Contact Us
Home » Insights » Hiring a WordPress Developer: What to Ask and What to Expect (2026 Guide)

Hiring a WordPress Developer: What to Ask and What to Expect (2026 Guide)

Made on

Finding the right wordpress developer as a needle in the hay
Needle In A Haystack” by t_buchtele is licensed under CC BY-NC-ND 2.0 .

Hiring the right WordPress developer can transform your digital presence—or become an expensive mistake. This part-two of our WordPress hiring guide provides the questions, answers, and insights you need to make informed decisions.

Part 2: For Hiring Managers – 10 Questions to Ask Before Hiring a WordPress Developer

These questions help you assess whether a candidate or agency can deliver what you need.

1. “Can you show me examples of WordPress sites you’ve built from scratch?”

Why you should ask this: Portfolio work reveals actual capability better than resumes or certifications.

What to look for:

  • Variety of project types and complexity levels
  • Sites that are still live and maintained
  • Custom development vs. theme customization
  • Performance and code quality

Red flags:

  • Can only show theme installations with minor tweaks
  • Portfolio sites are broken or offline
  • Can’t explain their specific role in projects
  • All sites look identical (template reuse)

Follow-up questions:

  • “What was your specific role in this project?”
  • “What challenges did you face and how did you solve them?”
  • “Can I see the actual code or a code sample?”

What good answers include: Examples of custom theme development, plugin development, complex integrations, performance optimization work, and the ability to explain technical decisions clearly.

2. “How do you approach WordPress security?”

Why you should ask this: Security breaches are expensive and damage reputation. You need someone who builds secure sites from the ground up.

What to look for:

  • Proactive security measures (not just reacting to problems)
  • Understanding of common WordPress vulnerabilities
  • Update and maintenance strategy
  • Backup and recovery planning

Strong answers mention:

  • Input sanitization and output escaping
  • User permission management
  • Regular security audits
  • Two-factor authentication implementation
  • Activity logging and monitoring
  • Secure hosting environment selection

Red flags:

  • “WordPress is secure by default”
  • No mention of security plugins or practices
  • Doesn’t understand common attack vectors
  • No backup or disaster recovery plan

3. “What’s your process for optimizing WordPress performance?”

Why you should ask this: Slow sites lose visitors and hurt SEO. Performance should be built in, not bolted on.

What to look for:

  • Systematic approach to performance
  • Understanding of multiple optimization layers
  • Measurement and validation methodology
  • Ongoing monitoring strategy

Strong answers include:

  • Database query optimization
  • Caching strategy (page, object, CDN)
  • Asset optimization (images, CSS, JavaScript)
  • Hosting environment considerations
  • Mobile performance optimization
  • Core Web Vitals understanding

Questions to ask:

  • “How do you measure performance improvements?”
  • “What tools do you use for performance testing?”
  • “How do you handle image optimization?”

Red flag answers:

  • “Just install a caching plugin”
  • Can’t explain different types of caching
  • Doesn’t mention measurement or testing
  • Focuses only on one aspect (like images)

4. “What hosting platforms do you have experience with?”

Why you should ask this: Different hosts have different capabilities and limitations. You want someone who understands your hosting environment.

What to look for:

  • Experience with enterprise/managed WordPress hosting
  • Understanding of hosting’s impact on performance
  • Knowledge of your specific platform (bonus if Pantheon!)
  • Server-level optimization capability

Strong answers mention:

  • Managed WordPress hosting platforms (Pantheon, WP Engine, Kinsta)
  • Understanding of server-level caching
  • Database optimization on managed platforms
  • CDN configuration and integration
  • Multi-environment workflows (dev, test, production)

If they have Pantheon experience, ask:

  • “How do you use Pantheon’s dev/test/live workflow?”
  • “Have you worked with Pantheon’s Redis object cache?”
  • “What’s your experience with Terminus CLI?”

Red flags:

  • Only experience with shared hosting
  • Doesn’t understand managed WordPress hosting benefits
  • Can’t explain hosting’s impact on performance
  • Resistant to learning new platforms

5. “What’s your experience with modern WordPress—the block editor, Full Site Editing, and block patterns?”

