WordPress Audit Process 2023

This guide attempts to cover the process by which new WordPress projects are assessed as they are acquired. Most of the primary questions can be found on the audit template, and following it outlines most of the areas you’d want to collect information on.

Completing the Audit Template

The questions that are proposed by the audit template will be answered in many different ways depending on the platform and stack. Many answers can be found with the command line if SSH access is supplied but finding answers in the platform’s dashboard may be preferred to better understand the functionality supplied by it.

Techniques

In general, the primary idea is to best understand the potential technical debt that might be acquired by taking on the project. Since WordPress offers many solutions to a problem and has existed for so long, it presents a lot of easy ways to create pieces of code that are hard to maintain and extend. As such, the audit should focus solely on the “extensibility” of a site or how hard it might be for a developer to add new features.

Another aspect of these differences is evaluating how difficult it would be for Kalamuna to adhere to previous development practices and standards. Maintaining a piece of legacy code should be done by trying to mimic the patterns and standards that already exist instead of painting over it slowly.

Tools

Tool

Purpose

Tool

Purpose

Screaming Frog

Provides a quick scan for SEO, redirects, and other common files like Robots.txt and more.

Dynomapper

Provides high-level overview tools for a site’s health.

SiteImprove

Gives accessibility, SEO, and other QA tools.

Lighthouse

Google’s tool for getting a quick understanding of a site’s health.

AXE

An accessibility checker that takes apart pages to visualize common accessibility pitfalls.

PHPCS

PHPCS or PHP Code Sniffer is a PHP tool to check how well a project adheres to the standards of development set by the governing body or the community.

In addition, it is important to have NPM and Composer up-to-date relative to your project to check dependency health.

General Server Questioning

One point of focus for this audit is the health and ongoing status of the server. There is a high amount of pitfalls in allowing the original server configuration to continue, and maintaining a self-hosted instance with a new team may prove impossible. We suggest attempting to ascertain the difficulty of moving the site to an internally managed instance and migrating it to our standards (currently WPEngine).

Audit Template Overview

Executive Summary

The birds eye view of the health of the site.

Current server configuration

A number of questions surrounding the health and portability of the current server configuration.

WordPress Structure Audit

Questions attempting to diagnose common pitfalls with WordPress configuration.

Security Audit

How secure is the current iteration of the site? Does it meet our standards?

Performance audit

Gauging the overall speed with which the browser receives responses.

Custom Code Audit

Are there going to be any sticky messes created by inheriting technical debt inside of custom code?

SEO Audit

Checking the response that search engine result pages give the site. Is the site searchable?