At iTCHYROBOT, we have been developing and hosting WordPress themes and plugins for over a decade now. Our skilled team has provided solutions for a wide range of clients, from FTSE 100 listed corporations through to hotel chains, high transaction e-commerce fitness websites to brochure-based websites.   

Over the years, we have transferred a number of websites to our care and this has lead us to notice trends and commonality in the issues we are asked to address by clients.


Our top bug bears revolve around security. With more and more cyberattacks and scams floating around the internet than ever, security should be top of your priority list. However, many people don’t take small, initial steps to improve their site’s security. So, the first three errors are quite basic and often come down to clients ignoring advice their webmaster probably gave them!

  1. Using the default Admin account 
  1. Keeping the wp database table prefix 
  1. No changing the security keys in the wp-config file

Leaving these settings at their default makes it child’s play for hackers to infiltrate your site, as this information is already common knowledge on the internet for anyone with a vague interest in hacking. However, if you’re not too website-savvy, these things are likely beyond your ability or knowledge to change.


The next common errors affect performance. Whether it’s users being driven away by your slow website, or staff being frustrated when trying to make changes to the backend of the site, poor performance can be a death knell.

  1. Not using the blocks builder and instead opting for a page builder that bloats and slows your website. 
  1. Continuing from point 4 is installing a load of plugins to improve caching and performance for your bloated page builder! Page builders often come bundled with plugins. If you see that they include one to help performance, it’s likely to try and counteract the decrease in speed that the builder causes.
  1. Installing plugins that do the same job.  We often get shown sites where the client says they’re too slow.  When we analyse the sites they have often have multiple plugins designed to do the same thing, or countless plugins installed to try and fix issues with performance etc.

General Maintenance

Last set is related to housekeeping. Just like a car, websites need regular maintenance to keep running properly.

  1. If you insist on having loads of plugins, at least make sure they are kept up to date. Updates often include new security features that help to prevent cyberattacks.
  1. Have a load of deactivated old plugins and themes that you are not using – delete them! 
  1. Continuing point 5 when clients wish to improve performance, remember – you get what you pay for! If you pay £2.99 per month for shared hosting located somewhere far away – the chances are that your non-optimised hosted environment is the single biggest issue affecting your website speed. Choose decent hosting with excellent support for best results. This is a critical element for speed and security so don’t skimp out. 
  1. Last of all is all down to Sod’s Law – if it can go wrong, at some point it will! It’s how you recover that counts and backups are key. Not all backup solutions are equal and MUST be based on your needs. If you run a very busy ecommerce website, then losing a day of data and orders could be catastrophic so a single daily backup likely is not going to cut it.  We have noticed a trend on hosting providers charging for backups and clients not selecting the option as everything is good just now.  Our hosting setup uses advanced solutions to ensure that optimal recovery points are always available on the unfortunate off-chance that they’re required one day.

How We Do It

In the categories above, all the issues are addressed and managed by iTCHYROBOT technical staff for our customers.  We have collectively 40+ years in developing hosting environments, building websites and are now focused on supporting WordPress sites.

Stringent Security Measures

Our systems come with a range of security levels. There are gateway firewalls and intrusion detection systems which trigger before even getting to the hosting servers. Then on servers themselves, we have Firewalls, Antivirus, Malware Detection, and automatic banning of access based on stringent rules. 

At WordPress level, we operate some core plugins that protect, monitor, and report login and other actions performed on the website.  These are reported to the server logs, where rulesets dynamically configure firewall actions which gradually restrict down to outrightly blocking user access for the most severe misdemeanours. 

By building layers and depth in our security we are able to protect our client’s website, data and their businesses. 

Also within this camp is the basics of the admin account and WordPress configuration.  Your site is setup by iTCHYROBOT techs (humans) not bots and follows our deployment procedures.  We have been doing this a long time and are good at what we do. We have our own login system for our sites which works off user verification, rather than passwords, eliminating one of the weakest links for security.


When it comes to performance, we use top quality hosting environments and can provide plenty of advice and options for optimizing your website. This is what we do and why we have retained the majority or our clients over the years. 

Throughout our existence, we have inherited many WordPress websites from companies that specialise in PPC or SEO, rather than being dedicated website developers. These companies often take on website builds and produce something nice using lots of plugins and free themes, but that hits a glass ceiling at a point in time with most businesses. We understand our limits and create fantastic websites which can then be marketed by PPC or SEO companies that we work alongside. They know the nuances and intricacies of search engines down to the wonderful code names of new Google algorithms. We know the nuances of webservers, database optimization, replication and code and optimization and improvements.

Penetration Testing

The same is also true for accessing security. We can expertly review code and secure it against a range of issues, but even highly skilled developers need to be audited. We have great relationships with external security testers who are dedicated experts in picking holes in systems and we would rather know about these so we can fix them before they become an issue. 

Client Training & Upskilling

Housekeeping and updating is something of an essential task. Lots of clients do not want to pay for monthly support and want to update the site themselves – this initial enthusiasm often wanes over time and the skills of a single person does not match that of a team. At iTCHYROBOT, we are the sum of our people and we love to share our skills. 

What we have noticed over the years is that by sharing our knowledge with clients and providing free training for our VIP clients, they stay more engaged in updating their websites. Clients love to be creative, and in our training, we cover image editing & optimization, WordPress editing (fundamentals to advanced), marketing lead generation and data capture & handling mail workflows to support business goals. 

Having access to expert developers, marketing professionals and digital media producers means we can support and advise on how to bring your ideas to life. WHY DO IT ALONE? Have the iTCHYROBOT team as a digital and marketing extension to your business and we will see you in our afternoon virtual training sessions.

We know our lane very well is what we’re saying, and we know that by sticking to it, we can continue to provide a top quality service. If you would like your WordPress site to be handled and managed by experts, get in touch