Staying Secure Means Staying Up-to-Date
WordPress is the most powerful and flexible Content Management System available. It is used by millions of websites and powers billions of page-views per day. It is has been built and enhanced over many years to become the website publishing platform of choice for small to medium-sized businesses.
Why is it so good?
One of its core strengths comes from the fact that it is open source and time tested. This means it is completely free to use and built by a community of experts. These experts work together to continually enhance and expand the features of WordPress, keeping it at the forefront of technology. When you download the code, you own it; you do what you want with it, and you can make it do exactly what you need it to do.
What’s the catch?
Here is the catch (and it is not a big one), because it is open source, and everyone can see the code with which it is built, it can become vulnerable when a security issue is found. The WordPress community issues regular updates to fix these security issues, and over the years, most of the issues have already been removed, but when a new issue is found, you need to update your software. Constantly keeping your version of WordPress up-to-date is critical to keeping your website online.
Updating your software is like changing the oil in your car. Do it every so often and you will never have a problem. Avoid it too long and it will lead to total and costly failure.
Why can’t I update it myself?
Well, you can, but in the event something goes wrong, there is no ‘undo’ button. Your best bet is having a backup to revert to, but this is no simple task and at best can cause many hours of website outage and frustration. Sometimes this can take days to fix.
The WordPress software is only one component of your website. You also have the ‘theme’ which styles your website and the plugins that add functionality to the site. When updating, there is potential for any one of these elements to have an unexpected issue, something that can cause your site to go down.
WordPress plugins are one of the biggest benefits of using the platform, but they also add an element of complexity when updating.. Each plugin is it’s own piece of software and while each plugin is built so it should not break WordPress, it can. Also, plugins are developed by independent providers, they are not always maintained. There are plenty of plugins that have not been updated in years. So updating WordPress and not knowing how the plugins are affected could lead to a serious site failure.
What do you recommend?
Not everyone is in the know when it comes to WordPress security patches, but that’s where your developer comes in. No doubt, they are well-versed and up-to-date when it comes to these types of normal hurdles. A developer can upgrade your site in a development environment prior to doing it on the live site. This will allow them to find any potential issues and fix them prior to performing the upgrade on the live site. In addition, they will have a backup plan in place and be prepared to fix any other issues that arise.
How often should I upgrade?
We recommend you upgrade your site at least once every 3 months at the minimum, and in cases where major security issues arise, upgrades should be performed asap. We also offer a yearly contract to our clients that will cover them for updates throughout the year. With that we will also monitor their site for malware, bugs, and any downtime.