Skip to content
Web Design Company Tampa

Knowledge · WordPress Web Design

WordPress Staging + Deployment Workflows for Real Teams

3 min read694 words

WDCT Senior Strategist Web Design Company Tampa · Editorial
Updated May 16, 2026
14 days kickoff → live $3K–$15K+ scope-tiered WCAG 2.1 AA baseline

Editing directly on production is how WordPress sites break. Page builder hot-fixes that take the homepage down at 4pm Friday. Plugin updates that conflict with theme code. The version control discipline that’s table stakes in software development barely exists in most WordPress operations. Here’s how we run staging and deployments for mid-market clients without engineering theater.

№ 01Why staging matters more than you think

The cost of a broken production site at 11am Tuesday: lost sessions, lost form submissions, lost trust, lost SEO signal (Google notices if your site is down during a crawl). Even 30 minutes of downtime on a $5M B2B site can mean 4-8 lost qualified sessions.

The cost of catching the same issue on staging: zero. Fix the bug, test again, push when clean.

Staging is the cheapest insurance policy in WordPress operations. Every managed host includes it. The discipline is using it.

№ 02Native staging on managed hosts

Kinsta: staging environment per site, one-click clone from production, one-click push staging-to-live. Premium staging (paid add-on) gives you a longer-lived staging that doesn’t share resources with production.

WP Engine: staging + development environments per install. Three-environment workflow (dev → staging → production) built in.

Cloudways: staging clone per application. Push to live requires explicit promotion.

For 90% of mid-market sites, the native staging is enough. The other 10% — sites with complex CI/CD requirements or polyglot stacks — need Git-based deployment.

№ 03Git-based deployment for theme code

Custom theme code lives in a Git repo. Changes go through PR review. Merges to main trigger deployment.

Our typical setup on WP Engine: GitHub repo containing the theme + custom plugins (not WordPress core, not third-party plugins — those are managed via the WP admin). GitHub Actions workflow on push to main: rsync the theme directory to WP Engine via SSH using the deploy key.

On Kinsta: similar pattern. GitHub Actions runs rsync over SSH to the Kinsta server. The theme + must-use plugins deploy automatically.

What stays in WP admin (not Git): third-party plugins (WordPress manages updates), media library (too large for Git), and content (lives in the database).

№ 04The deployment workflow we use

For content changes:

  1. Editor logs into production (or staging, depending on team)
  2. Edits content via block editor
  3. Saves draft, previews
  4. Publishes when ready

Content workflows are direct to production with native WP draft / preview / publish. Staging isn’t involved for content unless the changes are structural.

For plugin updates:

  1. Clone production to staging
  2. Apply plugin updates on staging
  3. Smoke test: every key page renders, forms submit, integrations work
  4. If clean: push to production via host’s ‘push staging to live’ (or repeat the updates on production manually if push-to-live would clobber recent content)
  5. Post-deploy: monitor uptime + Sentry/error logs for 2 hours

For theme / code changes:

  1. Branch from main in Git
  2. Local dev (LocalWP, Docker)
  3. PR review
  4. Merge to main → auto-deploy to staging
  5. QA on staging
  6. Tag a release → auto-deploy to production

№ 05The push-to-live gotcha

The trap: ‘push staging to live’ on Kinsta and WP Engine overwrites the production database with the staging database. Any content changes editors made on production since the staging was cloned are lost.

The fix: split the push into ‘push files only’ (theme + plugin updates) and ‘push database’ (only when staging schema changes are needed). Most plugin updates only need files; database stays alone.

This nuance trips up agencies who haven’t worked through it. We’ve recovered content for two mid-market clients who lost a week of blog posts to careless push-to-live.

What to avoid

  • Editing custom theme code via Plugins → Editor in the WP admin. No version control, no rollback, no review. Direct production edits.
  • Using FTP to deploy. The FTP era ended in 2015. Use SSH or your host’s deploy pipeline. FTP doesn’t preserve permissions, isn’t atomic, and doesn’t recover well from failures.
  • Skipping staging for ‘just a small plugin update.’ Every plugin update is ‘just small’ right up until the one that breaks the homepage. Always staging-first.

Three Ways to Start · No Sales Pitch

Want this analyzed on your site?

$500 audit. 5-day delivery. Refundable on engagement.

01 · Just lookingSee the full WordPress Web Design pageAll tiers, all features, all FAQs.Open the service page 02 · RecommendedGet the $500 audit (refundable)12-20 page PDF on your specific site. Refundable against engagement. 5-day delivery.Start the audit 03 · In a hurryTalk to a strategist now30-minute call. We’ll diagnose live.(813) 555·0190