Last month, I was contacted to fix and restore two websites I had built almost two years ago for clients. Their websites, not updated in several months, fell victim to malware infections and viruses that are running rampant nowadays. While I had no ownership, responsibility or obligation to maintain their websites on a monthly basis, I asked whether they were often updating plugins and software, and maintaining their websites. The answer for both was no.
Every month, new potential security vulnerabilities are discovered in several popular WordPress plugins. In order to prevent any vulnerabilities from affecting your website, it is crucial to always update to the current version of WordPress, and to update plugins.
I cannot stress enough how vital it is to regularly update WordPress itself and keep your plugins updated.
This is why I do my best to service and maintain current partner’s websites on a monthly basis. Updating WordPress to its latest versions, and staying current with plugins will prevent your website from falling victim to a hacker. It will also eliminate downtime that could tragically affect your business and the sales you generate from it.
Malicious hackers have no hobbies. No website is ever 100% safe from online attacks. But WordPress is an especially attractive target, since it is powering close to 25% of all the world’s websites and is open source software – meaning it is readily available for hackers to code through.
There are reasons for some website owners to neglect their site updates. The biggest fault is failure to realize that maintenance and upkeep is required. Another is lacking basic computer knowledge and awareness of logging into the site, locating out-dated plugins, and updating them. Website owners believe that once they have hired someone like me to build and launch their site for them, nothing further would be needed.
To minimize vulnerability, you cannot eliminate online attacks. You can however protect it by updating your software and plugins on a monthly basis. Better yet, I update some of my clients weekly to assure peak performance.
Plugin and software updates might not be enough. On some websites, I have incorporated WordPress malware scanning software, which has been installed to several client websites. I then scan them weekly.
Wordfence Security is 100% free and open-source security software supported by a large team dedicated exclusively to WordPress security. A deep set of features makes Wordfence the most comprehensive WordPress security solution available:
- Firewall blocks complex and brute force attacks
- Security Scan alerts you quickly in the event of a security issue
- Threat Defense Feed keeps Wordfence up to date with the latest security data
- Robust login security features
- Configurable security alerts
- Gain insight into traffic and hack attempts
- Security incident recovery tools
Whether monthly, quarterly, or semi annually, maintenance is an ongoing investment that you will have to budget for your website. Along with reliable website hosting, monthly maintenance is a service some website owners are reluctant to invest in. In the long run, and for assured security, it pays off and leads to a big return of investment.
Updating WordPress and its plugins gives us the peace of mind that we are doing everything we can to keep your site secure. So does my added Wordfence implementation. Having a plan for who is going to update your plugins and secure the website means you can sleep a lot easier at night.
It also means you are far less likely to be alerted of a hacked website by your website hosting company.