, .pdf

File Size (less is more)

Images (.jpg, .jpeg, .png, .gif)
  • Optimal: under 100KB
  • Max: 250KB
  • Optimize images (suggested resource:

Note: It is best practice to remove unused images from the media library.


Documents (.pdf)
  • Max: 3MB
  • Above 3MB should be hosted on a cloud storage platform (suggested resource: DropBox or Google Drive)

Note: Word docs are not recommended for web. These files may have compatibility issues with certain devices and are easily editable. It is best practice to use PDF’s when sharing a document on the web.



Use: YouTube, Vimeo, SoundCloud, PodBean


  • Include “alt” text (basic description of image content, learn more)
  • Upload images with text graphics (flyers, posters, etc.)
    • Cannot be accessed by the impaired, not ADA compliant
    • Negative impact on SEO


Word Count

300-700 words per page is optimal for SEO purposes.

Headings (H1, H2, H3, etc.)

Headers are used to structure content for SEO and accessibility.

  • Only use one H1 per page
  • Use headings as a hierarchy of content
  • Keep headings short and direct
  • Clearly describe content below
  • Avoid abbreviations and technical terms


Internal linking
  • When possible, link to existing content on your site rather than duplicating it
External links
  • Target new window
  • Test links (broken links hurt SEO)


  • Include Meta Description
  • Duplicate content


User Creation

It is best practice to NEVER share an individual’s user credentials with anyone else. If an additional user needs access to your website, they need to be issued their own user credentials.

*Some hosted websites may have stricter restrictions than others. This is precautionary, due to recorded potential threats on the site.

User Name
  • Do not use email address as user name
  • User name should be unique (i.e. do not use users first name)
  • Never use the following:
    • admin
    • administrator
    • yourdomain
User Roles

Administrator level access should be used with caution. This level of access can alter custom code, paid upgraded features, and the potential to damage your website if not used correctly. Typically Editor level is sufficient to accomplish most business edits.

Website Updates

Current Hive180 Managed Hosting clients: DO NOT UPDATE WORDPRESS, THEMES, OR PLUGINS.

Hive180 Managed Hosting includes quarterly Updates to WordPress, themes, and plugins. In addition, Hive180 monitors sites for security patches as needed.


Plugin selection and misconfiguration can open your website to unrecoverable vulnerabilities.

Site Lockout

  • Too many failed login attempts
  • User has suspicious activity on site
  • User has been deleted
  • User has been hacked
  • Wait – some lockouts are temporary and will allow login after 20-30 minutes
  • Reset password