WordPress is a great platform for building a website. From a simple 1 page site, all the way through to complex systems that offer clients live pricing, stock levels or the ability to book an appointment, WordPress can do it all.
With over 40% of all the websites on the Internet built into WordPress, and over 200 000 plugins, it has become the platform of choice for most new developers. It also has a massive target on its back from Hackers. Learn how to hack one WordPress site, and you can hack any WordPress site.
To counter this threat WordPress and the plugin developers are constantly updating the WordPress Core, and the plugins. As the website owner it is your job to make sure that you run all these updates.
WordPress will offer an auto update option on most plugins and themes. The problem comes in when the update breaks your website, or the update crashes halfway through and your entire site goes into critical error mode.
Even worse are the companies that just don’t update their core and plugins. If you can imagine a traditional shooting target, the first month the target on your website is just the bulls eye. Each month after that you add an extra ring, until the target is so big, it is almost impossible to miss.
Why this is bad for your business?
Hackers will do one of the following to your website:
- Delete the entire site. You need to make sure you have a solid backup strategy in place to counter this.
- Deface the website or point the site to another site – normally a phishing site
- Embed malicious code into your site.
Google takes a dim view of the bottom 2 options, and you can end up on their unsafe site list. When this happens visitors to your website get a big red screen letting them know that it is unsafe to visit your site. If you have first time visitors getting that message you can be almost certain that you will never see them again.
How do I avoid it?
Make sure you run regular updates. Log in at least once a month, preferably once a week and run all the updates. We recommend doing them one at a time so that you can make sure that your site is still working properly. It shouldn’t take you more than half-an-hour per week to run all the updates.
I don’t have time for that.
If like most business owners, you spend all your time working and the thought of an extra 30 minutes a week puts you off, we have a solution for you.
We have developed a system that will allow us to automate your updates. The system takes a snap-shot of your website before and after any updates. If there is more than a set percentage difference between the before and the after snapshot, it will the roll back the update.
In addition to the automated updates, we also run monthly speed test and broken link checks to make sure that all your updates are noting messing with your site in ways you can’t think of.
Should you have any questions, please feel free to contact me on email@example.com.