Sarah Gooding of WPTavern posted an article talking about why you should clean out your WordPress. She compares a cluttered WordPress directory to leaving clothes all over your floor. The two reasons for keeping it clean is security and ease of use.
Plugins are often on the forefront of WordPress housekeeping lists. This is probably due to the fact that on a normal WordPress site you’re usually running just one theme and then multiple, sometimes dozens, of plugins. Unused plugins in the mix make it inconvenient to scroll through the list and troubleshoot conflicts. They can also pose a security risk if they’re not updated.
Because WordPress is now powering more than 1 in 5 websites on the internet, WordPress sites are a prime target for hackers and spammers. If your site isn’t secure, hackers can use your themes as entry points. They’ve studied WordPress themes and know how to take advantage of them to forge an all-out attack on your site, your server and its resources.
The article suggests that you keep two themes in your directory: the theme you are currently using as well as a default theme for backup. You can always upload another if you need to.
Outdated versions of WordPress, Themes and Plugins are the most common cause of hacked websites. Make sure that you keep everything updated that you have installed! Having too many Themes and Plugins to keep up with can make it difficult to stay on top of that.
She gives a checklist for cleaning your WordPress directory:
- Remove all unused WordPress themes (with the exception of one default for fallback)
- Update any themes that you are keeping
- Make sure permissions on your wp-content and themes directories are 0755
- Enable automatic background updates