A look under the hood of a well built WordPress website, describing the plugins, patterns, processes, and tools that I use and recommend to build high quality custom WordPress websites.
High-quality WordPress sites are becoming increasingly rare, unfortunately, with heavily overbuilt themes customized by resource-intensive page builders like Elementor becoming the norm. Many of these sites are slow, restrictive, error-prone, and result in companies resenting WordPress, feeling it’s not a suitable tool.
This article outlines the things that I personally recommend to clients, as well as things I’ve observed being used by the best WordPress agencies worldwide. While entirely situational and opinionated, I hope there are valuable insights here for you.
Cloudflare
Cloudflare DNS provides advanced security, bot and DDoS protection, and optimizations that greatly improve page speed scores. It significantly enhances WordPress site security, making firewall plugins like Wordfence unnecessary.
Kinsta Hosting
Kinsta offers fast, secure, and fully managed WordPress hosting, providing:
- Built-in staging environment
- Daily snapshot backups
- Redis object cache
- Pre-configured Varnish page cache
With Kinsta, you’ll spend no time managing your server stack, a tremendous benefit over traditional hosts and even other specialized WordPress hosts. WP Engine is a close second.
GitHub
GitHub private repositories store all code-related work for disaster recovery and maintain a clear project history vital for business continuity. Clearly labeled commits help tremendously, allowing collaboration between internal developers, external freelancers, and contractors, while providing transparency into all changes.
Git Deployment
Git-based deployment is, in my opinion, the ideal deployment method. Many agencies recommend pipeline or CI deployments, but these slow down processes and add unnecessary complexity for WordPress. With Git deployment, changes deploy in 5–15 seconds, compared to a minute or more with pipelines.
SEO Plugins
Yoast or Rank Math for SEO helps optimize:
- Page titles and meta descriptions
- Open Graph sharing tags
- Schema.org markup
- XML sitemaps
- Robots.txt management
Both plugins work equally well; ranking differences are negligible and depend more on how effectively you use them.
Google Search Console
Google Search Console monitors and optimizes your organic SEO by ensuring your site is fully indexable, identifying keywords driving traffic, showing keyword rankings, and notifying you of malware detection.
Google Tag Manager
Google Tag Manager, added to your custom theme’s head section, tracks and manages third-party scripts for advertising and analytics. Benefits include independent management by marketing teams, version control of changes, and reliable testing and previewing without requiring staging environments.
Google Analytics
Google Analytics tracks site analytics configured with enhanced and recommended events (e.g., form_start and form_submit) for lead tracking, along with custom conversion events. Using a single profile across multiple sites (with separate GA4 streams) simplifies management, filtering, and reporting via GA4, Looker Studio, or BigQuery.
BigQuery
BigQuery acts as your data warehouse, allowing you to store and own data from:
- Google Search Console
- Google Analytics
- Google Ads
- Salesforce
- HubSpot
You can create dashboards in Looker Studio or run detailed analyses. Sales teams use this setup effectively, identifying leads from companies visiting B2B sites, enabling targeted outreach or drip campaigns.
Looker Studio
Looker Studio dashboards provide quick views of key business metrics, offering a customized single source of truth superior to standard GA4 interfaces, with fully filterable, configurable insights tailored to your business needs.
Gravity Forms or HubSpot Forms
For web forms, I recommend:
- Gravity Forms: Configured with Cloudflare Turnstile spam protection and styled to match your brand seamlessly.
- HubSpot Forms: Customized using CSS and JavaScript snippets. Avoid creating multiple forms for tracking purposes; use hidden fields for attribution instead, simplifying your setup considerably.
HubSpot
HubSpot for marketing automation is standard practice. Although I find it overpriced, it remains effective for email marketing and CRM functionalities.
WP Migrate DB Pro
WP Migrate DB Pro efficiently handles data migrations between localhost, staging, and production. It’s especially beneficial when onboarding new developers, accurately testing changes, and content approval workflows. For high-security profiles, you can run live sites in read-only mode, deploying approved changes from staging sites.
Advanced Custom Fields Pro
Advanced Custom Fields Pro manages custom CMS controls, template-specific meta boxes, and custom Gutenberg blocks. Custom blocks built with this are easier to create, maintain, and understand, ensuring content marketers publish safely while preserving brand integrity—something increasingly rare as design and content management become intertwined.
Custom WordPress Theme
A custom theme precisely matches your brand and loads exceptionally fast. Avoid overly complex starter themes (like Roots Sage), as these become cumbersome and problematic long-term. I detailed my stance in a recent Smashing Magazine article.
WordPress Configuration
Professional B2B and B2C sites follow common configuration patterns:
- Set permalinks to single-level slugs.
- Disable comments or require login.
- Create dedicated Home and Blog pages.
- Set the homepage and blog page under Settings > Reading.
- Adjust time zone and date formats for consistency.
I also recommend these technical WP Config settings:
php
define('DISABLE_WP_CRON', true);
define('WP_AUTO_UPDATE_CORE', true);
define('AUTOMATIC_UPDATER_DISABLED', false);
define('WP_ENVIRONMENT_TYPE', 'production'); // or 'staging', 'development'
Disable WP Cron in favor of server cron provided by Kinsta or WP Engine, enable automatic updates, and set environment variables clearly.
Custom Functionality Plugin
A custom functionality plugin stores minimal customizations and logic separate from your theme, preserving vital functionality across theme changes. Use namespaced, object-oriented patterns for cleanliness and maintainability.
SMTP Email Delivery
SMTP email delivery ensures reliable inbox delivery, especially when configured with providers like Mailjet, complete with DMARC, DKIM, and SPF records. Essential for password resets, notifications, and form submissions.
Disabling WordPress Junk
Disable unnecessary WordPress core features to improve speed, security, and predictability. Commonly disabled features include emojis, XML-RPC, JSON API, and XFN, among others rarely needed on professional B2B or B2C sites.
Developer Tools
Bonus recommendations for developers to enhance workflow and quality:
- Query Monitor: Quickly diagnose and resolve PHP issues.
- WP Crontrol: Manage scheduled cron tasks efficiently.
- Rewrite Rules Inspector: Easily manage and test custom rewrite rules.
References and Links
- Google Analytics Recommended Events
- Smashing Magazine Article on Minimal WordPress Setups
- Cloudflare
- Kinsta Hosting
- WP Engine Hosting
- Yoast SEO
- Rank Math SEO
- Google Search Console
- Google Tag Manager
- Google Analytics
- BigQuery
- Looker Studio
- Gravity Forms
- HubSpot
- WP Migrate DB Pro
- Advanced Custom Fields Pro
- Mailjet
- Query Monitor
- WP Crontrol
- Rewrite Rules Inspector