How To Put Your WordPress Site On Autopilot Maintenance Mode

That first site you created awhile back isn’t working out. It’s dear to your heart. You spend way too much time on it. But you have much bigger projects on hand, and you need to let the first one go. You don’t have to shut it down, you just have to not spend any more time on it.

Here’s how to sunset a WordPress site gracefully (hint: automate everything).

1. Set up auto-renewal of domain and hosting.

You don’t want to wake up one day and find your site is down because you forgot to renew the domain or the hosting. Punch in your credit card details, turn on auto-renewal, and let your host do their thing. Domains don’t cost a lot, and hosting won’t either if you have other bigger projects on the same account. If you have ads on your site, it might even pay for itself.

2. Set up background auto-update of WordPress core, themes, and plugins.

There are a few updates that WordPress handles automatically,

  • minor point core updates
  • critical themes and plugin updates, as decided by the WordPress team

But that’s not enough. You want your WordPress to update everything on its own, so you don’t have to keep coming back and apply them.

This is easy to achieve. The WordPress.org Codex has an article on how to turn on automatic background updates by adding a few lines of code to wp-config.php or to a site specific plugin.

Related: How to automatically update themes and plugins in WordPress

3. Amp up your site’s security.

There are endless ways to improve your site’s security, and it’s impossible to know or cover all of it. But the following steps have the basics covered.

3.1. Read point 2 above. This solves 90% of the problems.

3.2. Use Jetpack and turn on the Protect module. It will prevent brute force attacks on your site.

3.3. Use Single Sign On. This will disable native login (wp-login) on your site, and let you use your WordPress.com credentials instead. Here’s an article on how to turn it on. Make sure you have two factor authentication enabled on WordPress.com.

3.4. Ditch outdated plugins. WordPress plugins are wonderful, but if one hasn’t been updated in six months or more, it’s time to uninstall it. It’s probably been abandoned by its developer, and any future security holes discovered in the plugin will leave your site open to attacks.

3.5. Use a theme that’s regularly updated and looks future proof.  Using a theme that is no longer maintained by its developer, or one that may not keep up with the design trends in a few years, is not a good idea. Choose wisely.

3.6. Put your website behind a security service like CloudFlare. This is totally optional, but CloudFlare provides excellent security and performance benefits for free, and many more features for a fee. We have covered CloudFlare a ton of times before – you can go through those posts here.

4. Check, and double check your site’s layout, widgets, footer text, user profile, etc.

And then, triple check everything. This may not seem like a big deal, but it is. You don’t want to randomly visit your site one day, find something amiss, and have to log in to fix it.

You also want emails coming from your site to land in your inbox, so check if all the information in your profile and site settings are correct.

Check if Google Analytics and WordPress Stats are configured properly, so the stats keep updating.

5. Fix broken links, images.

Don’t leave broken links and images around. Use the Broken Link Checker plugin to check and fix them. You don’t even have to hunt around for the correct replacements, you can just remove the broken stuff and be done with it. No one will notice.

6. Check for errors in Google Search Console. Fix them.

If your site gets some traffic from Google and other search engines, you don’t want that to taper off suddenly. Log in to Google Search Console (and Bing Webmaster Tools, if Bing sends you traffic), check for crawl errors, and fix them. It’s very hard to have zero errors at any given time, and they will usually keep building up over time. Just fix as much as you can, one last time. If Google Search Console has some recommendations, follow them. You’re not gonna do this any more, so invest a bit of time in fixing and future proofing whatever you can.

7. We were kidding. You have to keep coming back.

Okay, hear us out. It will be just once in a few months, if everything works as planned, but it’s gonna happen.

Every two weeks or so, run your site through Sucuri SiteCheck. The protections you set up will hold their own, but it’s always good to have a periodic check. Every six months, log in to Google Search Console and check for crawl errors. If your site still gets search engine traffic, fix the errors. Every six months, log in to your site dashboard, and check for plugins that haven’t been updated in a while. Remove them.

Set up a reminder for all these tasks in your note taking app, so you don’t forget them.

Enable the Monitor module in Jetpack, so that you will get emails when/if your site goes down. If it stays down for a long time, check with your web host.


That’s the basic checklist. If you have ever abandoned a website and have your own points to add, we would love to know.

This post is dedicated to PC Tonic, my first blog. After years of tinkering with the site but neglecting the content, I have finally decided to stop working on it. 

We run automated tests to catch spam, and moderate comments as per our policy. Your comment may take some time to appear below this post.