General
- 404 page
- Pick www or non-www and force a redirect
- Add Humans.txt to site
UI
- Favicon
- Basic elements have styles
<a><p><ul>/<ol><blockquote>
- Print friendly CSS
- Check for enough color contrast
- Check for accessibility
- Do webfonts load properly on a computer that doesn’t have the font installed locally?
- Test site in “Read Mode” on Firefox and iOS
SEO
- Run though a quick SEO Audit scanner for glaring issues
- Pages have SEO titles
- Alt tags on images
- Sitemap has been created
- Robots.txt file has been created
- Site is set to be crawled by the search engines
- Social oriented Open Graph Protocal (included in Yoast SEO)
Site Speed
- Images are scaled to the ideal size and run through a compressor
- CSS is compressed and consolidated
- Javascript is compressed and consolidated
- Run web.dev scan and fix accordingly
WordPress Specific
- Check the Site Title and Site Tagline
- Update the general setting’s email address and Timezone
- Update WordPress permalinks
- The custom theme’s screenshot.png has been set
- Install the Brute Force Login Protection plugin
- Add the following to wp-config.php outside of the “# BEGIN WordPress” and “# End WordPress.” `# Block the include-only files. RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L]
order allow,deny deny from all
Prevent WP Admin from editing theme and plugin files
define(‘DISALLOW_FILE_EDIT’, true);`
- Set permalinks
- Set site timezone
- Install Yoast SEO
- Set Authentication Unique Keys and Salts: https://api.wordpress.org/secret-key/1.1/salt/