Why you should ask this: This reveals whether they’re current with WordPress’s direction or stuck in 2018.

What to look for:

  • Understanding of block-based development
  • Experience with FSE and theme.json
  • Custom block development capability
  • Block pattern creation

Strong answers include:

  • Built custom blocks (either with JavaScript or ACF Blocks)
  • Created block pattern libraries for clients
  • Understands theme.json for design systems
  • Can articulate when to use blocks vs. page builders vs. classic themes
  • Follows WordPress development roadmap

Questions to ask:

  • “Have you built a Full Site Editing theme?”
  • “How do you create custom blocks?”
  • “What’s your approach to block patterns for client sites?”
  • “When would you use FSE vs. a classic theme?”

Red flags:

  • “I still prefer classic themes for everything”
  • Hasn’t explored FSE or blocks at all
  • Can’t explain what theme.json does
  • Only familiar with page builders, not native blocks
  • Dismisses block editor without understanding it

6. “How do you handle custom functionality—plugins vs. custom code vs. custom blocks?”

Why you should ask this: This reveals their development philosophy and whether they’ll create maintainable solutions or plugin-bloated messes.

What to look for:

  • Balanced approach (not dogmatic)
  • Understanding of when to use plugins vs. custom code
  • Code maintainability considerations
  • Security implications

Strong answers include:

  • Use established plugins for common functionality (SEO, forms, security)
  • Write custom code for unique business requirements
  • Build custom blocks for reusable content patterns
  • Evaluate plugin quality before installation (reviews, update frequency, support)
  • Consider long-term maintenance and updates
  • Understand performance impact of plugin choices

Follow-up questions:

  • “How do you evaluate plugin quality?”
  • “When would you write custom code instead of using a plugin?”
  • “How do you handle plugin conflicts?”

Red flags:

  • “I can build everything custom” (reinventing wheels)
  • Installs tons of plugins without consideration
  • Doesn’t evaluate plugin security or performance
  • Can’t explain their selection criteria

7. “What’s your approach to responsive design and mobile optimization?”

Why you should ask this: Mobile traffic often exceeds desktop. Mobile performance directly impacts conversions and SEO.

What to look for:

  • Mobile-first development approach
  • Understanding of responsive design principles
  • Mobile performance optimization
  • Cross-device testing methodology

Strong answers mention:

  • Mobile-first CSS approach
  • Touch-friendly interface elements
  • Performance optimization for mobile networks
  • Testing across actual devices (not just browser tools)
  • Progressive Web App concepts
  • Core Web Vitals for mobile

Questions to probe deeper:

  • “How do you test mobile performance?”
  • “What’s your approach to mobile navigation?”
  • “How do you handle images for different screen sizes?”

8. “Can you explain your testing and quality assurance process?”

Why you should ask this: Testing separates professionals from amateurs. You don’t want to be the QA department.

What to look for:

  • Systematic testing approach
  • Multiple testing layers
  • Browser/device compatibility testing
  • Staging environment usage

Strong answers include:

  • Functionality testing (all features work as specified)
  • Cross-browser testing (Chrome, Firefox, Safari, Edge)
  • Mobile device testing
  • Performance testing
  • Security testing
  • Accessibility testing
  • User acceptance testing process

Red flags:

  • “I test it on my computer”
  • No mention of staging environments
  • Doesn’t test across browsers or devices
  • No documentation of testing process
  • Goes straight to production without testing

9. “How do you handle project communication and timelines?”

Why you should ask this: Technical skills matter, but so does project management and communication.

What to look for:

  • Clear communication protocols
  • Realistic timeline estimation
  • Progress update methodology
  • Issue escalation process

Strong answers include:

  • Regular status updates (weekly or bi-weekly)
  • Project management tools (Asana, Trello, Basecamp)
  • Clear milestone definitions
  • Change request process
  • Availability and response time expectations
  • Documentation practices

Questions to ask:

  • “How do you handle scope creep?”
  • “What happens if timelines slip?”
  • “How do you communicate technical issues?”

