Last updated on May 12th, 2021 at 09:00 am
Are you one of the just 12% of WordPress admins who are using the right web browser to manage your sites?
Have you ever wondered if you’re using the best browser to manage your WordPress sites? There’s no doubt you have your reasons as to why you use whichever one you’re using now. But is it the right one? Let’s talk about it.
Preferred Browsers by the Community
I recently asked a large group of WordPress users which web browser they preferred to use when managing their sites. I pre-populated the poll with a few of the big players, Chrome, Firefox, & Edge. Respondents were allowed to add their own options as well.
Here are the results:
The results didn’t surprise me very much. Chrome wins out the popularity contest easily, and it’s easy to understand why. Chrome boasts almost 64% of the global market share of web browsers, so it’s no shock that it’s also the preferred editing browser for WordPress administrators. After all, why not design on the browser most of your visitors will be using?
While there’s technically no right or wrong browser to use when managing your WordPress sites, there are benefits to using certain ones. Only 12% of respondents to my poll used a private browser like Chrome in Incognito Mode – and this is what I believe everyone should be using.
Why Incognito Mode is the Way to Go
To be fair to Chrome’s competitors, any browser which offers an Incognito mode option is what you should be using. And if you’re one of the 88% of WordPress admins who aren’t using an Incognito mode browser, you should seriously consider changing your workflow.
Now before you say, “but Incognito mode doesn’t save my settings & views”, let me address that. You’re right. And that’s part of the point. But let’s not get ahead of ourselves, I’m going to start with the primary reason why you should be using a browser in Incognito mode for managing your WordPress sites.
Security is the most important reason why you should be using an Incognito browser. How is an Incognito browser more secure than a regular browser? There are a couple of different reasons.
No Browser Addons
Browser addons like Chrome extensions can be major security hazards. When you add an extension to Chrome, you frequently get a warning that says something like, “this extension can read and write data to Chrome”. This means that you don’t have full control of what’s being written into your websites when you’re working on them.
While most of the extensions are innocuous and provide features you find useful, there are plenty of examples of malicious extensions out there. Just a few months ago, Google removed more than 500 extensions from its online Web Store.
Logon Session Cookies
One of the things browsers like to do is save session cookies. It’s what allows you to remain logged in to a website even after the browser is closed and reopened. When you log into a WordPress website, a 24-hour session cookie is set so the site will remember you for 24 hours in that browser (longer if you checkmark the ‘remember me’ box). This is incredibly convenient – and incredibly dangerous.
Last month’s vulnerability report from the WPScan Vulnerability Database includes 33 new WordPress plugin vulnerabilities. A number of them can only be triggered by a logged-in user. That means if you have a saved login to a WordPress site you administer, and then you visit a website with a malicious script on it, that site could perform actions on your WordPress site with your saved access.
And these attacks actually do happen, they’re not just theoretical possibilities.
Fewer Caching Issues
Every time you close your Incognito browser, it’s browser cache is wiped. If you’re a designer, you’ve no doubt seen many times when you’ve made a change to something on your website but when you view it, the change doesn’t show up right away – that’s because browsers cache common elements of a website so when you visit again, they don’t have to download them fresh from the server. This speeds up the browsing experience, but means you could be seeing an outdated version of the page.
Browser caching is a good thing especially if you have users who regularly revisit your website. But if you’re a designer or content editor making changes, you want to be able to see those changes right away so you know if they look right and revise as necessary.
In some cases, like editing with a page builder, you may find that browser caching breaks your ability to work on your website if you recently installed an update which can be a massive hassle.
More Realistic User Experience
Does your website gain most of its traffic from new visitors? If so, you aren’t getting a preview of their experience on your website if you’re not using Incognito mode on your browser. Since Incognito mode removes browser extensions and caching, you get an experience that more closely matches that of your site visitors.
This is an important distinction because it doesn’t matter how your website performs for you or what your website looks like to you, it matters how it performs and looks to your readers and customers.
So I said I’d address the complaint most folks have with using an Incognito browser – it doesn’t save your settings. So every time you log into the WordPress admin dashboard, your sorting & selections aren’t saved. But is that really a huge price to pay to lower the risk that you could be tricked into compromising your own website? What if you’re managing websites for your clients? Do you really want to be in a position where a client’s website gets hacked because you clicked on a bad email attachment while still logged into the site?
Considering the time at risk that you may have to burn repairing or restoring a website, using an Incognito browser is by far a better and more predictable way to be working on your sites.
If you still refuse to deal with the minor inconvenience of using Incognito mode, at least consider using a browser that isn’t your default browser since viruses and worms will likely open the default browser, and make an effort to actually log off the website when you’re finished working on it instead of just closing the browser.