Kalamuna Support Client Onboarding Checklist (WordPress flavor)

Owned by Jeff Hebert
Last updated: Jul 26, 2023
2 min read

When onboarding a new Support client from a previous agency or host, certain information is vital to ensure we will be able to work on and manage the site.

Document the existing site with screenshots of the home page and key internal pages, along with screenshots of Page Speed Insights.
Ensure we (or the client) have access to:
Registrar (for pointing DNS to new server address)
cPanel / PLESK
SSH root access to the server
SFTP/FTP Access for site files
Hosting environment logins (address, username, password)
Code repo (Github, etc)
Database
Licensed fonts (logins for Adobe, etc or ensure the files are on the server and available for use)
Other necessary API account logins (Google ReCAPTCHA, etc) – we don’t have to have the actual logins ourselves but we should make sure the client has them
Ensure that all WordPress plugins have licenses owned by the client or Kalamuna, and that we can log in to the plugin creator’s sites for updates and such.
All existing documentation and assets (brand books, design files from Figma or Photoshop or what have you, technical documentation, high-resolution or vector logo files)
Premium theme logins if any
Set up client-specific internal Kalamuna documents
Create or update client-specific support spreadsheet with facts about the project
JIRA project
Drive folders
Perform in-depth technical audit
Security audit
ADA/WCAG/WAVE accessibility audit
Outline issues and put them into backlog
Speed test before and after migration
Reach to the client with report
Check compiler status (Node version, etc, does it compile, do they have it etc)
Do they have CI, are we able to deploy. Are we going to be migrating them to our infrastructure or keep their current one.
Mailer channels, can they log in and access
Make sure form emails go to them and not their agency
Remove old developer SSH keys
Survey of browser compatibility
Security remediation
Review all existing WordPress user accounts
Make sure roles and access are correct
Change all passwords
Block old admins
Virus scan
Review the wp-config.php file for rogue settings
Do a database sweep & clean for unused tables, etc. (WP Sweep or another database cleaning plugins)
Spam protection (reCAPTCHA with their license, Akimset, etc.)
Make sure they have Sucuri or WordFence, some kind of secure plugin
Make sure they have SSL cert active and current
Plugin remediation
Remove unnecessary plugins
Update all plugins and WordPress core to the latest versions
Install necessary plugins (WordFence, backup automation, caching plugins, etc)
Update deployment process to work with our workflows
Make sure support can install and compile project on their machines
Have a meeting with their old developers if possible to exchange information
Have a meeting with the client to learn about immediate needs
Make sure they have current and valid contracts with their hostings for a sufficient time to bridge the gap till the Kalamuna support contract is in place
Make sure their domains aren’t about to expire
Ensure backups are in place before starting (database and files, including Uploads)
Check email hosting to make sure our servers won’t be responsible for it
Update Admin email