Red flags:

  • Vague timelines (“it’ll be done soon”)
  • Poor communication track record
  • No project management process
  • Defensive about questions or feedback
  • Overpromises on timelines

10. “What ongoing maintenance and support do you provide?”

Why you should ask this: Websites require ongoing maintenance. Understand what’s included and what costs extra.

What to look for:

  • Clear maintenance offerings
  • Update and security monitoring
  • Support response times
  • Emergency support availability

Strong answers include:

  • Regular WordPress core, plugin, and theme updates
  • Security monitoring and patching
  • Performance monitoring
  • Backup verification
  • Uptime monitoring
  • Content updates (if applicable)
  • Monthly reporting

Questions to clarify:

  • “What’s included in base maintenance?”
  • “What’s your response time for emergencies?”
  • “How do you handle breaking changes from updates?”
  • “What are your support hours?”

Red flags:

  • “You’re on your own after launch”
  • No structured maintenance plans
  • Unclear about what’s included
  • No emergency support option
  • Can’t explain update process

BONUS: “How do you price projects and what’s included?”

Why you should ask this: Clear pricing and scope prevents disputes and budget overruns.

What to look for:

  • Transparent pricing structure
  • Clear scope definition
  • What’s included vs. additional costs
  • Payment terms and schedule

Strong answers include:

  • Fixed-price for defined scope or hourly for ongoing work
  • Detailed scope documentation
  • Change order process
  • Payment milestones tied to deliverables
  • What’s included in base price (training, documentation, etc.)
  • Separate maintenance/hosting costs

Questions to ask:

  • “What’s not included in this price?”
  • “How do you handle changes to scope?”
  • “What are typical additional costs?”
  • “Do you offer payment plans?”

Red flags:

  • Pricing significantly below market rate (too good to be true)
  • Unclear about what’s included
  • No written estimates or contracts
  • Pressure to pay everything upfront
  • Won’t provide references or examples

Red Flags for Both Sides

Warning Signs of Problem Clients/Agencies:

  • They want “just a quick WordPress site” for unrealistically low budget
  • No clear project requirements or constantly changing scope
  • They “had a developer who disappeared” multiple times
  • Unwilling to discuss or commit to timelines Want you to use pirated themes or plugins
  • Expect 24/7 availability for non-emergency support
  • Won’t pay for proper hosting or development environment
  • Have unrealistic expectations about what WordPress can do
  • Don’t understand the value of modern WordPress features (blocks, FSE)

Warning Signs of Problem Developers:

  • Can’t explain technical concepts in understandable terms
  • Badmouth all previous clients or employers
  • Promise unrealistic timelines or features
  • Won’t provide references or portfolio examples
  • Are defensive about questions or code review
  • Don’t ask questions about your business or goals
  • Only know how to install themes, not actually develop
  • Can’t explain their development or testing process
  • Aren’t keeping up with modern WordPress (blocks, FSE, patterns)
  • Dismiss the block editor without understanding it

Final Thoughts

Look beyond technical checklists. The best WordPress developers combine technical excellence with communication skills, professional practices, and genuine interest in solving your business problems. A developer who understands FSE and block patterns but can’t communicate clearly is less valuable than one who can do both.

Ask about modern WordPress features—if they’re not current with blocks and FSE, they may struggle with WordPress’s direction over the next few years.

The WordPress ecosystem continues evolving—from Gutenberg blocks to headless implementations, from modern JavaScript frameworks to performance optimization demands. The developers and teams who thrive are those who combine solid fundamentals with adaptability and continuous learning.

WordPress in 2026 looks very different from WordPress in 2020, and the trend toward block-based, editor-focused development will only accelerate.

+Contact Knihter to discuss opportunities. As a Pantheon Platinum Partner specializing in enterprise WordPress development, we’re always interested in connecting with talented developers who embrace modern WordPress and helping businesses find the right technical partners.

Related Services:

  • WordPress development team augmentation
  • Technical WordPress consulting and audits
  • Pantheon platform expertise and optimization
  • WordPress developer training and mentorship
  • Custom block and FSE theme development