Back in November of this year, we launched a second WordPress survey, this time aimed at understanding how WordPress administrators and website owners manage their WordPress websites. As promised, we will be sharing our findings, which is exactly what this post is all about.
In total, we had 302 respondents who answered thirteen questions in total.
Number of websites and management
The majority of respondents own or manage between one and ten websites, accounting for 42% of all respondents. A slightly larger majority own or manage between 10 and 100 websites, with 33% of participants falling into this category. 17% have just one website, while 7% manage or own more than 100 websites.
When it comes to managing websites, the absolute majority of respondents are the administrators of their WordPress websites, with 87% responding that this is the case. On the other hand, 7% use a third-party service, while 5% have someone in-house tasked with keeping the websites up and running.
One of WordPress’ biggest strengths is its customizability. As it is open-source, anyone can customize it to their liking or requirements; one of the reasons it is so popular all around the world.
Most respondents took advantage of WordPress’customizability with 86% answering they, or a developer they hired, carried out customizations. In contrast, 14% answered they did not customize any of their WordPress websites.
How many plugins one should have on their WordPress website is a question that’s the subject of ongoing debate. With no one right answer available (there are too many variables to consider), we asked participants how many plugins they are actually running on each of their WordPress websites.
59% of respondents have said they have between 5 and 15 plugins, while 25% have more than 15. Conversely, 16% have between one and five plugins running in total.
This goes on to show how integral WordPress plugins remain to the WordPress ecosystem. From aiding in WordPress security and management to extending the functionality of the website, they provide a cost-effective way to boost what WordPress can do – as the figures so clearly show.
Plugin developer loyalty
We were also interested to determine whether brand loyalty plays a part in which plugins customers choose. Of course, we recognize that cool marketing might not necessarily be the deciding factor, with other factors, such as greater chances of interoperability and stability, probably playing a big role.
In fact, 64% of all respondents answered that they make an effort to stick to the same developer whenever possible. 27% of respondents sometimes undertake such efforts, while 7% make no such efforts at all.
64% of all respondents try to stick to the same plugin developer whenever possible.
WordPress user management is a very important aspect of WordPress administration, with some sites supporting a large number of users. We asked a number of questions related to this topic in an effort to understand the scale as well as some of the administrative practices undertaken to manage WordPress users.
Number of users
When it comes to the number of users, we have two groups that take the highest percentage in one of two ties, with the ‘less than five’ group and the ‘100 or less’ group coming in at 25%. The second tie includes the ‘10 or less’ and ‘’more than 100’ groups, both of which sit at 19%. Lastly, 11% of respondents indicated they’re the only ones with a user account on their websites.
As we mentioned earlier, plugins are one of the best available options to extend the functionality of WordPress. One such class of plugins is user-signup, which allows users to signup and make purchases, become members, form a community, and many others.
These types of plugins are very popular, with 81% of respondents having such a plugin on their website. The most popular option is WooCommerce, used by a whopping 42% of all respondents. BuddyPress and MemberPress are also popular options at 17% and 15%, respectively. 19% of respondents do not offer user sign-up facilities, while 6% use a plugin that is not one of the three mentioned above.
- WooCommerce – 42%
- BuddyPress – 17%
- Memberpress – 15%
- Other – 6%
- No sign-ups – 19%
User roles on WordPress offer a great way to segregate users and implement security best practices such as the principle of least privilege. In fact, 75% of respondents make use of user roles, while 16% set all their users to admin. On the other hand, 10% of respondents do not use roles on their WordPress website.
A session management policy is one of the more effective ways administrators have at their disposal to limit certain security risks and fraud. Most correspondents have a WordPress users session management policy in place, helping them keep user sessions in check. In most cases, session policies reflect particular website use cases, which helps explain the different kinds of policies in effect.
|Policy in effect||%|
|I keep a record of logins and logout||45%|
|I terminate idle sessions||16%|
|I disallow multiple sessions||5%|
|No session management policy||29%|
Backups are one of the most critical administrative functions for any WordPress administrator. Backups ensure all the hard work put into the site can be retrieved should a major incident occur.
In fact, only 1% of all respondents do not take any WordPress backups whatsoever. On the other hand, 54% take daily backups, 32$ take weekly backups, and 8% take monthly backups. The remaining 4% take irregular backups with no clear schedule.
The typical WordPress environment offers multiple backup methods. This ensures that everyone can take a backup. Options and required technical expertise vary from one method to the next, which can help us understand the variety of approaches different administrators take to completing this essential task.
Plugins generally offer a straightforward and easy-to-use interface, which can help explain their popularity, with 43% of respondents indicating it as their preferred backup method. 28% prefer to use the backup solution provided by their hosting provider, while 11% take backups manually. 11% use another method to take backups of the websites.
|Preferred backup method||%|
|Hosting provider service||28%|
|I do not back up my WordPress||1%|
Compliance is another big WordPress administration topic, often required to do business in certain jurisdictions and markets. GDPR compliance is one such example – a requirement when collecting any sort of information about EU citizens.
As it turns out, GDPR compliance on WordPress websites is the most important compliance requirement, accounting for 41% of all responses. CCPA comes in a distant second with 20% of respondents, while PCI-DSS compliance is a requirement for only 14% of all respondents.
It has to be noted that 10% of respondents answered they must comply with more than one, most of which indicated GDPR compliance to be one of the compliance requirements they must adhere to.
WordPress security is correlative to its administration. While we carried out a dedicated WordPress security survey earlier this year, we wanted to ask survey respondents whether they have a security breach policy in place. Since having such a policy is typically part of complying with certain laws and standards, we thought it would be interesting to see how many administrators have such a policy in place.
It should then come as no surprise that 78% of respondents answered in the affirmative, while 22% indicated that they do not have a security breach policy in place. The responsibility for overseeing this policy is divided among different actors. At 39%, the majority of respondents indicated they are the ones responsible, followed by their developer (27%) and third parties (12%).
The survey has shown us that best practices are alive and well among the WordPress administrators community. This is especially true among websites that have larger user bases, showing that website growth is more sustainable when getting the basics right.
While we hope that the results give you a good picture of the state of WordPress administration in 2022, we will be doing a deep-dive into particular topics over the coming weeks, so make sure you subscribe to our newsletter and watch this space for more insightful information you can put to productive use on your own WordPress websites.
*** This is a Security Bloggers Network syndicated blog from WP White Security authored by WP White Security. Read the original post at: https://www.wpwhitesecurity.com/wordpress-admin-survey-results-2022/